Hours ahead of an imminent release of classified U.S. documents by WikiLeaks and several publications across the globe, the Pentagon “condemned” what it called a “reckless” act, and said it has initiated measures to prevent such leaks in the future.
“As we have in the past, we condemn this reckless disclosure of classified information illegally obtained,” Pentagon spokesman Bryan Whitman told Pentagon correspondents ahead of the release of classified U.S. documents by WikiLeaks and several other newspapers.
Providing journalists with the context and details regarding ongoing efforts to prevent further compromise of sensitive data, Mr. Whitman said as a result it would be now much more difficult for a determined actor to get access to and move information outside of authorised channels.
The Department of Defense, he said, has undertaken a series of actions to prevent such incidents from occurring in the future.
On August 12, Defense Secretary Robert Gates commissioned two reviews to determine what policy, procedural and/or technological shortfalls contributed to the unauthorised disclosure to the WikiLeaks website.
As a result of these two reviews, a number of findings and recommendations are in the process of being reviewed and implemented, including directing actions to include disabling all write capability to removable media on DoD classified computers, as a temporary technical solution to mitigate the future risks of personnel moving classified data to unclassified systems, he said.
It also includes directing DoD organisations to have limited number of systems authorised to move data from classified to unclassified systems (similar to a KIOSK concept, where it is necessary to meet at a central, supervised location to conduct this activity).
DoD organisations have also been directed to implement two-person handling rules for moving data from classified to unclassified systems to ensure proper oversight and reduce chances of unauthorised release of classified material.
They have been asked to develop procedures to monitor and detect suspicious, unusual or anomalous user behaviour (similar to procedures now being used by credit card companies to detect and monitor fraud).
Mr. Whitman said 60 per cent of DoD’s SIPR-net is now equipped with HBSS (Host-Based Security System) — an automated way of controlling the computer system with a capability of monitoring unusual data access or usage. DoD is accelerating HBSS deployment to its SIPR-net systems.
The Pentagon is also conducting security oversight inspections in forward-deployed areas, he said, adding that it also is undertaking vulnerability assessments of DoD networks, besides improving awareness and compliance with information protection procedures.
For example, the Pentagon spokesman said, the US Central Command (CENTCOM) has: increased “insider threat” training focusing on awareness of associated activity, initiated multi-discipline training between traditional security, law enforcement and information assurance at all echelons.
The CENTCOM has also established “Insider Threat Working Groups” to address the WikiLeaks incident and prevent reoccurrence and informed all personnel of restrictions on downloading to government systems and cautioned regarding personal IT systems.
Observing that the 9/11 attacks and their aftermath revealed gaps in intra-governmental information sharing, he said the Department of Defense and agencies have taken significant steps to reduce those obstacles, and the work that has been done to date has resulted in considerable improvement in information-sharing and increased cooperation across government operations.
“However, as we have now seen with the theft of huge amounts of classified data and the WikiLeaks compromises, these efforts to give diplomatic, military, law enforcement and intelligence specialists quicker and easier access to greater amounts of data have had unintended consequences — making our sensitive data more vulnerable to compromise,” Mr. Whitman said.
