Free Markets, Free People

3 million had access to diplomatic cables?

If you’re wondering why Wikileaks has been able to obtain military reports on Iraq and Afghanistan as well as diplomatic cables for the last 10 or so years, wonder no more.

According to the UK’s Guardian, up to 3 million people had potential access to those archives on the government’s Siprnet system.

More than 3 million US government personnel and soldiers, many extremely junior, are cleared to have potential access to this material, even though the cables contain the identities of foreign informants, often sensitive contacts in dictatorial regimes. Some are marked "protect" or "strictly protect".

To me that’s a phenomenal revelation.  If, like me, you were wondering how a Private First Class like Bradley Manning had access to this sort of information, now you know.  Had I been aware of the number who had potential access to these files, I’d have said it isn’t a matter of “if” but “when” a leak would occur.  Allowing that amount of access to information marked “Secret” and “NoForn”, short for “no foreign dissemination”, as well as the names of highly sensitive sources and contacts is a intelligence disaster waiting to happen.

A State Department Spokesman claims it was a reaction to pre-9/11 intelligence sharing – or lack there of:

"The 9/11 attacks and their aftermath revealed gaps in intra-governmental information sharing. Since the attacks of 9/11, the US government has taken significant steps to facilitate information sharing. These efforts were focused on giving diplomatic, military, law enforcement and intelligence specialists quicker and easier access to more data to more effectively do their jobs."

He added: "We have been taking aggressive action in recent weeks and months to enhance the security of our systems and to prevent the leak of information."

While I certainly don’t at all condone the Wikileaks publication of these cables, I have to tell you, given this new information, that I’m not at all surprised it has occurred.  In fact, I’m rather surprised it has taken this long.  And, of course, the damage being done is incalculable to US interests and foreign policy – not to mention those contacts and sources named.  Wikileaks claims to have safeguarded that information, however, that’s a hollow promise.  We have no idea who has seen these archives in full and what they may have done with the information.  Any present contacts or sources have to fear for their lives and the likelihood of developing new sources and contacts just took one hell of a shot in the head.

Prior to 9/11, human intelligence (HUMINT) was an area of extreme weakness for the US.  We’d made a conscious decision decades earlier to rely on technical means to gather intelligence – communications intercepts, spy satellites, etc.  But, with some very notable intelligence failures (India’s nuclear weapons, Cole Bombing, embassy bombings, 9/11), we again understood the critical importance of HUMINT and have been attempting to again establish networks around the world.   Obviously, the strictest secrecy must be maintained in order for that to work.  Leaks like this could completely destroy those new networks and make impossible our ability to establish new ones.

No matter what you think of Wikileaks, and I’m not at all pleased or happy with what they’ve done, the decision to put this information on a network on which 3 million had potential access to the information borders on criminal.  Sharing information is one thing – it should be done, but it must be done intelligently.  This wasn’t about sharing – it was about a structural failure to safeguard critical information in a manner in which it should have been safeguarded.

The fact that these cables are being published around the world right now isn’t just the fault of Wikileaks, but a government which allowed that information to be easily accessed by those who had no reason or need to access it.  The result of such poor management is now evident for all to see.

~McQ

[ad] Empty ad slot (#1)!

Tweet about this on TwitterShare on FacebookShare on Google+Share on TumblrShare on StumbleUponShare on RedditPin on PinterestEmail this to someone

24 Responses to 3 million had access to diplomatic cables?

  • The sound you are hearing is a mixture of laughter and sobbing:

    Laughter from all those around the world who delight in seeing the United States embarrassed and our interests damaged, and;

    Sobbing from all those intelligence officers around the world being sacked because their governments have just learned that they really don’t need to pay anybody to try to get at our secrets.  For one thing, nothing in our government is very “secret” (well, nothing outside of The Dear Golfer’s personal history, that is).  For another, there are plenty of people who will publish them out of spite.  Manning (who should be hanged) won’t be the last to get his hands on some classified goodies and spray them all over the internet.

    I wonder if he’ll be lionized by the left like Ellsberg was?

    • I wonder if he’ll be lionized by the left like Ellsberg was?

      Over on Slashdot, Assange — the top Wikileaks guy — already is. I’m a programmer and I often enjoy reading Slashdot but the constant knee-jerk, anti-American, pseudo-libertarian preening really puts me off my Jolt cola.

      Well, the good news is that the Dotters all voted for Obama or wanted to, so at least they’re also stuck with complaining about the Obama administration when it sensibly condemns the leaks.

  • Something is not right here.

    Are we really to believe that an E3, with 2 years service, including boot camp, advanced training, plus whatever else schooling, really has access to this stuff and can download it without anyone knowing it?

    Heck, most of us can’t download squat from our corporate networks without someone knowing about it.

    If true, we have problems of an order of magnitude that eclipses the release of this stuff.

  • pedro works for a well known gov contractor (your taxes at work!).  security is very tight here and heavily enforced by disa, dss,  and dod.  pedro visits various military establishments on a regular basis and is amazed at how lax things are once you’re inside.   i guess it’s like getting accepted at harvard, the getting in is the hard part.   it’s always been that way, regardless of which party is in power. the lone exception would be the navy, where things are very tight indeed.
     
    pedro came to talk about your failure to rally around bristol in her time of need,  but we can wait for a more appropriate thread.

  • But at least we know that our electronic medical records will be secure.

    • Excellent point!!  Right now I really don’t feel safe with the government holding my medical records. Thanks!!

  • @Pedro – ever hear of John Walker Lynn and his family members who for DECADES took the highest level of US Navy secrets regarding nuclear submarines, their message codes and locations and delivered it to the Soviets? Sheesh.
     
    Monitoring access to files is a routine part of network monitoring and control in the corporate sphere, as well as compartmentalization of files. Why in the world would anyone have unlimited access both to sensitive civilian and military files WITH NO CONTROL? I have worked in MORTGAGE companies that removed the floppy drives from all computers and disabled USB ports, too. Emails were scanned and certain types of files were not allowed to be emailed out. How eff’ing hard is this for the intelligence branch of our government to figure out BEFORE the big data heist occurs? Talk about incompetent.

    • Yes,  and you think that is comparable to what we’re seeing now?   Sheesh indeed.  The Navy case involved 2 bad Warrant Officers, and is the exception that proves the rule.  I visit Army and Navy sites on a regular basis, I think I’ll trust my own experiences over whatever it is you read on the internet, but thanks for the comments.
       

    • I was thinking of Johnny Walker Red myself.  I also recall reading that, when the Pueblo was pirated by the norkies, there were literally SACKS of classified documents aboard that had absolutely nothing to do with the ship or her mission because, somehow, Pueblo got on various distribution lists, and mindless Navy bureaucrats mindlessly sent the documents along.  Captain Bucher had other things on his mind than dealing with them, so the norkies (and, we may assume, their masters in Moscow and Peking) got an intelligence goldmine when they siezed the ship.

      What was the rule of thumb back during the Cold War?  That the reds could get 95% of whatever they wanted to know from reading US civilian publications?  All that information DIDN’T get out because the government and various contractors were too stringent in their security procedures, that’s for sure.

      The basic problem is that ours is (happily, for the most part) an open and trusting society: information is carelessly handled because MOST people can be trusted to keep secrets.  We assume that, because WE are ourselves trustworthy, so is everybody else.  “I don’t know what Walker / Lonetree / Manning are doing, but I’m sure that it’s nothing to worry about.”

  • Not to diminish the gravity of what’s happened, but just because a lot of people have SIPR accounts, doesn’t mean they would automatically have access to everything on the network. The real question is, does everyone who has access to stuff like what Manning stole NEED to have that access? Should Manning himself have had that access? Or did someone screw up and give his account more privilege than it should have had?
    This also proves a fundamental truth about information security: the greatest threat to any network is not from external attacks, it is from the authorized users themselves. They don’t have to hack their way in, because they already have accounts. They don’t have to pick a lock or sneak through a door, because they already have the key. A punk like Manning can still get a security clearance.
    What I see in this is an organization (the one to which Manning belonged) that was far too lackadaisical about security, and made it far too easy for him to obtain classified information and sneak it out.

  • Pingback: S. Weasel
  • Assassinating Julian Assange and giving the death penalty to Manning would be a good start toward re-establishing meaningful security to government. The leaks from the CIA to the New York Times during the Bush years went largely  unpunished. Why should anyone be surprised that that the U.S. government is unable to keep a secret. At least the UFO nuts can no longer say that the government is covering up alien contact.
    P.S. I am not saying that the U.S. should assassinate Mr. Assange. We aren’t the only ones being hurt by the security leaks. Saudi Arabia comes to mind.  It is only a matter of time before Wikileaks gets their hands on sensitive info from places where human life is cheap.

    • If he ever has the sack to publish anything leaked from China or Russia, I put his life expectancy at 15 minutes, give or take

    • <i>At least the UFO nuts can no longer say that the government is covering up alien contact.</i>

      There is such a thing as “cosmic clearance,” you know. That’s where they keep the really good stuff. Wikileaks is small potatoes.

  • Here’s the really bad part.
    Now Wikileaks provides and excellent resource for anyone who wants to spread disinformation.
    The KGB loved to make up forged US documents to leak to journalists and foreign  leaders, who often believed them.  But with paper documents its harder to do, and sometimes they got caught. Now it will be much easier, and since its coming from Wikileaks, it will be assumed they are real.
    Is anyone vetting these docs at Wikileaks? I doubt it. How about at the papers? Maybe, but since they can claim they came from Wikileaks….
    The sad part is the end result will be nothing is put down on paper or in an email again. All cables will become as CYA as possible or just include bare facts. Maybe that will be good. Seriously, some of the stuff on the European leaders seems very unnecessary. Who cares if Berlescuni is “feckless?”

  • Given the resources that China and others devote to hacking our computer systems and subverting our people it is difficult to believe they don’t have at least as much access as some junior clerk at a brigade headquarters overseas.

    It’s not just the content that is of interest to others.
    These files are also a boon to the signals intelligence and cryptographic folks at various foreign organizations.

    In addition to tightening up network security, perhaps the army should turn its security clearance background investigations over to Wikipedia;

    “Thompson said that sometime in 2008, in Cambridge, Massachusetts, Manning became “part of a social circle that included politically motivated computer hackers and his boyfriend, a self-described drag queen. So when his military career seemed headed nowhere good, Private Manning, 22, turned increasingly to those friends for moral support”. ”

    http://en.wikipedia.org/wiki/Bradley_Manning

    This whole situation is truly amazing.  

  • This is just silly/obscene.
    The TSA can grope grannies and babies.
    And, Army corporals can download gigabites of info to give to a spy and the FBI can’t nab the master mind despite a huge theft and a clear trail.
    Great.
    Go Army. …
     
     
     
     
     

  • Just as I expected – the meme has now traveled, in one short 20-some-comments thread, from “potential access” to “access.”
    So, what the heck is “potential access”?
    I have a computer, and internet access.  Heck, I have “potential access” to all of those records, right?
    The three million person figure is meaningless, misleading,  and agenda-driven.

    • Actually it isn’t any of the above. In fact, those cables were pretty much available to anyone who knew how to find them and read them. One of the authors at BlackFive.net (Grim) talked about sitting down at the computer every morning in Afghanistan and reading through the cables of the preceding day just to know what was going on in the world. I’m sure that the powers to be were certain of the type computer that was used was authorized and had no USB or CD writer in it, huh? Oh, and that he had clearance and was the only one who was had access, right?

      Potential access means precisely what it says – whether or not they did actually access them, they where on a net in which it apparently wasn’t very difficult to do that if you knew how. And 3,000,000 are on that net.

      That means that there should be no surprise about what happened. It should also make someone wonder why, after the first Wikileak, something wasn’t immediately done to address the problem. The question you really want to ask is why is it only now – and not in July when the military info was revealed – that we’re seeing anyone talk about doing something to better safeguard such information?