The U.S. national security establishment drew fierce criticism after Sept. 11, 2001 because it hadn’t shared data that could have prevented the attacks that day – its so-called failure to “connect the dots.” In response, government officials sought to make it easier for agencies to share sensitive information. Then, as the United States went to war in Iraq and Afghanistan, efforts that began after the Persian Gulf War to push more timely intelligence to personnel on the front lines also were ramped up.
But “that aperture went too wide,” Secretary of Defense Robert M. Gates said after WikiLeaks began disclosing sensitive materials last year. So, Pentagon officials say they have begun to take steps aimed at preventing future breaches:
■ Disabling the “write” capability on most computers in SIPRNet, the military’s secret-level classified network. The 12 percent of computers that retain the capability are under strict controls, such as requiring two persons to be present when downloading information onto a CD-ROM or other removable media.
■ Issuing smart cards with special identity credentials required to log on to SIPRNet. The cards allow holders access to only those portions of the network that contain information relevant to their jobs. The goal is to “both deter bad behavior and require absolute identification of who is accessing data and managing that access,” said acting Pentagon Chief Information Officer Teresa Takai. The plan is to issue 500,000 cards by 2012.
■ Working with the Office of the National Counterintelligence Executive to create a formal insider threat program.
■Piloting insider threat detection technology developed by the National Security Agency.
■ Developing an information technology audit to identify suspicious behavior on all Department of Defense information systems.
“We’re very aware of the need to share information on behalf of the war-fighter,” said Col. Sean Broderick, senior analyst working for the Pentagon chief information officer. “Our goal is to deploy tools that ensure people have access to the data they need and appropriately restrict access to data they don’t need.”
Last November, after WikiLeaks announced it was releasing State Department cables that reflected diplomats’ candid views of foreign governments and their policies, the State Department suspended SIPRNet access to its database of cables, though access remains available via a more limited classified military network. Officials testifying before Congress said the department has updated policies that ban the downloading of classified information to removable media such as thumb drives and CDs. It also continues to deploy an automated tool that monitors the classified network to detect anomalies.
“Simply put, we must more consistently sort out what we share before determining how we share it,” Ambassador Patrick Kennedy, State Department undersecretary for management, said to Congress in March.