U.S. military launches review of IT security after Wikileaks breach
Defense chief Gates said changes already underway in war zones, where security is loosened to get data to soldiers more quickly
Computerworld - WASHINGTON - Defense Secretary Robert Gates Thursday announced that U.S. information security practices will be reviewed following the leak of tens of thousands of classified war documents that were published by WikiLeaks earlier this week.
Gates told a press conference that some security changes are already happening "in theater" -- the war zones in Afghanistan and Iraq -- to prevent a repeat of such a breach. The changes include tightening established procedures for accessing and transporting classified information, Gates said.
As a practical matter, Gates said there are fewer restrictions on the use of and the distribution of classified material on the front lines.
If the breach had "occurred at a read headquarters somewhere in the U.S.," Gates said, there's "a very high likelihood we would have detected it."
Gates also said that FBI has been asked to investigate the leak. The number of documents released is now being put at around 77,000.
During the first Iraq war, it became clear "how little useful intelligence was being received by battalion and company commanders in the field," said Gates. Thus the military changed its approach so it could "push as much information as far forward as possible, which means putting it in a secret channel that almost everybody has access to in uniform, and obviously many civilians as well," he said.
"We want those soldiers in a forward operating base to have all the information they possibly can," said Gates.
Because of the leak, Gates said that the Department of Defense will review whether the approach should be changed. "Or do we continue to take the risk," said Gates.
Gates said there are "technological solutions" to the dilemma, but they aren't immediately available.
Wikileaks publishes classified and restricted government and private materials leaked to it by individuals whose identies it doesn't know. The Sweden-based group says it focuses on authenticating documents and not the leaker who remains undisclosed to the organization.
Military officials, which have been widely critical of Wikileaks, are reviewing the leaked documents to assess the damage.
Adm. Mike Mullen, chairman of the U.S. Joint Chiefs of Staff, was blunt in his criticism of Wikileaks during the press conference. "The truth is they might already have on their hands the blood of some young solider or that of an Afgan family," Mullen said.
"Disagree with the war all you want, take issue with the policy, challenge me or our ground commanders on the decisions we make to accomplish the mission we've been given," said Mullen. "But don't put those who willingly go into harm's way, even further in harm's way, just to satisfy your need to make a point."
WikiLeaks founder Julian Assange has indicated that thousands of military documents thaat it acquired have not been released. Robert Gibbs, White House press secretary, urged him not to release any additional documents.
In an interview on ABC, Assange continued his defense of the document release and said they show "negligence that's on a massive scale."
It remains unclear whether Wikileaks will release the other documents, and all Assange would say about it is they are getting further review.
Patrick Thibodeau covers SaaS and enterprise applications, outsourcing, government IT policies, data centers and IT workforce issues for Computerworld. Follow Patrick on Twitter at @DCgov, or subscribe to Patrick's RSS feed . His e-mail address is firstname.lastname@example.org.
Read more about Security in Computerworld's Security Topic Center.
- Enable secure remote access to 3D data without sacrificing visual perfomance Design and manufacturing companies must adapt quickly to the demands of an increasingly global and competitive economy. To speed time to market for...
- Virtually Delivered High Performance 3D Graphics "A picture is worth a thousand words." That old phrase is as true today as it ever was. Pictures (i.e., those with heavy...
- Best Practices for Securing Hadoop Historically, Apache Hadoop has provided limited security capabilities. To protect sensitive data being stored and analyzed in Hadoop, security architects should use a...
- Top Tips for Securing Big Data Environments: Why Big Data Doesn't Have to Mean Big Security Challenges Organizations must come to terms with the security challenges they introduce. As big data environments ingest more data, organizations will face significant risks...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!