Like SSCI, HPSCI Requires DNI to Close Gaping Security Holes … by 2013

Steven Aftergood has the House intelligence report online and–as he points out–it contains a requirement that the intelligence community close one of the gaping holes in network security highlighted by the WikiLeaks case. The deadline? 2013.


(a) Initial Operating Capability.–Not later than October 1, 2012, the Director of National Intelligence shall establish an initial operating capability for an effective automated insider threat detection program for the information resources in each element of the intelligence community in order to detect unauthorized access to, or use or transmission of, classified intelligence.

(b) Full Operating Capability.–Not later than October 1, 2013, the Director of National Intelligence shall ensure the program described in subsection (a) has reached full operating capability.

(c) Report.–Not later than December 1, 2011, the Director of National Intelligence shall submit to the congressional intelligence committees a report on the resources required to implement the insider threat detection program referred to in subsection (a) and any other issues related to such implementation the Director considers appropriate to include in the report.

(d) Information Resources Defined.–In this section, the term “information resources” means networks, systems, workstations, servers, routers, applications, databases, websites, online collaboration environments, and any other information resources in an element of the intelligence community designated by the Director of National Intelligence.

This is precisely what the Senate Intelligence Committee is also mandating. As I pointed out earlier, this seems to simply take DOD’s own lackadaisical deadline and make it a requirement.

In other words, if closing this security gap a year and a half after the leaks are alleged to have occurred is too tough, then they can go ahead and take another year or so to close the barn door.

Though to be fair, this deadline may come directly from the lackadaisical DOD, as the deadlines given here seem to match those DOD aspires to hit.

Now, maybe it’s considered unpatriotic to note that our intelligence community–and its congressional overseers–are tolerating pretty shoddy levels of security all while insisting that they takes leaks seriously.

But seriously: if our government is going to claim that leaks are as urgent as it does, if it’s going to continue to pretend that secrets are, you know, really secret, then it really ought to at least pretend to show urgency on responding to the gaping technical issues that will not only protect against leakers, but also provide better cybersecurity and protect against spies. Aspiring to fix those issues years after the fact really doesn’t cut it.

Ah well! Bin Laden is dead. Who else might want our secrets?

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

  1. BoxTurtle says:

    If I didn’t know better, I’d think Wikileaks was making campaign contributions to SCI congresscritters.

    Boxturtle (perhaps Julian did learn something from the bankers emails)

    • WilliamOckham says:

      I have question about another kind of gaping hole in the WikiLeaks Gitmo files, an actual hole in a file. Have you looked at the file for ISN 3148 (Harun al-Afghani)? It’s a huge (8mb) image file and pages 3 and 4 are corrupted. This is a little frustrating because the last line of page 2 says:

      Janat Gul is assessed to be a detained al-Qaide facilitator who has …

      • Jason Leopold says:

        I had previously downloaded a copy off the McClatchy site and I don’t see those missing lines. Here is what it says:

        (S//NF) Detainee named other associates from SID, including al-Qaida facilitator Daud al-Afghani, Saleh al-Afghani, Zubayr al-Afghani, Muhammad Agha, aka (Engineer Mansur), and Janat Gul. Janat Gul is assessed to be a detained al-Qaida facilitator who has acknowledged associations with Saleh and Zubayr.5 After detainee left SID, he traveled to Tajikistan, along with other former SID members including Janat Gul and Taliban member Abdul Rauf, aka Haji Jamshid, for three months to participate in Jihad. He then probably returned to Pakistan.6

        Hope this helps and please let me know if I missed something. Here is the link to the file via McClatchy:…/us9af-003148dp.source.prod_affiliate.91.pdf

  2. bobschacht says:

    OK, then the real question is, who wants to keep the security hole open? Yes, some part of DOD, apparently, but who or what?

    My bet is on one of the security contractors who is taking advantage of the security hole somehow. But who?

    Bob in AZ

  3. MadDog says:

    Speaking of Steven Aftergood, from another one of his pieces today:

    Domestic Intelligence Surveillance Grew in 2010

    By every available measure, the level of domestic intelligence surveillance activity in 2010 increased from the year before, according to a new Justice Department report to Congress on the Foreign Intelligence Surveillance Act.

    “During calendar year 2010, the Government made 1,579 applications to the Foreign Intelligence Surveillance Court (hereinafter ‘FISC’) for authority to conduct electronic surveillance and/or physical searches for foreign intelligence purposes,” according to the new report (2 page pdf). This compares to a reported 1,376 applications in 2009 (2 page PDF). (In 2008 (5 page PDF), however, the reported figure — 2,082 — was quite a bit higher)…

    From page 2 of the 2010 report, I find this interesting:

    …In 2010, the FBI made 24,287 NSL requests (excluding requests for subscriber infomation only) for information concerning United States persons. These sought information pertaining to 14,212 different United States persons

    (My Bold)

  4. skdadl says:

    Sorry to be AWOL, also OT so early, but there’s an ISI/Pakistan connection here:

    Ontario Court of Appeal has dismissed the US gov’s appeal of a decision by a lower court not to extradite Abdullah Khadr to the US: LINK The appeal was taken forward by Canada’s attorney general (nudged on, no doubt, by Stephen Harper).

    Abdullah is the Khadr who the US paid the ISI to kidnap and torture for a year. Under some pressure here, the Cangov brought him back, but there may have been some fishy under-the-table agreement that he would then be handed over to the US. Long story, not to be confused wi Omar nor with Abdurahman, the “Abdul” Khadr of the #gitmofiles whose file contains the wrong pdf.

    I wouldn’t be surprised to see Harper’s government appeal this to the SCC, but our judges are making it fairly clear that they don’t like torture or violations of people’s human or Charter rights. Haven’t finished, but an interesting read.