With all of the resources available to the US Government it’s hard to understand how a low level military analyst could download more than 77,000 sensitive files and walk out the front door. There are a couple of explanations for how this happened, but why it had to happen is another issue. In my opinion there were three situations that combined to cause this problem.
The first and most troubling issue is the misguided desire on the part of a “trusted” staff member to violate security procedures to make a political statement. Second is the issue of “over privileged” network credentials being provided to low level individuals within the Pentagon. Over privileged network credentials is a significant “blind spot” that plagues many organizations. This occurs when an IT Network Administrator copies an existing user profile and provides those rights to a new user. It’s fast and easy and very dangerous! If the copied profile provides access to confidential network resources or files, then someone with an agenda may be able to violate network security.
The third issue is the lack of adequate security on confidential documents. There is little doubt that the Military has up-to-date protection to keep the bad guys out of their network (let’s hope they do!!), but they obviously didn’t have the right level of protection against a disgruntled employee. Today, technology exists that permits an organization to remotely kill confidential documents should they be stolen or mistakenly exposed to the wrong audience. Persistent security applications such as Enterprise Digital Rights Management (EDRM) have been protecting confidential information for over 10 years. EDRM can eliminate the loss and exposure of sensitive information such as military files that were placed on the Wikileak site.
These security blind spots will continue to plague business and the government until senior management takes an active and aggressive role in mandating that “containers of information” are locked and secured from unauthorized individuals