Joint Worldwide Intelligence Communications System

The Joint Worldwide Intelligence Communication System (JWICS, ) is the United States Department of Defense's secure intranet system that houses top secret and sensitive compartmented information. JWICS superseded the earlier DSNET2 and DSNET3, the Top Secret and SCI levels of the Defense Data Network based on ARPANET technology.

The system deals primarily with intelligence information and was one of the networks accessed by Chelsea Manning, in the leaking of sensitive footage and intelligence during the Afghanistan and Iraq wars to whistleblower organization WikiLeaks in 2010, primarily the video used in WikiLeaks' Collateral Murder prior to leaking a trove of US diplomatic cables. In 2023, it was also accessed by Jack Teixeira who leaked information about the war in Ukraine.

Because of the information it houses, JWICS is subject to discussion around cybersecurity and the United States' vulnerability to cyber threats.

Opinions surrounding the Joint Worldwide Intelligence Communication system are varied. Some emphasize its importance as a measure to protect intelligence that helps to ensure the safety of US military interests and personnel. Others scrutinize the system for standing in the way of the transparency and accountability of government.

JWICS in practice
The Joint Worldwide Intelligence Communications System (JWICS) is a secure intranet system utilized by the United States Department of Defense to house "Top Secret/Sensitive Compartmented Information" In day-to-day usage, the JWICS is used primarily by members of the Intelligence Community, such as the DIA within the DoD, and the Federal Bureau of Investigation under the Justice Department. Conversely, SIPRNet and NIPRNet account for the overwhelming bulk of usage within DoD and non-intelligence government agencies and departments.

There are three main router networks operated by the Department of Defense. Each is separated by the types of information they deal with.

At the most open level, the Non-Classified Internet Protocol Router Network (NIPRNET) is the hub for non-classified but still specialized information relating to important logistics and planning.

Above this lies the Secret Internet Protocol Router Network (SIPRNET). SIPRNET deals with information classified as Confidential or Secret. SIPRNET is another of the networks accessed by Chelsea Manning (See Automation bias, ).

Finally, the Joint Worldwide Intelligence Communications System houses the top level of data, consisting primarily of top-secret intelligence information. The system deals with transmissions coming from across the globe. The transmission of information across the JWICS network is summarized by Jeffrey R. Cares in the Encyclopedia of Cyber Warfare: See Joint All-Domain Command and Control

"JWICS can utilize satellite network connections, and the traffic moving across the network can be sent in prioritized premarked packets, meaning that the most important and sensitive information can be sent on the fastest and most secure routes... Once transmitted, the information is housed on JWICS and is accessible from 'highly secured rooms known as Secret Compartmentalized Information Facilities. Such rooms are incredibly important facilities, and can be highly vulnerable if compromised."

JWICS, WikiLeaks, and Chelsea Manning
The vulnerability of secure networks such as JWICS to insider threats was revealed with the leak of hundreds of thousands of secret US intelligence documents, the largest in US history at the time. At the epicenter of these leaks was an intelligence analyst, Chelsea Manning. While serving in Iraq in 2010, Manning accessed JWICS, along with its lower-level counterpart SIPRNET, to leak documents to WikiLeaks, a non-profit platform for whistleblowers headed by Julian Assange. Manning was directly involved in the leaks known as "Collateral Murder," "The Iraqi War Logs," "The Afghan War Diary," and "Cablegate". Manning is allegedly responsible for the leaking of over 700,000 files. At the time this was the largest data leak in US military history. Manning was arrested in late 2010 after confiding in fellow hacker, Adrian Lamo, who reported Manning to the Federal Bureau of Investigation.

It is believed that Manning's decision to supply the files to WikiLeaks began partly as a result of directly experiencing "war porn", graphic videos watched by analysts for entertainment. A notable video viewed by Manning that would later also capture public attention involved a US Apache helicopter firing on civilians. This video would be named "Collateral Murder." Manning was also uncomfortable with and perceived censorship of Iraqi citizens in their published opinions on government, and the "don't ask, don't tell" construct surrounding homosexuality in the US military. All of this information was contained in secure networks such as JWICS, causing their legitimacy as a form of a protection, rather than censorship, to be widely scrutinized in media and academic discourse.

Manning was sentenced in 2013 to 35 years at Fort Leavenworth. This sentence was commuted by the Obama administration for release after 7 years in 2017. Manning was again jailed after refusing to testify at the grand jury investigation against Wikileaks, and was released in March 2020.

The events surrounding Manning led to widespread reforms. Training and monitoring is now in place to identify risk factors in analysts to prevent them using their position to leak documents from secure networks. In addition, more widespread monitoring of the daily use of networks is undertaken. Cybersecurity concerns are often discussed with a focus on hacking and external threats, but Mark Ambidner of The Atlantic highlighted the susceptibility of defense networks to trusted actors:

"All it took was one disaffected young man [Sic] with a rudimentary knowledge of computer systems to bring down an entire edifice of code names, secret networks, compartmented channels, and protected information."

Public interest
Some argue from a pro-public interest perspective that JWICS allows government to manipulate releases of information (as occurred in "Collateral Murder") to shirk accountability for wrongdoings.

Others, who take a more conservative approach to information release, cite the importance of protecting troops on the ground and deny the idea that full transparency is essential for democracy.

Arguments
With the development of secure intranet networks and the increased use of technology in government and military operations, networks such as JWICS have come under scrutiny due to their perceived capacity to keep public interest information behind closed networks.

At the heart of pro-public interest arguments is the desire to hold governments accountable for their wrongdoings. Academics posit that pre-1991 there was a layer of separation allowing organizations to be selective about what they released to the public. Thus, the advent of the World Wide Web in 1991 was viewed as a triumph of public interest, allowing individuals to "freely share what they knew." Since then, however, the development of secure networks such as JWICS has reinstated levels of separation between individuals and government and has again prevented the public from holding government to account. This has been exacerbated since 9/11 with the war on terror providing a 'scape-goat' for governments in hiding public interest information (such as the shooting of Iraqi journalists in "collateral murder") under the guise of protecting against foreign interests and terrorism.

One of the main pro-protection arguments surrounding JWICS is that JWICS is essential to prevent the identities of individuals from being released. By releasing these documents en-masse without adequate care, leakers are putting these individuals at risk. In the case of military operations, JWICS is also said to protect troops on the ground by safeguarding their strategy and movements.

Pro-protection parties argue that leaking agents such as Wikileaks need to better censor the identities of individuals contained in their leaks to prevent harm.

In several of WikiLeaks' leaks involving JWICS in the Iraq and Afghanistan wars, they worked alongside publications such as the New York Times. In publishing documents, the Times employed censorship efforts, consulting the CIA and the DoD about what to omit from their publication.

The central counterargument to protection is that releases must balance the opposing forces of public interest and potential harm. Pro-public interest speaker Simon Jenkins states that "The Job of Media is not to protect power from embarrassment." Nonetheless, from a pro-protection standpoint, media does have a role in defining the limits of public interest in their publications to protect the safety of certain stakeholders.

Counterterrorism
JWICS operates as the highest level network in the DoD's information cyberspace. It is a controlled network, and the information contained within it is of great importance to both the US, and other parties looking for information.

Because of its importance, a key issue surrounding JWICS is the threat of cyberterrorism. Foundations like JWICS present critically important assets that if infiltrated, can lead to information and/or strategic advantages. This is not dissimilar to how strategic points like bases or fortresses would be infiltrated in regular warfare.

The vulnerability of cyber networks lies in their construction. Structures are created through software written by individuals whose mistakes create vulnerabilities for those who want to protect information, and opportunities for those seeking it. In addition, cyberterrorism is not restricted by geographical bounds. Networks can be hacked remotely from across the globe without warning. This creates jurisdictional issues for enforcement.

A key vulnerability for secret level networks such as JWICS is what is described as a 'sneakernet threat.' These systems are designed to be separate from the unclassified internet, creating a protection from malware. However, the systems also rely on users uploading documents from the internet. This creates a risk of viruses being passed on along with the information into the secure system.

An example of this threat came to reality in 2008 when Russian malware made its way into the SIPRNET system by way of a thumb-drive which was plugged into classified-level computers accessing the network. These computers lacked virus protection due to their detachment from the internet, and were compromised as a result. The virus, once gaining access to these networks, acted as a 'beachhead' which allowed the transfer of data to foreign computers The hack was, at the time, the largest compromise of US cybersecurity in history, and initially led to a ban on the use of thumb-drives. this was later repealed.

JWICS is structured slightly differently to SIPRNET. JWICS is accessed via "terminals" in protected facilities known as Secret Compartmentalized Information Facilities. These physical facilities are highly protected as physical structures. This is because they present strategic advantage. If one terminal is accessed by an enemy, all of JWICS is available to them until that terminal is disconnected from the network. Because of JWICS' structure, allowing access only through secure facilities, it is relatively protected from outside threats. However, there is an intrinsic vulnerability in JWICS that is summarized by Clarke and Knake in Cyber War: The Next Threat to National Security and What to do About It:

"Access to these terminals is more restricted because of their location, but the information flowing on the network still has to go across fiber optic cables and through routers and servers, just as with any other network. Routers can be attacked to cut communications. The hardware used... can all be compromised at the point of manufacture of later one. Therefore we cannot assume that even this network is reliable."

The mounting threat to US cybersecurity has led to some developments surrounding defense. In 2011, Leon Panetta and other intelligence officials gave statements about the growing vulnerability of the US to cyber attacks. This stemmed from Pentagon Reports about critical security breaches in government and business networks.

Since then the Department of Defense has rolled out and continually developed 'Einstein' software aimed at detecting and preventing intrusion into federal government networks. In addition, "the Department of Homeland Security and the NSA signed a memorandum of understanding the improve collaboration between the agencies."

The 2008 Russian infiltration of SIPRNET led to large reforms in terms of defense strategy. In 2008, then defense Secretary Robert Gates moved to create a dedicated infrastructure dealing specializing with cyber warfare strategy – the Cyber Command. Cyber command was originally designed by Colonel Paul Nakasone, Lieutenant Colonel Jen Easterly, Navy Captain T. J. White, and Air Force Colonel Stephen Davis. These four became colloquially known as 'The Four Horsemen' and set out to create the framework for Cyber Command, the US's dedicated cyber-strategy wing.

In 2016, Cyber Command gained separation from the NSA, elevating it to have a direct line to the White House. The Trump administration has further stretched the team's authority, allowing them to take a more offensive approach to cyber strategy.