recommended reading

Pentagon Spent Millions to Counter Insider Threats After WikiLeaks Fiasco

Pfc. Bradley Manning allegedly downloaded classified files from military networks and leaked them to the anti-secrecy website WikiLeaks.

Pfc. Bradley Manning allegedly downloaded classified files from military networks and leaked them to the anti-secrecy website WikiLeaks. // Patrick Semansky/AP

Since 2010, when Pfc. Bradley Manning allegedly downloaded classified files from military networks and leaked them to the anti-secrecy website WikiLeaks, the Pentagon has paid millions of dollars for technology designed to protect networks against insiders intent on leaking sensitive data -- the kind of activities former National Security Agency contractor Edward Snowden claims to have done in releasing classified files on the agency's spying operations.

NSA, which is part of the Defense Department, doesn't appear to have enabled those protections, despite earlier Pentagon assertions the technology was rolled out departmentwide.

The Host-Based Security System, launched in 2010, prevents the use of removable storage devices such as CDs and thumb drives on Defense Department networks. An NSA information technology official, who left the agency in the summer of 2012, said that at that time, HBSS was not installed

Between 2010 and early 2013, the military had spent at least $12 million on core implementation contracts, according to budget analysts. Going forward, the Defense Information Systems Agency, which provides IT support throughout the department, is expected to pay about $1.3 million annually for software licenses, said Ray Bjorklund, founder of BirchGrove Consulting.

Snowden, an NSA system administrator working for Booz Allen Hamilton until he was fired last month, allegedly transferred to a thumb drive classified information about how the agency tracks domestic call data and foreigners' Internet activities. 

"There's usually a collaboration between DISA and NSA on net security technologies," Bjorklund said, but "NSA may have been responsible for funding its own implementation under the DoD directive."

In fall 2010, Defense officials directed military components to ban downloading information onto removable devices from the military's secret network, using technologies such as HBSS. 

The move came after Manning, who as a low-level intelligence analyst based in Iraq in early 2010, allegedly downloaded to a CD classified files about the wars in Iraq and Afghanistan to release publicly on the anti-secrets website WikiLeaks.

A December 2010 memorandum from the Committee on National Security Systems, an interagency group that sets national policy, advised Defense organizations to “begin using physical configuration, software settings, a capability such as a Host-Based Security System (HBSS) (a DoD capability designed to address exploit traffic on network hosts)" or any combination of those approaches "to disable all 'write' privileges," meaning downloads, "for all forms of removable media devices" on national security systems. 

By early spring 2012, most Defense organizations had activated the technology.

Federal spending databases indicate a slew of contractors, including General Dynamics, Northrop Grumman, and now BAE Systems were hired to deploy the McAfee-developed HBSS. Booz Allen does not appear to be on military's payroll for this particular project. 

HP, NCI Information Systems and SAIC are among the vendors that individual military departments have commissioned for HBSS services, according to the databases.

NSA declined to say whether the agency had installed or activated HBSS. 

Threatwatch Alert

Network intrusion / Software vulnerability

Hundreds of Thousands of Job Seekers' Information May Have Been Compromised by Hackers

See threatwatch report


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • It’s Time for the Federal Government to Embrace Wireless and Mobility

    The United States has turned a corner on the adoption of mobile phones, tablets and other smart devices, outpacing traditional desktop and laptop sales by a wide margin. This issue brief discusses the state of wireless and mobility in federal government and outlines why now is the time to embrace these technologies in government.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • A New Security Architecture for Federal Networks

    Federal government networks are under constant attack, and the number of those attacks is increasing. This issue brief discusses today's threats and a new model for the future.

  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

  • Software-Defined Networking

    So many demands are being placed on federal information technology networks, which must handle vast amounts of data, accommodate voice and video, and cope with a multitude of highly connected devices while keeping government information secure from cyber threats. This issue brief discusses the state of SDN in the federal government and the path forward.

  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.


When you download a report, your information may be shared with the underwriters of that document.