Why can’t the Government protect its secrets?
Apparently the soldier thought to have downloaded the enormous amounts of information being posted on WikiLeaks told confidants at Wired.com, which published a partial log of Manning's discussions with hacker R. Adrian Lamo in June,
"Weak servers, weak logging, weak physical security, weak counterintelligence, inattentive signal analysis," Manning wrote. "A perfect storm."
Security professionals have been carping about this for DECADES. Yet no one seems to care. Not even at the Pentagon. Yet any IT security person will tell you the insider threat is the most dangerous.
So far… Pentagon officials are not reviewing who has access to data but focusing instead on installing technical safeguards.
When I read this in the article, I shook my head in disbelief. Technical safeguards will help. But knowing who is accessing the data is essential.
That’s not just my opinion; Dale Meyerrose, former chief information officer for the U.S. intelligence community, said Monday that it will never be possible to completely stop such breaches.
"This is a personnel security issue, more than it is a technical issue," said Meyerrose, now a vice president at Harris Corp. "How can you prevent a pilot from flying the airplane into the ground? You can't. Anybody you give access to can become a disgruntled employee or an ideologue that goes bad."
Today’s modern cyber warfare is based on data and information, which is being captured, cataloged and stored at an alarming rate. Traditional security technologies are struggling to keep pace with this explosion of information, and the WikiLeaks exposure is a prime example of what can happen when the wrong individual has access to a multitude of data.
The WikiLeaks exposure highlights a clear need for a change in the way many classified networks are designed and managed, the way organizations manage their most sensitive information, and should also be looked at as a red flag by enterprises.
Technology that would enforce access policies around this type of information exists and needs to be implemented to minimize a leak of this magnitude.
Well, despite the less than logical rantings of the left and/or otherwise radicals, our intelligence community is not . . . .and I repeat, NOT, run by idiots. They're actually a very intelligent group of people like you and I, but in many cases, smarter,much smarter.
ReplyDeleteSo ,how in the world can they not counter-remedy this challenge ?
I do not know . I can only guess .
Are some of them so friggin drunk with power that ego or incompetence has clouded their view ?
Or, is this just the way things turn-out just prior to our demise ?
I wish I knew.
That little girl Bradly Manning had access to the military's Siprnet intelligence system along with almost anyone else who didn't have a criminal record.
ReplyDelete3,000,000 had access to secret and damaging information that could be downloaded onto a thumb drive, and now someone is surprised that some traitor dumped it into a communists hands?
I mean, come on- A frigging PFC had access to diplomatic correspondence marked from secret all the way up?
I know she was an intelligence analyst, but put some limits on access, m'kay? You think they'd have done something about this after the first batch.
Two people can keep a secret between them; three or more can't, with or without technology!
ReplyDeleteWhy does the government need secrets?
ReplyDeleteI think like this as well...at work we have documents that our competitors would love to know about; what customer is considered good and why, how we bid a project(sometimes lower than we wanted to) to get the work. There are also financial records and contract data. If a billing clerk needs billing info, thats all they get- account number name and amount due, and a place to post the payments. I have access to stuff related to my work, and that of my team. I DONT have access to the Board of Directors server, where all these corporate secrets are, because "I don't have a need to know".
ReplyDeleteSo how in the world did said PFC Manning have UNFETTERED access to documents at the State Department...unrestricted, nobody checking...I mean come on. My company uses identity management to determine who needs to know what info based on level of authority in organization, position in organization, etc.
agree
ReplyDelete