Photo by Andreas Rentz/Getty Images.
President Obama is set to issue an executive order Friday aimed at closing the widespread security gaps exposed when WikiLeaks published hundreds of thousands of classified government documents last year.
The National Journal, which was given an advance copy of the order, reports that it makes individual federal agencies primarily responsible for safeguarding their information, and issues instructions on how to do so. It also includes provisions for internal psychological profiling in the form of an Insider Threat Task Force, which will ascertain whether those agencies handling classified information can, in the words of the Journal, "weed out the malcontents and people whose behavior suggest they cannot handle sensitive information appropriately."
The New York Times, first writing about the order Thursday night, reports that the move will "enshrine" many immediate fixes taken by the CIA, State Department, and Pentagon immediately after the first WikiLeaks release of documents the government believes Pfc. Bradley E. Manning obtained and leaked. This includes disabling computers to prevent the transfer of information on memory sticks, CD, or DVDs; monitoring classified computer systems for "suspicious behavior"; and halting the distribution of diplomatic cables over a classified email system. Additionally, individuals accessing unclassified networks (and, now, many classified networks) are issued a cyber ID, so supervisors can track their work.
The military has already begun analysis of classified network logs to find large data transfers and the use of classified information by those whose jobs don't relate to it.
Manning, under arrest since May 2010, is awaiting trial at a new medium-security facility in Fort Leavenworth, Kansas. Government prosecutors allege that he disguised the three batches of documents later given to WikiLeaks as Lady Gaga CDs in order to remove them from an Iraq military intelligence office.
As the Washington Post points out, the new order comes just in time for the Department of Homeland Security's National Cybersecurity Month, which apparently has been a thing for eight years now. Indeed, some initial criticism of the order focuses not on its intent, but on its timing. As Ravi Sandhu, executive director of the Institute for Cyber Security at the University of Texas at San Antonio told the Times: “The real surprise continues to be that relatively elementary procedures should have been in place and were not.”