Diplomatic messages released Sunday (28th November 2010) by WikiLeaks have been traced to a United States defence department network and all federal agencies have been ordered to evaluate their configuration of classified government systems as a result.

This follows the Cablegate leaks of 251,287 confidential American diplomatic cables, thought to be potentially harmful to international relations by the White House.

Director of Office Management and Budget, Jacob Lew, has since ordered all federal agencies to conduct a full scale review of their information security procedures. Lew wrote in a memo that “any failure by agencies to safeguard classified information…is unacceptable and will not be tolerated”.

All agencies have been instructed to establish a security assessment team consisting of counterintelligence, security, and information assurance experts that will review their implementation of “procedures for safeguarding classified information against improper disclosures”.

Lew also directed agencies to scale back access to classified material, ensuring that users do not have broader access than is necessary. Also, his memo states that there ought to be “implementation of restrictions on usage of, and removable media capabilities from, classified government computer networks” — therefore removing the security loop holes that allow information to be downloaded and distributed.

The orders come after news that the confidential information was downloaded from SIPRNet (Secret Internet Protocol Router Network) — a technology similar to the internet and designed for exchange of information by US military and civilian personnel including overseas missions — by Bradley Manning, an intelligence analyst arrested in Iraq in June for an earlier information leak.

A former hacker, Adrian Lamo, claimed Manning said in online chats that he removed information by burning it onto a CD. Also, an online security system meant to detect suspicious use of SIPRNet was allegedly switched off on computers used by the US military in Iraq, reported the UK’s Guardian newspaper.

This calls into question security protocols and makes good of US intelligence analyst Catherine Lotrionte’s comment to the BBC News in July that data sharing was necessary for effective intelligence work and the risk of SIPRNet making data breaches easier was “the cost of doing business”.

This “cost of doing business” is now apparent in Manning’s easy access to information classified up to “secret level”.

Speaking at a university in Kazakhstan on Tuesday (30th November 2010), US Secretary of State, Hiliary Clinton, commented on WikiLeaks: “In the Internet age, it was (sic) difficult to balance freedom and responsibility.”

“It appears that access to certain information may have been too broadly defined,” Stephen Fletcher, State of Utah’s CIO, told FutureGov Asia Pacific. “In this case, a junior person was probably given more trust than warranted.”

Marked SIPDIS, embassy dispatches can be accessed not only by anyone in the state department, but also by anyone in the US military who has security clearance up to the ‘Secret’ level, a password, and a computer connected to SIPRNet — covering over three million people.

SIPRNet was set up in the 1990s and expanded post 9/11 so that classified information can be shared easily. The network’s goal was to have information silos broken down and failures of communication between intelligence agencies prevented.