NSA seeks to open classified network to allies

The National Security Agency is working to open classified Defense Department communications networks to key allies, a move that the U.S. intelligence community has resisted for years, according to an internal NSA briefing presentation obtained by Government Executive.

NSA and Defense plan to open a classified network known as the Secret Internet Protocol Router Network (SIPRNet), to a small pool of trusted allies, including Australia, Canada, the United Kingdom and New Zealand, according to PowerPoint briefing slides dated April 27, 2007, and prepared by NSA's Office of Assured Information Sharing Technologies and Products.

SIPRNet, a closed system with no access to the Internet, is the primary means by which commanders communicate secret military strategies worldwide. It hosts a wide range of applications and systems, including classified e-mail and search capabilities. Core Defense systems, such as the Global Command and Control System and the Defense Message System, run over SIPRNet. Classified portals, such as Defense Knowledge Online and Army Knowledge Online, both of which serve as jumping-off points to classified military databases, also are hosted on SIPRNet.

Military and security analysts said the move to open the secret network to allies is a significant but necessary step to cement military partnerships with those countries, which have engaged in operations in Afghanistan and Iraq and have participated in maritime patrols in the Pacific.

"Warfare has become more coalition-centric, and more than ever we need to trust and rely on our partners," said Bernie Skoch, a consultant with Suss Consulting in Jenkintown, Pa.. Skoch, a retired Air Force brigadier general whose experience in military communications includes a stint as director of customer advocacy at the Defense Information Systems Agency, said NSA's plans represent "a significant change in the management of the SIPRNet."

For years, the four countries listed in the NSA briefing, along with other U.S. allies, have petitioned Defense to open SIPRNet to them so that they could have access to classified information they believed would help their militaries better coordinate operations with the United States. The Pentagon has resisted these requests.

"Foreign access to SIPRNet is, quite understandably, very limited," according to a document on the NATO Parliamentary Assembly Web site that explains how information technology is transforming warfare. "Only America's closest allies, the British and Australians, were granted access, albeit temporary and limited, in certain joint missions . . . .. … In some cases in Iraq, the British could not even see or copy intelligence data gathered by British operatives themselves, when it fused with the Americans' own data stored on the SIPRNet …."

But broadening access has its engineering challenges, said Skoch. Because SIPRNet has no access to the Internet, it has remained free of the cyberattacks that plague Defense's unclassified network -- called the Non-classified Internet Protocol Network, or NIPRNet -- which does connect with the Internet.

Allowing allies access to SIPRNet involves weighing the risks of cyberattacks and unauthorized users gaining access to classified information against the military benefits of sharing the information, Skoch said. In this case, he said, the benefits are "equally significant" to the risks.

Information sharing is an essential ingredient to any close partnership, said Alan Paller, director of research at the SANS Institute, a security training and certification organization in Bethesda, Md., which trains federal information security officials. The biggest obstacle to opening the SIPRNet to allies, Paller said, will be to "do so in a way that doesn't give away the jewels."

The briefing slides outline the strategy to obtain approval for opening SIPRNet, recommending that NSA leverage its position on the Defense Information Systems Flag Panel -- whose membership includes admirals, generals and civilian Senior Executive Service leaders in all four military services -- to change the policy. NSA intends to brief senior Defense leadership, ask for their approval and then work with DISA on the technical details, according to the briefing.

NSA did not respond to queries for comments on this article. The NSA public affairs office asked Government Executive not to run any article based on the briefing slides, which were marked unclassified, "For Official Use Only."