view counter

Insider threatU.S. pays growing attention to insider threats

Published 10 September 2013

Al Qaeda and other terrorist organizations have repeatedly sought to infiltrate the U.S. intelligence community by having supporters apply for intelligence jobs, according to a classified budget document. The U.S government investigates thousands of employees a year to make sure such infiltration does not happen. The CIA says that 20 percent of job applicants whose backgrounds raised questions had “significant terrorist and/or hostile intelligence connections.”

Al Qaeda and other terrorist organizations have repeatedly sought to infiltrate the U.S. intelligence community by having supporters apply for intelligence jobs, according to a classified budget document.

The U.S government investigates thousands of employees a year to make sure such infiltration does not happen.  The CIA says that 20 percent of job applicants whose backgrounds raised questions had “significant terrorist and/or hostile intelligence connections.” The Washington Post reports that Hamas, Hezbollah, and al Qaeda were often cited in this context, although the nature of the connections were not detailed in the classified documents  former NSA contractor Edward Snowden provided the Post.

The Post has reported that last year the NSA planned to launch at least 4,000 probes of abnormal staff activity after scrutinizing trillions of employee keystrokes at work. The anomalous behavior that raised red flags includes staffers downloading multiple documents or accessing classified databases not relating to their work with the government.

Millions of dollars have been spent to detect insider threats, yet none of the agencies tasked with detection was able to stop Edward Snowden’s copying of highly classified documents from multiple NSA databases. In response to the Snowden slip-up, an NSA spokeswoman said contractors like Snowden would not be engaged in the effort to reinvestigate 4,000 security clearances.

The Post notes that in 2010, before Snowden, Army Pfc. Bradley Manning released hundreds of thousands of military and diplomatic documents to WikiLeaks. After that incident, the intelligence community increased its attention to detecting of insider threats. President Obama’s national insider-threat policy issued in November 2012 defines the insider-threat problem as the risk of government insiders using their access to obtain government secrets in order to harm U.S. security. Such harm can be in the shape of “espionage, terrorism, [or] unauthorized disclosure of national security information, or through the loss or degradation of departmental resources or capabilities.”

In an attempt to share information about threats among various government agencies and track cyber plots, the NSA is creating a new database, code-named WILDSAGE. The database is a tool for cybersecurity centers to share information at the SECRET classification level, which is just a level below TOP-SECRET. Many consider the new database a security risk in the making, as having much information in one database will attract infiltration from groups the N.S.A is attempting to track down. In the case of Pfc. Manning, the State Department operated a share diplomacy database which hosted all SECRET-level cables made available to all intelligence agencies. Manning accessed the database while creating analytic intelligence reports in Iraq.

view counter
view counter