U.S. military launches review of IT security after Wikileaks breach
Defense chief Gates said changes already underway in war zones, where security is loosened to get data to soldiers more quickly
Computerworld - WASHINGTON - Defense Secretary Robert Gates Thursday announced that U.S. information security practices will be reviewed following the leak of tens of thousands of classified war documents that were published by WikiLeaks earlier this week.
Gates told a press conference that some security changes are already happening "in theater" -- the war zones in Afghanistan and Iraq -- to prevent a repeat of such a breach. The changes include tightening established procedures for accessing and transporting classified information, Gates said.
As a practical matter, Gates said there are fewer restrictions on the use of and the distribution of classified material on the front lines.
If the breach had "occurred at a read headquarters somewhere in the U.S.," Gates said, there's "a very high likelihood we would have detected it."
Gates also said that FBI has been asked to investigate the leak. The number of documents released is now being put at around 77,000.
During the first Iraq war, it became clear "how little useful intelligence was being received by battalion and company commanders in the field," said Gates. Thus the military changed its approach so it could "push as much information as far forward as possible, which means putting it in a secret channel that almost everybody has access to in uniform, and obviously many civilians as well," he said.
"We want those soldiers in a forward operating base to have all the information they possibly can," said Gates.
Because of the leak, Gates said that the Department of Defense will review whether the approach should be changed. "Or do we continue to take the risk," said Gates.
Gates said there are "technological solutions" to the dilemma, but they aren't immediately available.
Wikileaks publishes classified and restricted government and private materials leaked to it by individuals whose identies it doesn't know. The Sweden-based group says it focuses on authenticating documents and not the leaker who remains undisclosed to the organization.
Military officials, which have been widely critical of Wikileaks, are reviewing the leaked documents to assess the damage.
Adm. Mike Mullen, chairman of the U.S. Joint Chiefs of Staff, was blunt in his criticism of Wikileaks during the press conference. "The truth is they might already have on their hands the blood of some young solider or that of an Afgan family," Mullen said.
"Disagree with the war all you want, take issue with the policy, challenge me or our ground commanders on the decisions we make to accomplish the mission we've been given," said Mullen. "But don't put those who willingly go into harm's way, even further in harm's way, just to satisfy your need to make a point."
WikiLeaks founder Julian Assange has indicated that thousands of military documents thaat it acquired have not been released. Robert Gibbs, White House press secretary, urged him not to release any additional documents.
In an interview on ABC, Assange continued his defense of the document release and said they show "negligence that's on a massive scale."
It remains unclear whether Wikileaks will release the other documents, and all Assange would say about it is they are getting further review.
Patrick Thibodeau covers SaaS and enterprise applications, outsourcing, government IT policies, data centers and IT workforce issues for Computerworld. Follow Patrick on Twitter at @DCgov, or subscribe to Patrick's RSS feed . His e-mail address is firstname.lastname@example.org.
Read more about Security in Computerworld's Security Topic Center.
- Radicati: Cloud Business Email - Market Quadrant 2013 Google was named the top cloud business email provider in a recent report by research firm Radicati. Out of 14 key players, Google...
- Tablets in the Enterprise: A Checklist for Successful Deployment How can you enterprise manage and secure tablets in order to protect corporate data while providing access to the information and applications employees...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise File Sync & Share Checklist File sync and share has changed the way people work and collaborate in today's tech-savvy world. Gone are the email roadblocks, clunky FTP...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts