Strategy Page looks at the mechanic that PFC Bradley Manning is reported to have used to grab copies of all the information now being released by WikiLeaks:
A bit late, the U.S. military has finally forbidden the use of all removable media (thumb drives, read/write DVD and CD drives, diskettes, memory cards and portable hard drives) from SIPRNet. Thumb drives had earlier been banned. The motivation for this latest action was Wikileaks, which obtained hundreds of thousands of secret American military and diplomatic documents from a U.S. soldier (PFC Bradley Manning). As an intel specialist, Manning had a security clearance and access to SIPRNet (Secret Internet Protocol Router Network). This was a private Department of Defense network established in 1991, using Internet technology and able to handle classified (secret) documents. But Manning got access to a computer with a writable CD drive, and was able to copy all those classified documents to a CD (marked as containing Lady Gaga tracks) and walk out of his workplace with it. The big error here was having PCs available with writable media. You need some PCs with these devices, but they should be few, and carefully monitored. Normally, you would not need to copy anything off SIPRNet. Most of the time, if you want to share something, it’s with someone else on SIPRNet, so you can just email it to them, or tell them what it is so they can call it up themselves. A network like SIPRNet usually (in many corporations, and some government agencies) has software that monitors who accesses, and copies, documents, and reports any action that meets certain standards (of possibly being harmful). SIPRNet did not have these controls in place, and still does not on over a third of the PCs connected.
Just like their civilian counterparts, soldiers have been very eager to get and keep connected, both for personal and professional reasons. Data not shared can’t be useful.
For the last decade, the Pentagon has had increasing security problems with its internal Internet networks. The Department of Defense has two private Internets (using Internet technology, but not connected to the public Internet). NIPRNet is unclassified, but not accessible to the public Internet. SIPRNet is classified, and all traffic is encrypted. You can send secret stuff via SIPRNet. However, some computers connected to SIPRNet have been infected with computer viruses. The Pentagon was alarmed at first, because the computers only used SIPRNet. As a result, they did not have any anti-virus software installed. It turned out that worm type hackware was the cause of infection, and was installed when someone used a memory stick or CD, containing the worm, to work and, well, you know the rest.
[. . .]
It’s easy for troops to be doing something on SIPRNET, then switch to the Internet, and forget that they are now on an unsecure network. Warnings about that sort of thing have not cured the problem. The Internet is too useful for the troops, especially for discussing technical and tactical matters with other soldiers. The army has tried to control the problem by monitoring military accounts (those ending in .mil), but the troops quickly got hip to that, and opened another account from Yahoo or Google, for their more casual web surfing, and for discussions with other troops. The Internet has been a major benefit for combat soldiers, enabling them to share first hand information quickly, and accurately. That’s why the troops were warned that the enemy is actively searching for anything G.I.s post, and this stuff has been found at terrorist web sites, and on captured enemy laptops. In reality, information spreads among terrorists much more slowly than among American troops. But if soldiers discuss tactics and techniques in an open venue, including posting pictures and videos, the enemy will eventually find and download it. The terrorists could speed up this process if they could get the right hackware inside American military computers.
