Slashdot Mirror

← Back to Stories (view on slashdot.org)

State Department CIO Interviewed About Post-Wikileaks Changes

Posted by Unknown on from the leakers-punished-by-death dept.

CowboyRobot writes, quoting Information Week: "Eighteen months after its diplomatic cables were exposed in the WikiLeaks breach, the State Department continues to lock down its confidential information, while increasing its use of using social media. The agency is deploying new security technology, including auditing and monitoring tools that detect anomalous activity on the State Department's classified networks and systems. State has also begun tagging information with metadata to enable role-based access to those who need it, and is planning to implement public key infrastructure on its classified systems by the summer of 2014. This is all taking place despite the recent announcement that the IT budget will be cut by nearly 5%."

24 comments

  1. Shutting the Barn Door by dakohli · · Score: 1

    So, this means that they had almost no security measures aside from the basics when the leaks took place.

    I suppose its not that surprising that it takes a breach of some magnitude in order to bring in change.

    1. Re:Shutting the Barn Door by spacerodent · · Score: 2

      That's because the post 9/11 "let's share everything" mentality that was mandated by SECDEF.

    2. Re:Shutting the Barn Door by GovCheese · · Score: 1

      Remember it wasn't a hack. After 9/11, the federal community was told to "share data" and remove the old stovepipes and State did just that - they State shared their cable data with DOD. DOD's controls regarding access were the issue and enabled Manning to do what he did. The focus now is creating a more roles based access policy without inhibiting sharing. It's not as easy as one might think.

      --
      "He's using a quantum encryption scheme! That'll take hours to break!"
    3. Re:Shutting the Barn Door by Karl+Cocknozzle · · Score: 3, Funny

      Yeah, he probably should have specified the unspoken ellipses there--i.e. ...

      "We want Federal agencies to begin sharing as much data as they can. ...With each other... "

      In all fairness, SECDEF probably assumed the people he was talking to were competent enough to fill in the blanks (you know, the part about not revealing the data to the Chinese mafia, for example.) Obviously, that assumption was a mistake.

      --
      Who did what now?
    4. Re:Shutting the Barn Door by Anonymous Coward · · Score: 0

      So the next major leak is made by somebody at a higher level that grows a conscience as with deep throat. Wikileaks or rather the internet gives them somewhere to go with such info that wasn't there before (which is probably why things like SOPA, PIPA and ACTA are being drawn so broad that you could censor just about anything with them). Julian's aim with wikileaks was always to create "a tax on secrecy" and thus strangle the funding of bodies that have much to hide as the cost of keeping their crimes secret starts to outweigh the benefit gained from commiting them in the first place. The fact that in many cases the people that reap the rewards are not the people that bear the costs does sadly however mean that society at large may well suffer while those bearing the cost look for who is really to blame for their predicament. Of course that last statement does depend on the practicality and effectiveness of the tax on secrecy idea in the real world and there's no evidence I have seen either way, but then again I haven't looked.

    5. Re:Shutting the Barn Door by takeda64 · · Score: 1

      There was a person claiming that he worked as a contractor. He said the security was a joke there and even people like him had access to cables.

  2. in other words by Anonymous Coward · · Score: 0

    no good chaneges.
    lesson is not learned. They fix symptoms, not the sickness

  3. use of using? by drainbramage · · Score: 1

    Really?
    Been working at the department of redundancy department long?

    --
    No brain, no pain.
  4. put it in the cloud! by Anonymous Coward · · Score: 0

    "This is all taking place despite the recent announcement that the IT budget will be cut by nearly 5%"

    well, obviously the Air Force puts the same magazines w/"put it in the cloud!" articles on Hillary's plane that the rest of our executives read on their flights... {rolls eyes}

  5. Would this stuff had helped? by duffbeer703 · · Score: 3, Insightful

    At the end of the day, Bradley Manning was a mental trainwreck in a myriad of ways. This wasn't a secret -- he was in the process of being drummed out of the military before his arrest. Seems to me that the human half of the system failed -- someone in Manning's state of crisis should have been cutoff from access to weapons or critical information at some point.

    --
    Conformity is the jailer of freedom and enemy of growth. -JFK
    1. Re:Would this stuff had helped? by Anonymous Coward · · Score: 0

      On top of all that the reason he was being kicked out was assault on a female solider. More than enough warning signs that I don't feel bad his leadaership and SSO's careers are all thrown away with his.

    2. Re:Would this stuff had helped? by pizzap · · Score: 1

      I guess Bradleys state was kind of normal for the army: SNAFU.

    3. Re:Would this stuff had helped? by Hentes · · Score: 2

      You assume that information was critical. From what I've heard it was on a central repository that a few hundred thousand government employees had access to. It wasn't a place for really secret stuff, and it's likely that most major powers already had those files. The only damage done was that the public got to know about them.

    4. Re:Would this stuff had helped? by dakohli · · Score: 3, Interesting

      You have hit the nail on the head

      Many security breaches can be prevented if we just follow the guidelines that are in place. If you look at the case of Sub-Lieutenant Jeffrey Delisle there were some indicators such as his divorce and bankruptcy which are red flags.

      In Delisle's case he was caught, but it is not clear how much info he sold.

      Yet a third case of Security Officials dropping the ball is John Walker who I believe was turned in by his wife. This guy at one point didn't even try to keep his clearance updated!

      So, in the end it falls to the procedures we have in place. If we don't consistently follow them, we pay the consequences.

    5. Re:Would this stuff had helped? by Karl+Cocknozzle · · Score: 2, Insightful

      The only damage done was that the public got to know about them.

      This is the angle that so few people in our country seem to get... Nothing that Manning released was really all that "critical" to fighting a war. It was critical, however, in exposing the government's bottomless bucket of lies on the subject. So, obviously, Manning must die.

      --
      Who did what now?
    6. Re:Would this stuff had helped? by poetmatt · · Score: 1

      yep. the people who attacked manning were whom exactly? the folks who generate the propaganda.

      Of course they are and were pissed, not for a good reason though.

    7. Re:Would this stuff had helped? by Anonymous Coward · · Score: 0

      Four million people had access and permissions on SIPRNET.

  6. Long story short... by Zapotek · · Score: 1

    they added a few anomaly detection IDSs and decided to implement proper access control. Shouldn't they be doing that from the get go?

    I could be oversimplifying this though...

    1. Re:Long story short... by SuricouRaven · · Score: 2

      As was stated above, the cables were secret, but not the most secret - this wasn't nuclear-launch-code stuff, hundreds of thousands of people had access.

  7. Their entire problem was too many secrets ... by dbIII · · Score: 2

    Their entire problem was too many secrets which meant too many people had to have access to a system containing both information that didn't really need to be secret (but a lot of people need to do their jobs) and actual sensitive information (which only a few need access to). When you have close to one million people with access the information is going to get out to anyone that cares and has the resources to convince people to give them the information. I very much doubt Manning was the first to pass a lot of that information to a third party in even the year it happened, especially since he was free for so long after the incident and did very little to hide what he was doing. His actions were lost in the noise of nearly a million people accessing that system. Perhaps some sort of central agency in charge of intelligence should be formed to replace the one that is supposed to be distributing the information but has failed spectacularly yet again.
    What Manning did is not really a huge crime, he just distributed some stuff that he had very easy access to. The only reason it is a big deal is the negligence that meant he had access to enough to cause embarrassment and so we get the disproportionate response of "might makes right" that belongs more in China than in a State that respects the rule of law. He's leaked information that the Secretary of State is unfit for the position due to little respect for the rule of law (directing agents to get credit card numbers of diplomats), so it's probably to be expected if disappointing.

  8. HILARIOUS by Anonymous Coward · · Score: 0

    So....there is a lot of talk about covering security holes to reduce breaches but there is not much talk about prosecution for serious computer crimes and massive breaches of national security.

    What I gather about the situation is perps are getting a free pass and the current administration (regime) is simply reducing the opportunities for their constituents to be vigilantes (criminals).

    Wow. Scary stuff.

  9. 'State Department continues to lock down...' by Anonymous Coward · · Score: 0

    Transparency at work... A shame that the voters are just as fascist as the government.

    Dear Slashdot,

    How come spammers can post more frequently than I can? I mean, are you actually encouraging us to use proxies to get around these idiot limits? You're not fooling anyone.

  10. U-S-A U-S-A U-S-A by Anonymous Coward · · Score: 0

    Why are the Americans in lockdown while calling for transparency with everybody else?
    Oh I'm sorry, I forgot the Americans are hypocrites.

  11. try Manning for treason by Anonymous Coward · · Score: 0

    Want to send-home a clear message to other would-be leakers? Have Manning stand trial for treason. If he's found guilty, have him hanged.