DOD systems block feds from reading about NSA leaks

Leaked National Security Agency documents on classified programs have garnered a lot of attention lately, but feds and contractors are not reading about them on any of the Department of Defense's unclassified networks.

As it did in 2010 during the Wikileaks saga, DOD is using automated software to block web pages that could contain classified information, like the PowerPoint slides first published by The Guardian and Washington Post that depict the NSA's PRISM program.

That DOD can filter and block content for its employees, service members and contractors has been public knowledge since at least 2010 when Wikileaks began revealing classified cables to the world. But media reports in late June initially claimed that some agencies within DOD were blocking access to specific websites of certain news outlets. Those were followed by more reports – including a story from The Guardian, which first broke the NSA story – that claimed only content from the Guardian website was being blocked.

DOD spokesman Damien Pickard, however, told FCW that such reports are inaccurate, and emphasized that all of DOD's unclassified networks – millions of computers – are under the same preventative measures to mitigate unauthorized disclosures of classified information.

"The Department of Defense is not blocking any websites," Pickart said. "We make every effort to balance the need to preserve information access with operational security; however there are strict policies and directives in place regarding protecting and handling classified information. Until declassified by appropriate officials, classified information – including material released through an unauthorized disclosure -- must be treated accordingly by DOD personnel."

DOD networks make use of software that scans sites for potential malware threats or content concerns through keyword and other filters. Any website flagged by the system that could contain classified information is blocked to users "so long as it remains classified," Pickart said.

The measure is a department-wide directive. While the automated filters are not entirely failsafe, they mostly do what they are designed to do: Keep feds from viewing classified information before it is officially declassified, even if widely reported in the media. It is not clear, though, whether employees found intentionally accessing classified information on DOD's unclassified networks would face consequences, or what those consequences would be.

Pickart said it is costly when classified information is accessed on unclassified DOD networks because policy dictates unclassified computers must be scrubbed of unauthorized or classified material. A single viewing of the PRISM images, for instance, could require an IT team response -- and might even merit a computer's entire hard drive being wiped.