The importance of compartmentalization in security

There are many facets surrounding the arrest of 21 year old Air National Guardsman, Jack Tiexeira, that would suggest run-of-the-mill hacking, but that would be misguided. So what went wrong in the chain of security that led to such a massive breach by such an inexperienced and alleged traitor to the intelligence community?

We’ve seen it before. Hackers score a big data deposit and then go on to brag about it to their colleagues, the hacker community and even across social media. Like young hip hop stars boasting about their conquests and money, it’s become almost cliche for young hackers to behave similarly – only, these boasts can go on to wreak havoc upon billion dollar companies or even the most powerful intelligence communities in the world.

By all appearances, Jack Tiexeira is not a hacker motivated by monetary gains and is unaffiliated with any known groups. His small gaming chat group on Discord, Thug Shaker Central, never appeared to benefit in any substantial way from his leaks except to boost their importance in their own minds. They boasted front row seats to highly confidential U.S. Intelligence reports, plans and projections pertaining to the war in Ukraine. And this data didn’t appear long after the body counts and battlefields were already reported. According to latest reports from the New York Times, classified data leaks began appearing in Discord as early as February of 2022. Sensitive data involving Ukrainian troop deployments and potential Russian targets were made visible all in an effort for this 21 year old IT technician to prove his worthiness to his chat group friends. So how did such a seemingly minor player in the game of global intelligence get access to such treasured information?

Jack Tiexeira held the title of cyber transport systems specialist at the Air National Guard airforce base in Massachusetts. He did not hold security clearance for the data that was allegedly leaked but as an IT tech, he did have indirect access to all kinds of classified information. Just like when we take our PC laptops in for repair, we provide the technician with a password so that they can freely move about our system without having to constantly ask us to enter in the password while they look in the other direction, IT specialists have clearances that allow them to access, networks, devices and even SCIFs (Sensitive Compartmented Information Facility).

SCIFs are physical spaces designed primarily for the communication of highly classified information. This communication often comes in the form of simple briefings from one individual to others, all with high level security clearances. Sometimes powerpoint-like projections are used, sometimes secured landlines are used and sometimes just oral reports are used to convey top secret details, but all of these methods are confined within the SCIF. SCIFs typically contain safeguards to detect devices entering into its confines as well as wireless transmissions that could be communicating to other sources outside the walls of the SCIF.

A security detail is posted to physically search for obvious contraband such as cell phones, cameras and tablets but also less invasive items such as smartwatches, wireless earbuds and MP3 players. This is because any device containing a wireless Bluetooth or Wi-Fi chip can be configured to record or transmit private communications with or without the user’s knowledge. In addition, malware can be planted and spread into nearby networks and devices so it is paramount for security to detect and intercept such electronic devices.

According to latest NYT reports, “At times, he appeared to be posting from the military base where he was stationed. In one conversation, he said he was about to enter an area where people with security clearance can access classified computer networks, known as a SCIF…” and at one point he writes, “The job I have lets me get privilege’s above most intel guys,”

The ability for one individual with limited security clearance to laterally move within a classified network is concerning to say the least. However, President Biden and his administration don’t seem too concerned about the leaks. In my recent interview with NY Post reporter Caitlin Doornbos, I expound on that notion further.

“Just the fact that US classified information was leaked could potentially lessen the flow of future classified intelligence sharing for fear of being leaked,” he said. “Downplaying the seriousness might be a smart political move in the short term but it sends the wrong message to US allies that will reverberate far beyond this current administration.”

As the CEO of a wireless security company and a cybersecurity expert, this story pushes all of my buttons. In my books and live presentations, I always stress layers of security or compartmentalization as the best method to keep hackers at bay. It’s the reason I also commissioned the development of several wireless products designed to improve detection and security audits performed regularly on SCIFs. Our products are currently in use by every Department of Defense agency, but what good are they if insider threats (even those who do not appear to be sophisticated hackers) are given the keys to the kingdom? When an individual is granted broad access to confidential data, it’s like using a cheat code in a video game. Everyone (except for one player) is at an enormous disadvantage and the entire system is at risk.

Safeguards that were not in place need to be and exploits like these, no matter how juvenile their motivations appear to be, need to be taken seriously. Unfortunately, that usually requires someone be made an example of. In this case, the perpetrator appeared to have been working alone so I expect to see substantial incarceration for this young man.