The publication of US diplomatic cables by WikiLeaks demonstrates that the weakness in any system is the personnel with access to sensitive data.
Whistleblowing website WikiLeaks has published more than 250,000 cables, many of which are classified as ‘secret’, sent by US embassies around the world.
In what has been described a ‘diplomatic 9/11’, the cables contain a series of revelations that could have serious diplomatic consequences for the US. Some of the revelations include:
- King Abdullah of Saudi Arabia urged the US to destroy Iran’s nuclear facilities
- US officials were instructed to spy on members of the UN leadership
- Iran attempted to adapt North Korean rockets for use as long-range missiles
- UK and US officials expressed fears over the security of Pakistan’s nuclear weapons programme
- Prince Andrew made inappropriate remarks while abroad
But what are these cables, how did they come into the public domain and how could governments prevent such embarrassment in the future?
US embassies communicate military and diplomatic information via the secret internet protocol router network (SIPRNet), a secure system run by the Department of Defense and kept separate from the civilian internet.
The leaked messages were designated SIPDIS, short for SIPRNet distribution, part of a designation system which improves the accessibility of potentially useful data while maintaining its security level.
US state department guidelines indicate that SIPDIS should be used for “reporting and other informational messages deemed appropriate for release to the US government interagency community.” There are other channels which garner a higher level of security.
Dispatches labelled SIPDIS are downloaded onto each embassy’s classified website, where they can be accessed by anyone in the state department or military with security clearance of ‘secret’ or higher. The Guardian newspaper estimates that this could be over three million individuals.
In theory, all memory devices attached to SIPRNet computers must be labelled ‘secret’ and be stored securely. However, a substantial number of individuals are able to access the information, and therefore security then concerns the physical location of any data storage devices, and ensures these do not leave the site, at which the data can be securely accessed.
So while governments increase the priority of protection against cyber attacks, it appears that the physical transport of data, rather than the networks by which it is communicated, caused the current crisis.
Somehow, a balance must be achieved between the availability of sensitive information for international diplomacy purposes and decisions regarding military action, and ensuring only appropriate and trusted personnel have access to it. While network security can go a long way towards achieving this, security screening of individuals and airport-style scanning for data storage devices needs to be increased in order to ensure all other routes to sharing sensitive data are blocked.