Posted on Apr 14, 2023
Leaked Pentagon documents: Air National Guardsman arrested; Jack Teixeira expected in court...
2.64K
41
16
8
8
0
https://www.usatoday.com/story/news/politics/2023/04/13/u-s-airman-named-suspect-online-leak-top-secret-documents/ [login to see] /
Why did he have access to these? Did he have a need to know?
Why did he have access to these? Did he have a need to know?
Leaked Pentagon documents: Air National Guardsman arrested; Jack Teixeira expected in court...
Posted from usatoday.com
DOJ
Crime
Security
Air National Guard
Posted 1 y ago
Responses: 7
I'm sure additional details will come out as the investigation proceeds, but I'm annoyed with all the comments from the media talking head (not saying you're a media talking head Lt Col Charlie Brown!) ... "21 is too young for this sort of access!" ... "We've over 2 million people with access to this level of information!" ... "How could a part-time military members get access to all this?!"
As the majority of you know, the clearance of an individual in the military is mainly driven by occupational specialty or by position. In Mr. Teixeira's case it was his AFSC. I don't know exactly what his "day job" was other than I heard he was an IT contractor at the "local base" (pure SWAG on my part, but likely Otis Air National Guard base).
Everything I've read is that he is the classic "E" in MICE (A mnemonic device used for the four general motivations that could lead someone to commit treason, become an insider threat, or collaborate with a hostile agency or organization. It stands for Money, Ideology, Compromise, and Ego) as he wanted to "Show off his knowledge" to his friends in the chat group.
I've absolutely no evidence of this (completely my opinion), but he did not deal with this information on a daily basis and instead this is a result of the "M&M Defense" that is prevalent in government. The "M&M Defense" is where there are rigid barriers to get though in order to get 'inside', but once there many of those barriers become impediments to operational duty and go away (i.e., M&M - tough outer shell, soft insides).
In this case one of the biggest issues is that after 9/11 the intel community switched from an intelligence sharing model of "Need to Know" to "Need to Share".
The concept of "need to share" refers to the idea that information within the intelligence community should be shared as widely as possible to ensure that analysts have access to all relevant data. However, there are several issues associated with this concept and the one that seems to be specific to this situation is that in some cases, information should only be shared with individuals who have a legitimate "need-to-know". Sharing information more broadly could compromise security or put individuals in danger.
Again, PURE speculation on my part, but having lived in that community for my entire career, this sounds like a likely situation. As a 'Cyber guy' it is reasonable that he would have accounts on many of the classified data systems. In MANY of them, you can then access information just as easy as going to Google and typing in search commands (that "Need to Share" combined with the M&M defense). All it would take is for him to find the Pentagon's daily briefing.
-------------------------------------
* Air Force Cyber Transport - 3D1X2 - https://www.liveabout.com/air-force-enlisted-jobs-afsc-3d1x2-cyber-transport-3344234
As the majority of you know, the clearance of an individual in the military is mainly driven by occupational specialty or by position. In Mr. Teixeira's case it was his AFSC. I don't know exactly what his "day job" was other than I heard he was an IT contractor at the "local base" (pure SWAG on my part, but likely Otis Air National Guard base).
Everything I've read is that he is the classic "E" in MICE (A mnemonic device used for the four general motivations that could lead someone to commit treason, become an insider threat, or collaborate with a hostile agency or organization. It stands for Money, Ideology, Compromise, and Ego) as he wanted to "Show off his knowledge" to his friends in the chat group.
I've absolutely no evidence of this (completely my opinion), but he did not deal with this information on a daily basis and instead this is a result of the "M&M Defense" that is prevalent in government. The "M&M Defense" is where there are rigid barriers to get though in order to get 'inside', but once there many of those barriers become impediments to operational duty and go away (i.e., M&M - tough outer shell, soft insides).
In this case one of the biggest issues is that after 9/11 the intel community switched from an intelligence sharing model of "Need to Know" to "Need to Share".
The concept of "need to share" refers to the idea that information within the intelligence community should be shared as widely as possible to ensure that analysts have access to all relevant data. However, there are several issues associated with this concept and the one that seems to be specific to this situation is that in some cases, information should only be shared with individuals who have a legitimate "need-to-know". Sharing information more broadly could compromise security or put individuals in danger.
Again, PURE speculation on my part, but having lived in that community for my entire career, this sounds like a likely situation. As a 'Cyber guy' it is reasonable that he would have accounts on many of the classified data systems. In MANY of them, you can then access information just as easy as going to Google and typing in search commands (that "Need to Share" combined with the M&M defense). All it would take is for him to find the Pentagon's daily briefing.
-------------------------------------
* Air Force Cyber Transport - 3D1X2 - https://www.liveabout.com/air-force-enlisted-jobs-afsc-3d1x2-cyber-transport-3344234
The Specifics of Air Force Jobs in Cyber Transport
Here's an overview of the description and qualification criteria for Air Force AFSC 3D1X2, Cyber Transport Systems Specialist, who oversee cybersecurity.
(5)
(0)
Lt Col Charlie Brown
I think you nailed it with the EGO...
But I still think we've forgotten that it isn't enough to have the clearance, there is also the need to know factor and too many who are seeing things they have no need to know.
But I still think we've forgotten that it isn't enough to have the clearance, there is also the need to know factor and too many who are seeing things they have no need to know.
(3)
(0)
COL Randall C.
That is the delicate balancing act. Need to Share vs Need to Know.
If you go too far to one side and lock down everything unless there's a proven need to access that information, you can end up with more instances where a large-scale event could have been prevented if only they knew what the other guy knew...
If you go to far to one side and open up everything for people find so they can better the product they are working on, then you run the risk of people with MICE motivation being able to access information much beyond their scope of duties.
I would rather err on the later than the former, but what is needed are mechanisms to mitigate the risk ... increased automated surveillance of those with large-scale access. I'm not talking about some drone following them around taking pictures, but AI flags that are tripped if they are accessing a lot of information outside their duties, excessive printing/copying, etc. These types of 'tipping' incidents are usually left up to co-workers to report on ... and unless they are egregious, most don't because "Bob probably has a good reason for doing that, so I'm not going to bother anyone".
Yes, a phone call or follow-up from security personnel about why I'm accessing numerous reports that have nothing to do with what my scope of duties are would be annoying, it would be a minor inconvenience.
If you go too far to one side and lock down everything unless there's a proven need to access that information, you can end up with more instances where a large-scale event could have been prevented if only they knew what the other guy knew...
If you go to far to one side and open up everything for people find so they can better the product they are working on, then you run the risk of people with MICE motivation being able to access information much beyond their scope of duties.
I would rather err on the later than the former, but what is needed are mechanisms to mitigate the risk ... increased automated surveillance of those with large-scale access. I'm not talking about some drone following them around taking pictures, but AI flags that are tripped if they are accessing a lot of information outside their duties, excessive printing/copying, etc. These types of 'tipping' incidents are usually left up to co-workers to report on ... and unless they are egregious, most don't because "Bob probably has a good reason for doing that, so I'm not going to bother anyone".
Yes, a phone call or follow-up from security personnel about why I'm accessing numerous reports that have nothing to do with what my scope of duties are would be annoying, it would be a minor inconvenience.
(4)
(0)
3
3
0
He was the messenger. The message was absolutely contrary to everything we have been told about the Ukraine situation.
(3)
(0)
3
3
0
Read This Next
Continue with Facebook 
Continue with Google