ASPEN, CO. — The Defense Department has begun requiring its geeks to operate in pairs when accessing highly classified information in order to stop the next massive leak. The next step might be restricting those systems administrators from seeing some sensitive data. The step after that? Possibly rolling back at least some of the military and intelligence community's measures to swap information -- a reversal of one of the national security state's key reforms after 9/11.
The damage control procedures are being put in place anywhere in DOD where there are "systems administrators with elevated access" to highly classified intelligence, Deputy Defense Secretary Ashton Carter said Thursday. These two-person rules along with procedures calling for increased compartmentalization of sensitive intelligence will be put in place at the "huge repositories where we have all this stuff," added Carter, referring to massive amounts of classified intelligence materials being stored on DOD servers.
"Job one for us has to be defending our own networks and this is a failure to defend our networks," said the Pentagon's number two official during a speech at the Aspen Security Forum in Colorado this morning. The NSA failed to protect itself from "an insider, and everybody who has networks knows that the insider threat is an enormous one."
The DOD is now working to restrict access to highly classified information to only people who work on programs involving that information as well as requiring a buddy system for anyone accessing extremely sensitive information on DOD networks.
Carter compared this to efforts taken to keep U.S. nuclear weapons safe from sabotage or theft.
"Nobody ever touches a nuclear weapon all by him or herself, there are always two people rated in the same specialty so that everybody can see and understand exactly what is being done with that weapon," said Carter.
With Snowden, "we had a case where a single person at one installation in the Intelligence Community could have access to, and moreover, move that much information -- both of those pieces are mistaken and have to be corrected," said Carter.
Carter put the blame for Snowden's access to highly classified NSA intelligence programs partially on the intelligence community's push to share intelligence between teams and agencies in the fight against terrorism. That failure to "connect the dots" on the 9/11 plot was largely blamed on these agencies' reluctance to swap sensitive data.
"In an effort for those in the intelligence community to be able to share information with one another there was an enormous amount of information concentrated in one place," said Carter. "That's a mistake."
This information Snowden accessed wasn't compartmentalized enough, according to Carter. Data on classified projects was accessible to people who weren't working on those efforts. Traditionally, intelligence agencies restricted access to highly classified information, even within their own organization, to only those who needed to know about it.
"We normally compartmentalize information for [a] very good reason; so that one person can't compromise a lot," he added, noting that the risks posed by parking enormous amounts of intelligence in one place didn't come as a "surprise."
The other key enabler for Snowden was that "you had an individual who had very substantial authority to access that information and move that information; that oughtn't be the case, either," said Carter. "We're acting to reverse both of those things. It's quite clear that those are the two root causes."
PAUL J. RICHARDS/AFP/Getty Images