Losing the battle, one classified message incident at a time

Published Jan. 13, 2010
By Capt. Jason Waldman
21st Operations Support Squadron

PETERSON AIR FORCE BASE, Colo. -- Imagine for a moment that it is early 1940s, the United States is engaged in conflict with several adversaries around the world and concerns about national security have intensified. With German and Japanese submarines patrolling off U.S. coasts, great emphasis was placed on educating servicemembers and civilians on the need for secrecy concerning military matters, especially troop movements.

Central to maintaining national security was the Office of War's Careless Talk Campaign to limit chatter about the war in America's public and private arenas. Silence meant security. Soldiers and Sailors were directed to not disclose specific information related to operations when writing letters or communicating with their friends and family. All throughout the civilian industrial and business sectors were placards with eye catching designs and colors reminding the American people of the significance of protecting information. Slogans like "Loose Lips Might Sink Ships" and "Defense in the Field Begins in the Factory" were commonly used under the campaign and even encouraged a mild but healthy paranoia among a broader population.

Leap forward to present day where our fast-paced society can instantly communicate all around the world with the click of a button. Information is available through cyberspace when and where needed, and we are instantly more informed now than any other period in history. Unfortunately with this rapid capability is an ever-growing vulnerability to our national security. Our networked systems have become "weapons systems" that not only enable friendly maneuver through cyberspace, they potentially expose our warriors to those around the globe who wish to harm us.

The responsibility for properly operating these systems belongs not just to network administrators, but each individual user. Gen. Kevin Chilton, United States Strategic Command commander, is responsible for protection on all military networks.

"Every Soldier, Sailor, Airman and Marine is on the front line of cyber warfare every day," he said. "Think about those who guard your bases, who stand there at the gate and make sure only the right people come in and keep the wrong people out. In cyberspace that role belongs to anyone who has a computer on his or her desk."

Information protection is more critical now than ever. Unlike the localized weapons engagement zone of a conventional bomb or missile, cyberspace effects can be global. With the click of a mouse, information can be sent to numerous users around the world. If the information sent is classified and sent over unclassified means, the collateral result is a classified message incident, or CMI, that can easily spread at the speed of light. Our nation's most sensitive information can quickly proliferate in moments when forwarded from one user to another and could end up in the hands of an adversary.

When CMIs materialize and information is sent on an unclassified means or released to individuals not cleared, it could result in loss of a capability, excessive man-hours to clean multiple networks, and more importantly, potential compromise of information critical to our nation's security.

Cleaning up a CMI detracts from our mission of defending our nation from external threats. When the communications focal point teams are notified of a CMI, they immediately stop their primary job of maintaining base-wide networks, and quickly employ actions to mitigate further release of the classified information. Once they validate the information warrants a CMI, unit client system administrators and the Peaknet Security Team lock out the affected accounts to prevent additional release of the information. While users are locked out, they lose mission productivity. This loss of productivity persists while involved users are interviewed and all affected servers and workstations are sanitized.

This includes collecting any Blackberries that were involved and turning them in for destruction. There currently is no way to completely sanitize a Blackberry, so infected units must immediately be destroyed. The process to clean a "loose click" results in vast amounts of time and treasure. In 2009, Peterson Air Force Base processed more than 60 CMIs affecting 704 users, including 106 Blackberries. Technicians spent more than 5,000 man-hours and more than $1.5 million working CMIs on the Front Range. The result was $1.5 million taken away from other critical mission and quality-of-life programs that can equip our Air Force and its family members for success and comfort.

"The costs go beyond dollars and cents, and more critically, include lost and/or exploited information that could be used against us in the future to inhibit our actions, interdict our operations, or put us in a position to be less effective in the other domains beyond cyberspace," General Chilton said.

As military and civilian professionals with access to large amount of networks and operating systems, we all have a responsibility to ensure the information we are processing or sending is cleared for the system we are using and the individual receiving the information is cleared to that level as well. It is the sender's responsibility to maintain situational awareness of what system they are using and to verify the classification of the information prior to processing or distributing. When processing classified information, a user should always review applicable security classification guides for the information they are working. It is always better to spend a few extra moments to think and verify classification requirements up front than find out later the information exchange resulted in a timely, costly and risky CMI.

Information superiority has always been critical to achieving our military objectives and ensuring our national security. We live and operate in an information age, and information protection from those who would threaten the United States and its interests is now more critical than ever. We must ensure we take the necessary actions to protect our information so our CMIs are not the modern-day 'loose lips' that sink ships and threaten our security.