TMCnet News
The US embassy cables: The leak: Caught in the net: The 'secret' US database to which millions have access(Guardian (UK) Via Acquire Media NewsEdge) How did such an enormous electronic database come into existence and then apparently be so easily leaked? The answer lies in the tag Sipdis that appears on each cable. It stands for secret internet protocol router network distribution, a mouthful to say but a neat solution to the chronic problem of big bureaucracies and how to share information easily and confidentially among large numbers of people worldwide. Siprnet is a worldwide US military internet system, kept separate from the ordinary civilian internet and run by the defence department in Washington. Since the terrorist attacks of September 2001, there has been a move by the US to link up separate archives of government information, in the hope that key intelligence no longer gets trapped in information silos or "stovepipes". An increasing number of US embassies were plugged into Siprnet in the last decade. In 2002, 125 embassies were on Siprnet; by 2005, there were 180. An internal guide for state department staff advises them to use the Sipdis designation only for "reporting and other informational messages deemed appropriate for release to the US government interagency community." The guide specifies a number of other channels for even more sensitive material including Nodis, Exdis, Roger and the Docklamp Channel (for communication between defence attaches and the Defence Intelligence Agency). Millions of US soldiers and officials have security clearance to view the cables. The US general accounting office (GAO) identified 3,067,000 people cleared to secret and above in a 1993 study. Since then, the size of the security establishment has grown appreciably. Another GAO report in May 2009 said: "Following the terrorist attacks on September 11 2001 the nation's defence and intelligence needs grew, prompting increased demand for personnel with security clearances." A state department spokesman refused to say yesterday exactly how many people had access to Siprnet. In theory there are built-in safeguards. Users are issued a username and a strong password which must be changed at least every 150 days. The user has to stay at the computer while logged on, logging off even to go to the toilet. Again in theory, any storage device connected to a computer with Siprnet access must be labelled secret and stored securely. If a personal device like an MP3 player is connected it can be confiscated. In practice, these multiple layers of security were relaxed to make the system as easy to use as possible. There have been suggestions that an alarm system to detect suspicious use of the network was suspended for US military personnel in Iraq after they complained it was inconvenient. The state department declined to comment on this but spokesman PJ Crowley said: "The defence department is reviewing all of their relevant procedures and taking appropriate action. In the interim, the state department has ensured that essential material reaches those who need it." Captions: Storage devices such as USB memory sticks, connected to PCs with Siprnet access, are supposed to be labelled 'secret' (c) 2010 Guardian Newspapers Limited. |