FAS

Post-WikiLeaks Network Monitoring Takes Shape

02.21.12 | 2 min read | Text by Steven Aftergood

The heightened surveillance of classified government information networks that was a predictable response to the unauthorized disclosures published by WikiLeaks is becoming more clearly discernible.

“USSTRATCOM/USCYBERCOM is monitoring use of the SIPRNet and now has a mechanism for reporting certain anomalous behaviors for appropriate remediation,” said Thomas A. Ferguson, Deputy Under Secretary of Defense (Intelligence) and Teresa Takai, DoD Chief Information Officer.

“We have established the first formal security oversight and assessment program to determine levels of compliance” with rules of access to classified networks,” they said in response to questions for the record from a March 10, 2011 hearing of the Senate Homeland Security and Governmental Affairs Committee on “Information Sharing in the Era of WikiLeaks.”

“Simply understanding that we have this monitoring capability creates deterrence of willful mischief,” they added.

“We will improve our ability to individually track users through enforcement of strong user authentication on classified networks, ensure responsible controls on removable media, and provide strong website authentication for classified fabrics — all to provide greater control over access to classified information,” wrote Corin R. Stone of the Office of the Director of National Intelligence in her own answers to questions for the record from the same hearing.

“The FBI and CIA have robust insider threat programs in place for tracking the specific information accessed by users of their systems and detecting, to varying degrees, suspicious user behavior (e.g., excessive file accesses or data downloads) and alerting security personnel to take action.  Several agencies (e.g., NGA, NSA, NRO) are maturing their audit and insider threat capabilities, while others still lag behind,” Ms. Stone wrote.

“The WikiLeaks disclosures highlighted the need to ‘raise the bar’ in terms of these capabilities,” she wrote.

In testimony before the Senate Armed Services Committee last week, Defense Intelligence Agency director Lt. Gen. Ronald L. Burgess said that “The potential for trusted US Government and contractor insiders using their authorized access to personnel, facilities, information, equipment, networks or information systems in order to cause great harm is becoming an increasingly serious threat to national security.”

publications
See all publications
Nuclear Weapons
Blog
New Voices on Nuclear Weapons Fellowship: Creative Perspectives on Rethinking Nuclear Deterrence 

To empower new voices to start their career in nuclear weapons studies, the Federation of American Scientists launched the New Voices on Nuclear Weapons Fellowship. Here’s what our inaugural cohort accomplished.

11.28.23 | 3 min read
read more
Science Policy
Article
Expected Utility Forecasting for Science Funding

Common frameworks for evaluating proposals leave this utility function implicit, often evaluating aspects of risk, uncertainty, and potential value independently and qualitatively.

11.20.23 | 11 min read
read more
Nuclear Weapons
Report
Nuclear Notebook: Nuclear Weapons Sharing, 2023

The FAS Nuclear Notebook is one of the most widely sourced reference materials worldwide for reliable information about the status of nuclear weapons and has been published in the Bulletin of the Atomic Scientists since 1987. The Nuclear Notebook is researched and written by the staff of the Federation of American Scientists’ Nuclear Information Project: Director Hans […]

11.17.23 | 1 min read
read more
Social Innovation
Blog
Community School Approach Reaches High of 60%, Reports Latest Pulse Panel

According to the National Center for Education Statistics’ August 2023 pulse panel, 60% of public schools were utilizing a “community school” or “wraparound services model” at the start of this school year—up from 45% last year.

11.17.23 | 4 min read
read more