October 2, 2013: Three years after WikiLeaks leaked 250,000 State Department cables, the department’s communication system “is operating without basic technical security measures in place, despite warnings about its vulnerabilities…”

The SAIG Logo (Credit: public domain)

The SAIG Logo (Credit: public domain)

This is according to a BuzzFeed article. The system is known as SMART (the State Messaging and Archive Retrieval Toolset), and is used to share internal department documents, including the diplomatic cables made public by WikiLeaks. SMART is a two-tiered system, for both classified and unclassified information. SMART was launched in 2009, and the department has paid hundreds of millions of dollars to contractors for it, mostly to the company SAIC.

Unnamed sources “say the failures have left thousands of cables and messages, including highly sensitive and classified ones, vulnerable to espionage or leaks…” 

A former deputy program manager from one such contractor complains, “There is this attitude that security didn’t even come into the picture…I’m talking IT [information technology] security basics, standard fundamental things that a first-year admin would find.”

In 2012 and 2013, internal investigations revealed grave, unresolved security issues. “According to documents reviewed by BuzzFeed, several employees raised concerns starting from the beginning of the SMART rollout. They were told to not pursue the issue. Some were told, with stern overtones, that it wasn’t within their job descriptions to do so.” (Buzzfeed, 10/2/2013)