Reporting from Washington — The latest disclosures by the WikiLeaks website have struck a blow against what many experts say was one of the key reforms to emerge from the Sept. 11, 2001, attacks: the push to widely share sensitive information among the massive intelligence bureaucracy.
Repercussions are already being felt. The State Department last week disconnected its cable traffic from the secure network used by the military, depriving military analysts of the best reporting on the political situations in their areas of operations. And the White House ordered a governmentwide review of information security "to ensure that users do not have broader access than is necessary to do their jobs effectively."
"It has certainly driven individuals in the intelligence community and beyond the intelligence community to at least reexamine information sharing," said Michael Leiter, director of the National Counterterrorism Center, warning last week of a chilling effect. "You, of course, run the risk … that information wouldn't be shared, [and] that would undermine our ability to disrupt attacks."
It's more than a risk — it's a certainty, according to Michael Hayden, who was CIA Director under President George W. Bush. "We are now going to begin to trade off potential physical safety for information security," he said in an interview. "We'll say we're not — we'll say we are keeping the lines open, and the right people will have access. But when you rejigger this, you never get it perfect."
Leiter's agency was created after Sept. 11 to help solve what was found to be one of the biggest impediments to stopping those attacks: the stovepipes and legal barriers that prevented the CIA, the FBI and many of the other 14 intelligence agencies from sharing what they knew. A revolution has occurred on that front, with agencies moving from granting access to information on the basis of "need to know" to a model of "need to share."
But many experts say the near success of last year's alleged Christmas Day bombing attempt by a Nigerian whose father had warned U.S. authorities about his extremism — a warning not properly acted on — pointed to shortcomings that still need to be addressed. And now there is momentum in the other direction.
"There's always this dilemma between compartmentation and sharing," Director of National Intelligence James Clapper said after the last WikiLeaks disclosure, of Afghanistan war logs, in October. "But I'll tell you, in this day and age with the hemorrhage of leaks in this town, I think compartmentation — appropriate, reasonable compartmentation — is the right thing to do."
Clapper, a retired Air Force general who has spent decades in the intelligence community, has been a booster of information sharing. But WikiLeaks, he said, would "have a very chilling effect on the need to share."
Intelligence community bureaucrats "have always been sort of anti-information-sharing," said James Lewis, who directs the technology program at the Center for Strategic and International Studies. "Every single person in the agencies is now saying, 'I told you so.'"
The post-Sept. 11 information sharing mandate, placed in law by Congress, led in part to the inclusion of the massive database of State Department cables on the system of military computer networks known as the Secret Internet Protocol Router Network, or SIPRNet. The cables are not top-secret, but some of them contain extremely sensitive information, as the recent disclosures have shown.
SIPRNet, launched in 1991, has mushroomed to the point that it is used by as many as half a million people or more, U.S. officials say. One of them was Army Pfc. Bradley Manning, who until early 2009 was an intelligence analyst with the 10th Mountain Division in Baghdad.
Manning, 23, has been charged with illegally downloading information, including State Department cables, and is being held at the Marine Corps base in Quantico, Va., awaiting military legal proceedings. His lawyer declined to comment.
The charges against Manning are terse, but Manning laid out some of the details of his account of online chats with a hacker, Adrian Lamo, which were published by Wired.com. In an interview with the Los Angeles Times, Lamo, who turned Manning in to authorities, confirmed the authenticity of the chats. Investigators took his hard drive with all of his copies, he said.
In the chats, Manning said he had carte blanche to view and download information from SIPRNet because soldiers were constantly using CDs and other media to transfer files among computers, and no one was watching.
"I would come in with music on a CD-RW labeled with something like ' Lady Gaga' … erase the music … then write a compressed split file. No one suspected a thing," Manning wrote. "It was a massive data spillage … facilitated by numerous factors … both physically, technically, and culturally."
Manning said he benefited from "Weak servers, weak logging, weak physical security, weak counter-intelligence, inattentive signal analysis … a perfect storm."
Normally, Pentagon officials say, workstations attached to SIPRNet do not allow for the physical removal of data. But the rules were different in war zones, officials said. Since the leak, the Pentagon has imposed a series of rules to close that gap.
Yet regardless of the security procedures, Rep. Peter Hoekstra of Michigan, the ranking Republican on the House Intelligence Committee, asked why a lowly private had access to reports of conversations between top U.S. officials and heads of state.
"How can it be that between 500,000 and potentially over a million government employees have access to a database of sensitive State Department cables?" he wondered.