NSA seeks to open classified network to allies

The National Security Agency is working to open classified Defense Department communications networks to key allies, a move that the U.S. intelligence community has resisted for years, according to an internal NSA briefing presentation obtained by Government Executive.

NSA and Defense plan to open a classified network known as the Secret Internet Protocol Router Network (SIPRNet), to a small pool of trusted allies, including Australia, Canada, the United Kingdom and New Zealand, according to PowerPoint briefing slides dated April 27, 2007, and prepared by NSA's Office of Assured Information Sharing Technologies and Products.

SIPRNet, a closed system with no access to the Internet, is the primary means by which commanders communicate secret military strategies worldwide. It hosts a wide range of applications and systems, including classified e-mail and search capabilities. Core Defense systems, such as the Global Command and Control System and the Defense Message System, run over SIPRNet. Classified portals, such as Defense Knowledge Online and Army Knowledge Online, both of which serve as jumping-off points to classified military databases, also are hosted on SIPRNet.

Military and security analysts said the move to open the secret network to allies is a significant but necessary step to cement military partnerships with those countries, which have engaged in operations in Afghanistan and Iraq and have participated in maritime patrols in the Pacific.

"Warfare has become more coalition-centric, and more than ever we need to trust and rely on our partners," said Bernie Skoch, a consultant with Suss Consulting in Jenkintown, Pa.. Skoch, a retired Air Force brigadier general whose experience in military communications includes a stint as director of customer advocacy at the Defense Information Systems Agency, said NSA's plans represent "a significant change in the management of the SIPRNet."

For years, the four countries listed in the NSA briefing, along with other U.S. allies, have petitioned Defense to open SIPRNet to them so that they could have access to classified information they believed would help their militaries better coordinate operations with the United States. The Pentagon has resisted these requests.

"Foreign access to SIPRNet is, quite understandably, very limited," according to a document on the NATO Parliamentary Assembly Web site that explains how information technology is transforming warfare. "Only America's closest allies, the British and Australians, were granted access, albeit temporary and limited, in certain joint missions . . . .. … In some cases in Iraq, the British could not even see or copy intelligence data gathered by British operatives themselves, when it fused with the Americans' own data stored on the SIPRNet …."

But broadening access has its engineering challenges, said Skoch. Because SIPRNet has no access to the Internet, it has remained free of the cyberattacks that plague Defense's unclassified network -- called the Non-classified Internet Protocol Network, or NIPRNet -- which does connect with the Internet.

Allowing allies access to SIPRNet involves weighing the risks of cyberattacks and unauthorized users gaining access to classified information against the military benefits of sharing the information, Skoch said. In this case, he said, the benefits are "equally significant" to the risks.

Information sharing is an essential ingredient to any close partnership, said Alan Paller, director of research at the SANS Institute, a security training and certification organization in Bethesda, Md., which trains federal information security officials. The biggest obstacle to opening the SIPRNet to allies, Paller said, will be to "do so in a way that doesn't give away the jewels."

The briefing slides outline the strategy to obtain approval for opening SIPRNet, recommending that NSA leverage its position on the Defense Information Systems Flag Panel -- whose membership includes admirals, generals and civilian Senior Executive Service leaders in all four military services -- to change the policy. NSA intends to brief senior Defense leadership, ask for their approval and then work with DISA on the technical details, according to the briefing.

NSA did not respond to queries for comments on this article. The NSA public affairs office asked Government Executive not to run any article based on the briefing slides, which were marked unclassified, "For Official Use Only."

Stay up-to-date with federal news alerts and analysis — Sign up for GovExec's email newsletters.
FROM OUR SPONSORS
JOIN THE DISCUSSION
Close [ x ] More from GovExec
 
 

Thank you for subscribing to newsletters from GovExec.com.
We think these reports might interest you:

  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

    Download
  • Cyber Risk Report: Cybercrime Trends from 2016

    In our first half 2016 cyber trends report, SurfWatch Labs threat intelligence analysts noted one key theme – the interconnected nature of cybercrime – and the second half of the year saw organizations continuing to struggle with that reality. The number of potential cyber threats, the pool of already compromised information, and the ease of finding increasingly sophisticated cybercriminal tools continued to snowball throughout the year.

    Download
  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

    Download
  • GBC Issue Brief: The Future of 9-1-1

    A Look Into the Next Generation of Emergency Services

    Download
  • GBC Survey Report: Securing the Perimeters

    A candid survey on cybersecurity in state and local governments

    Download
  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.

    Download
  • eBook: State & Local Cybersecurity

    CenturyLink is committed to helping state and local governments meet their cybersecurity challenges. Towards that end, CenturyLink commissioned a study from the Government Business Council that looked at the perceptions, attitudes and experiences of state and local leaders around the cybersecurity issue. The results were surprising in a number of ways. Learn more about their findings and the ways in which state and local governments can combat cybersecurity threats with this eBook.

    Download

When you download a report, your information may be shared with the underwriters of that document.