The Pentagon plans to reinforce existing policies on access to classified information in the aftermath of a massive data leak for which a junior enlisted airman has been arrested.
Defense Secretary Lloyd Austin has approved the findings of a 45-day review into all security programs, policies, and procedures regarding classified information that he ordered in April following the arrest of Airman 1st Class Jack Douglas Teixeira.
Teixeira is accused of sharing classified information on private Discord servers on a variety of sensitive subjects, including documents showing that the U.S. government was able to provide Ukraine with intelligence about Russian attacks before they took place. Other documents strained U.S. relations with South Korea and Israel.
The Defense Department’s review into classified information is separate from ongoing law enforcement and Air Force investigations into the data breach, a senior defense official told reporters on Wednesday.
The review will result in several measures that are meant to clarify any ambiguity about what constitutes a reportable violation of Defense Department policies on how classified information should be handled, the official said during a news briefing.
Subscribe to Task & Purpose Today. Get the latest military news and culture in your inbox daily.
“An example that we have discussed in this is whether or not Top Secret Control Officers are required,” the senior defense official said. “Our public facing policy says that they’re optional, but then for different classifications you have to have different control officers. Then, if you get into what is a reportable offense and who you have to report it to, some of that is also, I think, confusing, if you are a local level security manager, managing a joint unit. For example: Who do you report it to, how do you do all that?”
In a June 30 memo, Austin ordered defense officials to issue guidance to enhance accountability and control of Top Secret information, including a requirement to appoint Top Secret Control Officers.
Austin also ordered Defense Department component heads who are not part of the intelligence community to explain why their personnel need access to Sensitive-Compartmented Information, the memo says.
Austin has also ordered that the Defense Department’s chief information officer help to develop plans for a Joint Management Office for Insider Threat and Cyber Capabilities that would be in charge of overseeing user activity monitoring and improving efforts to monitor threats across Defense Department networks, the memo says.
The recent data breach has raised questions about why Teixeira, who was serving as a cyber transport systems journeyman with the Massachusetts Air National Guard at the time of his arrest, had so much access to classified information that was unrelated to his job.
Prosecutors have accused Teixeira of gleaning classified information from the Joint Worldwide Intelligence Communications System, or JWICS, a Defense Department database, according to court documents.
In excerpts of social media chat logs, Teixeira allegedly boasted “I am on JWICS weekly” and “All of the s—t I’ve told you guys I’m not supposed to,” court records show.
Prosecutors also claim Teixeira’s superiors at the 102nd Intelligence Wing repeatedly gave Teixeira verbal and written warnings for mishandling classified information, according to court documents. In one incident, Teixeira was seen taking notes while in a Sensitive Compartmented Information Facility and then putting the notes in his pocket, according to court records.
Two commanders with the 102nd Intelligence Wing were suspended in April pending the outcome of an Air Force Inspector General Investigation.
It is possible Teixeira leaked classified documents for more than a year before he was arrested. Shortly after Russia’s full-scale invasion of Ukraine in February 2022, a Discord user whose profile matched Teixeira’s began sharing classified information, the New York Times first revealed.
As a result of the review, defense officials are required to make sure Sensitive Compartmented Information Facilities, or SCIFs, meet all existing requirements, Austin’s June 30 memo says. That includes ensuring every SCIF has been reported to the Office of the Director of National Intelligence so that it can be included in a database.
Additionally, the Defense Department will issue guidance to make sure everyone who uses a SCIF or Special Access Program Facility leaves personal or portable electronic devices outside, the memo says.
Austin has also ordered defense officials to come up with “a phased approach to increase accountability, manage access, and increase security to classified data.”
But that does not mean the Defense Department is looking to limit who has access to JWICS, the senior defense official told reporters on Wednesday.
“We are looking to ensure that we have the right need to know procedures to ensure that the information that is available on classified networks is accessed by those with a need to know,” the official said.
The latest on Task & Purpose
- We salute the USS Chung-Hoon for flying its battle flag on the way back to port
- The New Yorker makes a joke of the Army’s tactical bra. It’s not
- The Army’s yearslong fight over its controversial new fitness test isn’t over yet
- Army names finalists in race to replace M2 Bradley Fighting Vehicle
The A-10 is retiring and the Air Force has no close air support replacement