Those who leak classified information are the targets of a national Insider Threat Awareness Month, according to the National Counterintelligence and Security Center, which warns that counterspies are stepping up efforts to address the problem in government and private-sector workplaces.
The center, part of the Office of the Director of National Intelligence, has announced it is joining the office of the Pentagon’s undersecretary for defense intelligence and security, the Defense Counterintelligence and Security Agency and the National Insider Threat Task Force for a month of training to identify problem leakers, whether they are spies for foreign powers or those leaking information to anti-secrecy groups and the media.
The awareness effort seeks to educate government officials and industry employees on the risks of insider threats, or InT for short.
The program started with a two-day international and intra-government conference in Washington that ended Thursday. Sessions included “Whole Person Insider Threat Assessment,” “Leveraging Data Quality & Behavior Analytics to Deliver Advanced [Counter]-InT Capabilities” and “Leveraging Artificial Intelligence and Fundamental Human Behaviors to Revolutionize Insider Risk Management.”
The NCSC said in a statement that multidisciplinary security teams can hunt for leakers while respecting workforce privacy rights and civil liberties.
The problem, it said, is worth the effort.
“All organizations are vulnerable to insider threats,” the center said. “An insider threat is anyone with authorized access who uses that access to wittingly or unwittingly harm an organization or its resources.”
The statement provides two examples of insider threat cases involving government officials charged with providing secrets to China and Russia. It did not mention the loss of secrets from cases such as the leaks to the anti-secrecy group WikiLeaks or the press.
Damage caused by insiders includes cyber disruptions and unauthorized disclosures of classified information. Other dangers include theft, sabotage and workplace violence, the statement said.
“Most insider threats exhibit concerning behavior prior to committing negative workplace events,” the statement said. “If identified early, many insider threats can be mitigated before harm occurs.”
Deter. Detect. Mitigate.
NCSC Director Michael Casey said anti-leak forces rally annually to reenergize awareness of the problem and share ways to counter insider dangers.
“The theme of this year’s campaign is ‘Deter. Detect. Mitigate,’” he said. “Organizations across government and industry continue to be victimized by insider threats with serious economic and national security implications, so it’s critical they take the time to engage their workforces on effective ways to deter, detect, and mitigate this persistent threat.”
The NCSC said organizations can deter leaks by implementing “organizational justice” to create a positive work environment. Signs of insider threats include attempts to elicit information about their organization through phishing, “vishing” (voicemail phishing) and “smishing” (phishing using text messages), the center statement said.
The NCSC announcement of the awareness month did not mention leaks that did not involve foreign intelligence services. Instead, the center highlighted the cases of a former CIA officer who pleaded guilty to conspiracy to deliver defense information to China and an NSA employee who was sentenced to prison for attempting to send secrets to Russia.
A 2011 presidential executive order requires all federal agencies that handle classified information to set up insider threat programs. The order also created the national task force led by the attorney general and director of national intelligence.
Leaks of government information have been a constant problem for decades and remain so despite the counter-programs implemented over the past 13 years. Secrets were disclosed from within several government agencies and the military, including the CIA, National Security Agency and State Department, most recently in the case involving the leak of highly classified information by Massachusetts Air National Guardsman Jack Teixeira.
Teixeira pleaded guilty in federal court last year to posting online highly classified intelligence reports and other documents he obtained while working at a Cape Cod air base.
Famous past cases of major leaks involving internal assessments include the massive cache of internal State Department documents given to WikiLeaks and, perhaps most famously, NSA contractor Edward Snowden’s leak of some 1.7 million agency documents revealing numerous foreign spying programs that were instantly rendered ineffective by tipping off the foreign governments targeted.
Intelligence officials have said the Snowden case was especially shocking because the NSA, among all the 17 U.S. intelligence agencies, was the most assertive in warning about insider threats only to be victimized by an insider.
The birth of the modern insider leak
Analysts traced the birth of the modern insider leak to 1971 when Rand Corp. analyst Daniel Ellsberg gave The New York Times a large stack of classified documents known as the Pentagon Papers. The 7,000 pages of secret documents revealed that President Johnson and the Pentagon had secretly expanded military operations in the Vietnam War.
A federal court initially blocked the publication of the secret papers, but the Supreme Court later overruled the lower court, saying the government had failed to justify restraint of publication.
The ruling opened the door to further disclosures of classified information.
Leaks of internal information come in two general varieties.
Inside information is deliberately disclosed to the public through reporters or other online platforms to expose alleged wrongdoing, usually by government agencies or officials. This has been dubbed the “whistleblower motivation.”
Other leaks are made in a bid to influence the outcomes of internal government policy debates.
During the 1980s and 1990s, Congress was notorious for leaking top-secret presidential covert action programs opposed by some members who disagreed with the operations.
One of those disclosures was the Reagan administration’s covert action to provide Stinger missiles to Afghan rebels battling the Soviet Union in the 1980s.
• Bill Gertz can be reached at bgertz@washingtontimes.com.
Please read our comment policy before commenting.