OPINION — As information emerges as to the possible origins and extent of the leak of highly sensitive intelligence materials produced within the Pentagon, significant effort must now be directed at the national level to close technical gaps that allowed the materials to be illegally acquired and disseminated online.
Efforts to implement physical security measures in SCIFs [Sensitive Compartmented Information Facilities] that could deter or detect such activity should be better developed, as well as personnel evaluation that more continuously evaluates how individuals with the highest levels of security clearance and access are behaving in accordance with established intelligence-focused guidelines and protocols.
As someone who spent his career in various US government agency intelligence community organizations, these reforms are long overdue and may make it harder for the next major intelligence leak or breach to occur.
As the media has now reported, a man thought to be working at a military facility is suspected of accessing daily intelligence products produced by the Pentagon’s J2 intelligence directorate, printing them off, walking out of that facility with those materials, and then posting photographs of those items within a closed online gaming community in the Discord platform. Numerous questions arise as a result as to how this activity could have occurred for such an extended period without raising any suspicions by co-workers or other facility staff, in addition to the motivations for doing so and what this person hoped to gain, despite the enormous risks.
It’s not just for the President anymore. Subscriber+Members have exclusive access to the Open Source Collection Daily Brief, keeping you up to date on global events impacting national security. It pays to be a Subscriber+Member.
While additional details may emerge that help answer these and other important questions, in the meantime, the Office of the Director of National Intelligence and the Pentagon’s Undersecretary for Intelligence should combine to develop new protocols that address immediate mitigation aspects of the leak and longer-term personnel security, background investigation, and counterintelligence concerns.
In the immediate term, there should be a complete overhaul of the process for which intelligence products produced by the J2 are shared and disseminated. No longer should the daily intelligence briefing — which apparently was the focus for much of the leaked material — be available for wide distribution electronically even within the restricted TS/SCI level of the Intelligence Community, given there are so many people who by their clearance level alone, would have access to it. Going forward, this and other J2 products may have to be sent electronically to a smaller and narrower list of consumers or produced in hard-copy format only presented by briefers and with no ability to keep the hard-copy documents. Similarly, there may have to be new measures in place to electronically monitor downloads, receipts, and printing of intelligence materials that are sent to a controlled list of appropriately cleared individuals.
Other measures should be considered at SCIF facilities nationwide that allow security and counterintelligence personnel to have a better sense of the risk of potential leaks and unauthorized access. Physical screening of the workforce and personal items like bags, purses, backpacks, etc., may be necessary through airport security-style detectors that are looking for classified material that is not appropriately stored and approved for movement in or out of such facilities. The same would go for even stricter controls on electronic bans inside SCIFs such as telephones, smart watches, and other devices that can take pictures or transmit electronic signals. If the large detection ensembles would be too cumbersome and costly to implement, then even simple procedures like consensual random bag searches entering or exiting a facility could be low-tech measures that might deter anyone contemplating some form of unauthorized access to classified materials.
Looking to start your week with a trusted source of cyber expertise around today’s most pressing issues? Get the Cyber Initiatives Group newsletter in your inbox.
Delivered on Sundays to prepare you for the week ahead.
Lastly, a more robust system of Intelligence Community personnel screening may also need to be considered. While there is much emphasis on vetting individuals at the beginning of their Intelligence Community careers with long background investigations and interviews with security investigators, the cycle of periodic re-investigations may have to be shortened to ensure that intelligence professionals are abiding by protocols and guidelines. Similar thought should be given to the degree to which professionals are allowed to engage with social media, or a higher standard of reporting requirements if active on social media.
All these proposed measures could make a difference in preventing the next major intelligence leak. At the same time, they would take time, money, and significant effort to implement effectively, and could alienate potential Intelligence Community candidates, given the higher standards and protocols in place. It could also drive out elements of the current workforce, who might view these as too onerous or cumbersome. While there is no one solution that is going to fix the problem at hand, the need for some level of reform seems clear based on what has recently occurred. It will be the job of leaders within the Office of the Director of National Intelligence and the Pentagon to now determine the best path forward while mindful of the risks and implications of doing so.
The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals. Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.
Have a perspective to share based on your experience in the national security field? Send it to [email protected] for publication consideration.
National Security is Everyone’s Business. Read more expert-driven national security insights, perspective and analysis in The Cipher Brief
