Maj. Gen. (Res. Ram Dor, Does Data Protection Help if Someone Is Determined to Leak?

'The rules of the game may have changed, because the motivation of someone who poses an internal threat is no longer spying, but a desire to show it to everyone.'

Maj. Gen. (res. ) Ram Dor retired from the Israel Defense Forces in 2009 after 25 years in Military Intelligence, mostly in operational positions. Among other jobs, he served as Central Command's chief intelligence officer; in his last position, he spent three years as head of the data protection department, which is responsible for protecting the military's secrets. Today he heads Rdeye, a company that advises other companies in the intelligence and data protection business.

Doesn't the recent disclosure of some 250,000 U.S. State Department documents on WikiLeaks make you feel as if censorship and data protection have become irrelevant?

"That is far from the truth. Such leaks make institutions like the censor's office and the data protection department very relevant. Secrecy is a crucial issue in many organizations and places. It begins in our heads - in people's memories - and runs through information systems and every physical means of storage, as well as physical sites where secrets are stored.

"The need for agencies that secure information in order to protect secrets becomes a constant concern in the face of both external and internal threats. There is a lot of criticism of the censor's office and sometimes it makes mistakes, but it is a very important tool in a state such as Israel."

Ram Dor
Gil Cohen-Magen

This case apparently involved an inside source: Pfc. Bradley Manning of the U.S. Army, who is the source of WikiLeaks' three big disclosures.

"This is a tangible example of the inside threat - someone inside the organization who disseminates information outside. Thus security agencies must maintain many layers of data protection. Certainly this is the case in Israel, and the Anat Kamm incident proves this. When it comes from within the organization and goes to the Israeli media, which is obligated by law to submit [articles] to the censor, the security damage is substantially limited, and therefore widespread leaking of classified information is avoided."

But if in the past, the difficulty was in getting a written document out of a military base, today it is possible with a keystroke to send thousands of documents all over the world.

"Dealing with the technological threat is far more complex, but data protection technology is progressing at the same speed - both in terms of preventing penetration from outside, via encryption and firewall programs, and in terms of protecting against internal break-ins. The technology enables us to harden computer networks, set rules forbidding the insertion of magnetic media other than those stipulated by the organization - something the IDF started doing four years ago - and create designated stations which are the only ones that can be used to remove information in an orderly manner, as well as electronic information systems that warn of attempts to remove information. Overall, the number of startup companies developing programs to attack computers is far lower than the number of startups working on data protection."

But all these systems also exist in the U.S., and Pfc. Manning nevertheless succeeded in leaking millions of documents.

"The facts speak for themselves. This was a failure. But it's impossible to evaluate America's level of data protection based on that. You can't say what motivates a person who gets up one morning and decides to disclose thousands of documents. Security systems can reduce such things to a minimum, but none of them can prevent it completely."

So you will not be surprised if, in another week, we discover that an Israeli soldier leaked hundreds of classified documents to WikiLeaks?

"It could happen in Israel, too, and many steps are taken so that it will not happen. But what happened with [Mordechai] Vanunu? For reasons that I cannot understand, he got up one morning and disclosed Israel's most confidential secrets to a foreign newspaper. An organization is not a machine. There are people who work there, and people don't start off their workday with a lie detector test. Lie detector tests are done when a person begins a sensitive job and periodically, every few years, thereafter, but there is no end to it. It could theoretically happen."

Once the concern was spying by a foreign agent. But today it seems the main threat is from organizations such as WikiLeaks, whose stated goal is to disclose information.

"Both spying from outside and spying from within can be motivated by greed, nationalistic reasons or radical views. In security circles, when you do security checks on people, you don't check their political views but their degree of stability or the extent of their extremism - where a person draws the line in his decision making. A security classification isn't determined solely on the basis of the question 'are you in contact with a foreign intelligence operative,' but by whether you are a stable person. That is how the internal threat is evaluated.

"You also look at behaviors and tendencies, such as those of the private who leaked the documents. There are five parameters. You check if there is a history of handing classified information to unauthorized persons, a connection to a foreign intelligence organization, serious crimes, psychological disturbances or drug use. All the questions asked relate to these factors. But it is important to stress that not everyone who ever tried hashish once or went to a psychologist will be denied a security clearance. Everything is examined according to the circumstances."

Aren't you concerned that all the discussion of WikiLeaks will make it fashionable? That tomorrow we'll see a trend of young soldiers trying to make classified information public?

"The rules of the game may have changed, because the motivation of someone who poses an internal threat is no longer spying, but a desire to show it to everyone. But this does not mean that tomorrow, lots of people will want to disclose their country's strategic secrets. I think this is an unusual incident; it doesn't seem to me like a trend. The Internet has been around since the early 1990s and countries have had an abundance of databases for over a decade. And we've been living in cyberspace for a good few years. But we haven't seen this happening a lot."

But now it seems that there is practically an ideology of disclosing classified information. It may catch on here, too.

"There is admittedly a trend toward exposure for reasons that can perhaps be described as humanitarian: to expose illegal activity seems to have some rationale. And the first leaks by WikiLeaks really related to such subjects. But when you look at the latest documents they disclosed, there's no statement being made here. Who does it serve? These are not leaks showing that prisoners are being tortured."

Is it nevertheless possible to improve data protection?

"Awareness is also an important element of security. Awareness starts with a child surfing the Internet who knows that he must not provide personal details to a person he does not know and ends with soldiers working on a computer in the army who should know what is not meant to be uploaded to their Facebook page."