The Department of Defense (DOD) is taking decisive action to secure department networks so a leak like last year's Cablegate scandal doesn't happen again, new DOD CIO Teri Takai said last week.
Speaking to the Senate Homeland Security and Governmental Affairs committee, Takai -- who recently took her position after serving as California CIO -- said the DOD is currently in the midst of deploying new security technology to the DOD classified network, SIPRNet, to prevent future insider breaches.
"The unauthorized release of U.S. information by WikiLeaks has adversely affected our global engagement and national security and endangered the lives of individuals who have sought to cooperate with the United States," she said. "It is of vital importance to DoD and the entire U.S. Government that we keep our sensitive and classified information secure, while at the same time ensuring that the right people have the timely access they need to help keep our country and its citizens safe."
Indeed, the DOD had a rough year last year in its ongoing fight with Wikileaks, which posts classified documents from a number of organizations, including the federal government.
In late July 2010, Wikileaks released thousands of classified DOD documents related to the war in Afghanistan, then followed that up by publishing 400,000 classified Iraq logs in October.
But it was the release of thousands of classified U.S. embassy cables in late November that spurred the international incident that became known as Cablegate, which caused many to seriously question security at the DOD. Army Private First Class Bradley Manning was arrested last June and is suspected of leaking the information after removing it from SIPRNet.
After conducting studies on how it can improve network security, the DOD has begun to implement a Host Based Security System to all of its workstations to prevent people from removing large amounts of data from SIPRNet by rewriting it to a removable storage device, Takai told the committee. Her testimony is available online.
Takai described how the system works. She said it provides "very positive technical control" over the machines and provides reports on workstation configurations that can be monitored centrally.
Although the system will allow the removal of data from some machines, HBSS will report in real time each operation, Takai said. It also will report every unauthorized attempt to move data and rewrite it.
The DoD also has a back-up plan to ensure another Cablegate won't happen while it waits for a full deployment of the new system, she added.
"Where HBSS is not yet fully deployed other means are used to disable write capability, such as removing the software used to write to CDs, removing the drives themselves from the machines, or blocking access to external devices in workstation configuration files," Takai said in her testimony.
The DOD also has started issuing Public Key Infrastructure (PKI)-based identity credentials on smart cards to people who have access to SIPRNet users, with a plan to issue 500,000 cards and equip workstations with accompanying card readers and software by the end of 2012, she said. This will replace the password-controlled system users utilize now to access SIPRNet, which does not provide adequate access control.
The new system "will provide very strong identification of the person accessing the network and requesting data," Takai said. "It will both deter bad behavior and require absolute identification of who is accessing data and managing that access."
Her testimony marked one of Takai's first public appearances since taking her post on November 5. President Obama nominated Takai in March 2010 for the DOD CIO position. However, in September amid an ongoing reorganization within the department's IT operations and organizational structure, her nomination was withdrawn.
Then in a somewhat surprising move on Oct. 25, Takai announced to her California staff that she was leaving her position and taking the DoD CIO position after all.