In the wake of the ongoing publication of large volumes of classified U.S. government information by WikiLeaks, executive branch agencies are taking new steps to deter, detect and prevent the unauthorized transfer of information from classified government networks, officials said at a hearing of the Senate Homeland Security Committee last week.
In the majority of terminals connected to the DoD SIPRNet, the classified defense network, the capability to write to removable media has now been disabled. (Bradley Manning is suspected of downloading State Department cables and other classified materials from SIPRNet and writing them to a compact disk.)
“For those few machines where writing is allowed [newly installed security software] will report, in real time, each write operation,” said Teresa Takai and Thomas Ferguson (pdf) of the Department of Defense. “It will also report every attempt of an unauthorized write operation.”
“DoD has begun to issue a Public Key Infrastructure (PKI)-based identity credential on a hardened smart card… [that] will provide very strong identification of the person accessing the network and requesting data. It will both deter bad behavior and require absolute identification of who is accessing data and managing that access,” they said.
Likewise, “the IC [intelligence community] plans to increase access control to critical IC information resources,” said Corin R. Stone (pdf) of the Office of the Director of National Intelligence. “Technology can be used to control usage and limit user capabilities to perform activities such as copying, printing, or exporting data to a device.”
As voluminous as the WikiLeaks disclosures are, they represent only a minuscule fraction of similar records. Even when it comes to the State Department cables, WikiLeaks didn’t get everything, Amb. Patrick Kennedy told the Senate Committee. “During the period of time [that] we posted… some 250,000 cables… to the DOD SIPRNet, we [also] disseminated 2.4 million cables, 10 times as many, through other systems.”
The fact is that more than 99.9% of classified documents don’t leak. Now they will all be subject to enhanced security measures.