The nation’s intelligence chief says it will take five years to complete major improvements in the system that allows U.S. agencies to share secret information, after the WikiLeaks breach revealed embarrassing weaknesses.
The release of hundreds of thousands of classified documents on the anti-secrecy website was “a terrible event for us that has caused us to make changes,” James Clapper, the director of national intelligence, said in a speech Thursday.
“Over the next five years, we’ll make some serious and noticeable changes,” he told the Center for Strategic and International Studies, a Washington think tank.
Mr. Clapper said the changes would focus on monitoring and auditing downloads of data from intelligence agency computer systems. The reforms also will include tagging documents to make it easier to tell what information they contain and who should have access to them. The government also will ensure that intelligence staffers who log on to computer systems are securely identified.
Information technology specialists say audit and monitoring measures that are common in the private sector would have enabled military investigators to determine quickly who had downloaded the 250,000 secret State Department cables and other classified material WikiLeaks published online in 2010.
Army Pfc. Bradley E. Manning, a low-level intelligence analyst, was charged with releasing the documents in 2010 and is likely to face court martial. He was arrested after allegedly confessing to being the source of the WikiLeaks material in an online chat with a former hacker.
Last year, President Obama signed an executive order directing a review of the ways government departments share sensitive intelligence, in the wake of the WikiLeaks breach.
Sharing information, even secret data, became a top priority for U.S. spy agencies after their failure to “connect the dots” and stop the Sept. 11 attacks. Some have argued that WikiLeaks showed the changes had gone too far.
“The goal is to find that nirvana, that sweet spot between the responsibility to share [intelligence] and the need to protect” it from spies or hackers, said Mr. Clapper, a retired general.
He added that agencies would “have to do some investing” to implement the changes but did not specify how much spending would be involved.
A defense official told The Washington Times the military last year introduced a special smart card called the “common cyberidentity credential,” which would eventually be used by all civilian and military employees who need access to secret government computer networks.
The Defense Department is “working aggressively with the rest of the federal government” to implement the changes required by the executive order, the official said.
Mr. Clapper stressed there was no technological “silver bullet.”
Even with all the “appropriate IT [information technology] mousetraps” in place, he said, there could be no complete guarantee against further leaks or breaches.
“In the end, our system is based on personal trust,” he said. “[WikiLeaks was] an egregious violation of that trust.
“We’ll have more.”