Those who leak classified information are the target of a national “Insider Threat Awareness Month” being observed in September, according to the National Counterintelligence and Security Center, which warns that counterspies are stepping up efforts to address the problem both in government and private sector workplaces.

The center, itself a part of the Office of the Director of National Intelligence, has just announced it is joining the office of the Pentagon’s undersecretary for defense intelligence and security, the Defense Counterintelligence and Security Agency and the National Insider Threat Task Force for a month of training to identify problem leakers, whether they are spies for foreign powers or those leaking information to anti-secrecy groups and the media.

The month-long awareness effort seeks to educate officials in government and industry employees on the risks posed by insider threats. As with many names in government, the problem comes with its own acronym: InT, short for insider threat.

---

---

The program kicked off this month with a two-day international and intra-government conference in Washington that ended Thursday, with sessions on “Whole Person Insider Threat Assessment;” “Leveraging Data Quality & Behavior Analytics to Deliver Advanced [Counter]-InT Capabilities;” and “Leveraging Artificial Intelligence and Fundamental Human Behaviors to Revolutionize Insider Risk Management.”

Multi-disciplinary security teams are now on the hunt for leakers, saying they can do at the same time while respecting workforce privacy rights and civil liberties, the NCSC said in a statement.

The problem, they say, is worth the effort.

“All organizations are vulnerable to insider threats,” the center said. “An insider threat is anyone with authorized access who uses that access to wittingly or unwittingly harm an organization or its resources.”

The statement provides two examples of insider threat cases involving government officials charged with providing secrets to China and Russia. It made no mention of the loss of secrets from cases such as the leaks to the anti-secrecy group WikiLeaks or to the press.

Damage caused by insiders range from cyber disruptions to unauthorized disclosures of classified information. Other dangers include theft, sabotage and workplace violence, the statement said.

“Most insider threats exhibit concerning behavior prior to committing negative workplace events,” the statement said. “If identified early, many insider threats can be mitigated before harm occurs.”

Deter. Detect. Mitigate.

NCSC Director Michael Casey said anti-leak forces rally on an annual basis as a way to reenergize awareness of the problem and share ways to counter insider dangers.

“The theme of this year’s campaign is ’Deter. Detect. Mitigate,’” he said. “Organizations across government and industry continue to be victimized by insider threats with serious economic and national security implications, so it’s critical they take the time to engage their workforces on effective ways to deter, detect, and mitigate this persistent threat.”

The NCSC said organizations can deter leaks by implementing “organizational justice” to create a positive work environment. Signs of insider threats include attempts to elicit information about their organization through phishing, “vishing” (voicemail phishing) and “smishing” (phishing using text messages), the center statement said.

The NCSC announcement of the awareness month made no mention of leaks that did not involve foreign intelligence services. Instead, the center highlighted the cases of a former CIA officer who pleaded guilty to conspiracy to deliver defense information to China and an NSA employee who was sentenced to prison for attempting to send secrets to Russia.

A 2011 presidential executive order requires all federal agencies that handle classified information to set up insider threat programs. The order also created the national task force led by the attorney general and director of national intelligence.

Leaks of government information have been a constant problem for the government for decades and remain so despite the counter-programs put in place over the past 13 years. Secrets were disclosed from within several government agencies and the military, including the CIA, National Security Agency and State Department, most recently in the case involving the leak of highly classified information by Massachusetts Air National Guardsman Jack Teixeira.

Teixeira pleaded guilty in federal court last year to posting online a large number of highly classified intelligence reports and other documents he obtained while working at a Cape Cod air base.

Famous past cases of major leaks involving internal assessments include the massive cache of internal State Department documents given to WikiLeaks, and, perhaps most famously, NSA contractor Edward Snowden’s leak of some 1.7 million agency documents revealing numerous NSA foreign spying programs that were instantly rendered ineffective by tipping off the foreign governments that were targets.

Intelligence officials have said the Snowden case was especially shocking because NSA, among all the 17 U.S. intelligence agencies, was the most assertive in warning about insider threats only to be victimized by an insider.

The birth of the modern insider leak

Analysts trace the birth of the modern insider leak to 1971, when RAND Corporation analyst Daniel Ellsberg gave the New York Times a large stack of classified documents known as the Pentagon Papers. The 7,000 pages of secret documents revealed that President Lyndon Johnson and the Pentagon had secretly expanded military operations in the Vietnam War that were kept secret from the public.

A federal court initially blocked publication of the secret papers. But the Supreme Court later overruled the lower court saying the government had failed to justify restraint of publication.

The ruling opened the door to further disclosures of classified information.

Leaks of internal information come in two general varieties.

Inside information is deliberately disclosed to the public through reporters or other online platforms to expose alleged wrongdoing, usually by government agencies or officials. This has been dubbed the “whistleblower motivation.”

Other leaks are made in a bid to influence the outcome of internal government policy debates.

For example, Congress during the 1980s and 1990s was notorious for leaking top-secret presidential covert action programs opposed by some members who disagreed with the operations.

One of those disclosures was the covert action by the Reagan administration to provide Stinger missiles to Afghan rebels battling the Soviet Union in the 1980s.