DOD systems block feds from reading about NSA leaks

Image of Classified Key

Leaked National Security Agency documents on classified programs have garnered a lot of attention lately, but feds and contractors are not reading about them on any of the Department of Defense's unclassified networks.

As it did in 2010 during the Wikileaks saga, DOD is using automated software to block web pages that could contain classified information, like the PowerPoint slides first published by The Guardian and Washington Post that depict the NSA's PRISM program.

That DOD can filter and block content for its employees, service members and contractors has been public knowledge since at least 2010 when Wikileaks began revealing classified cables to the world. But media reports in late June initially claimed that some agencies within DOD were blocking access to specific websites of certain news outlets. Those were followed by more reports – including a story from The Guardian, which first broke the NSA story – that claimed only content from the Guardian website was being blocked.

DOD spokesman Damien Pickard, however, told FCW that such reports are inaccurate, and emphasized that all of DOD's unclassified networks – millions of computers – are under the same preventative measures to mitigate unauthorized disclosures of classified information.

"The Department of Defense is not blocking any websites," Pickart said. "We make every effort to balance the need to preserve information access with operational security; however there are strict policies and directives in place regarding protecting and handling classified information. Until declassified by appropriate officials, classified information – including material released through an unauthorized disclosure -- must be treated accordingly by DOD personnel."

DOD networks make use of software that scans sites for potential malware threats or content concerns through keyword and other filters. Any website flagged by the system that could contain classified information is blocked to users "so long as it remains classified," Pickart said.

The measure is a department-wide directive. While the automated filters are not entirely failsafe, they mostly do what they are designed to do: Keep feds from viewing classified information before it is officially declassified, even if widely reported in the media. It is not clear, though, whether employees found intentionally accessing classified information on DOD's unclassified networks would face consequences, or what those consequences would be.

Pickart said it is costly when classified information is accessed on unclassified DOD networks because policy dictates unclassified computers must be scrubbed of unauthorized or classified material. A single viewing of the PRISM images, for instance, could require an IT team response -- and might even merit a computer's entire hard drive being wiped.

About the Author

Frank Konkel is a former staff writer for FCW.

Cyber. Covered.

Government Cyber Insider tracks the technologies, policies, threats and emerging solutions that shape the cybersecurity landscape.


Reader comments

Mon, Jul 22, 2013

All of you folks that are gaily spouting off about how wrong it is that people aren't allowed to access information on the web from their computers at work obviously don't work for the government. I learned about Waste, Fraud, and Abuse in my first training class before I was even allowed to touch a government owned system. While employees of the commercial sector may be able to surf to whatever they want, and mix work with personal activities on the computer their job provides them, that is not acceptable on a government machine. A lot of people sit with bated breath to catch a government employee doing personal, non-work related tasks on their tax payer funded computer, so that they can prove how those that work for the government abuse the tax money that pays their bills and funds their work. Browsing to (as an example) wikileaks and perusing the information there may constitute a breach of information security rules, but it most certainly constitutes a violation of most waste, fraud, and abuse policies. So, no. Military personnel, as well as pretty much every other branch of the government, have no business even visiting the site, much less downloading classified information from such a site, from their job provided computers. If they want to do so, it should be done on non-government owned systems, off the clock. And yes, this was sent from a personally owned computer.

Mon, Jul 22, 2013

I work for the Navy and we were told that it would be considered a security violation of we accessed this information on our home computers; though I doubt many people would turn themselves, or their families, in. I asked if we needed to bring in our paper copies of the Washington Post to be properly to be properly destroyed, but never did get an answer.

Sat, Jul 20, 2013

they truely are NOT in the real physical world where humans are!

Fri, Jul 19, 2013

A key question is whether their software blocks access to all articles relating to the leaks or only to the information therein which is classified. If the DOD is attempting to prevent its members from knowing what their government (the one they are putting their lives on the line for) is doing, it would seem that such censorship could be used to deprive members of the armed forces of the knowledge necessary to conclude that an order which involved a violation of the law or the constitution was not a valid as it was not a lawful order. Given the questions which have arisen about the illegal and apparently politically actions of the IRS, is there reason to believe that the DOD could not also be used for a political agenda by restricting the troops access to knowledge of current events?

Fri, Jul 19, 2013 tech-lurker New York, NY

...and this is why the archaic data classification system used by the Feds is so woefully inadequate. If properties of the data itself -- such as where it is stored, or in this case, whether it has already been publicly disclosed - cannot be taken into consideration when managing access, then we're going to continue tun into this ridiculous wasting of public resources, rather than addressing real security.

Show All Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group