ELECTRONIC SPILLAGE OF CLASSIFIED INFORMATION
Date Signed: 3/3/2003 | MARADMINS Number: 088/03
MARADMINS : 088/03

R 032008Z MAR 03
FM CMC WASHINGTON DC(n)
TO ML MARADMIN(n)
MARADMIN
BT
UNCLAS
MARADMIN 088/03
MSGID/GENADMIN/CMC WASHINGTON DC/C4//
SUBJ/ELECTRONIC SPILLAGE OF CLASSIFIED INFORMATION//
REF/A/MSG/COMMARFOR INO/062345Z DEC 02//
NARR/REF A IS A COMMARFOR INO MSG ESTABLISHING MITIGATION
PROCEDURES FOR CLASSIFIED INFORMATION SPILLAGES.//
POC/DULANY, KM/MSGT/HQMC C4/-/TEL:DSN 223-3490/COMM:
703-693-3490/EMAIL:DULANYKM@HQMC.USMC.MIL//
POC/HENSEN, EM/MAJ/HQMC ARS/-/TEL:DSN 224-2320/COMM:
703-614-2320/EMAIL:HENSENEM@HQMC.USMC.MIL//
POC/STEINHAUSER/GS14/MARFOR-INO/-/TEL:DSN 278-1957
/EMAIL:STEINHAUSERTH@NOC.USMC.MIL//
RMKS/1. PURPOSE. THE PURPOSE OF THIS MESSAGE IS TO ADDRESS
THE RECENT INCREASE IN ELECTRONIC SPILLAGES OF CLASSIFIED
INFORMATION WITHIN UNCLASSIFIED PORTIONS OF MARINE CORPS
INFORMATION SYSTEMS.
2. BACKGROUND. DURING THE PAST SEVERAL MONTHS, THERE HAS BEEN
A NOTED INCREASE IN THE NUMBER OF INADVERTENT "SPILLAGES" OF
CLASSIFIED INFORMATION TO UNCLASSIFIED COMPUTER NETWORKS.
A SPILLAGE IS DEFINED AS AN INADVERTANT EXPOSURE OF
CLASSIFIED MILITARY INFORMATION (CMI) ONTO MAGNETIC MEDIA THAT
IS CLASSIFIED AT A LOWER LEVEL, E.G., TOP SECRET SPILLAGE ONTO
SECRET, SECRET ONTO UNCLASSIFIED. THIS TREND WARRANTED THE
RELEASE OF REF A, WHICH MANDATED STEPS TO SWIFTLY CONTAIN AND
QUICKLY CLEAR CLASSIFIED INFORMATION FROM UNCLASSIFIED COMPUTERS
OR COMPUTER NETWORKS. WHILE REF A NOTIFIED ORGANIZATIONAL
COMMANDERS OF THESE PROCEDURES, ALL PERSONNEL WITH ACCESS TO
CLASSIFIED COMPUTER FILES MUST BE AWARE THAT ELECTRONIC SPILLAGES
WITHIN COMPUTER NETWORKS MUST BE ACTED UPON WITH THE SAME
AGGRESSIVENESS AS ANY OTHER POTENTIAL COMPROMISE OF CLASSIFIED
INFORMATION. DURING THE PAST 60 DAYS, THIS HQTRS HAS CONSULTED ON
6 SITUATIONS WHERE IT WAS NECESSARY TO EXECUTE A GLOBAL RESPONSE
TO CLEAR CLASSIFIED INFORMATION SPILLAGES FROM UNCLASSIFIED
COMPUTERS OR COMPUTER NETWORKS. IN EACH CASE, CONSIDERABLE
EFFORTS WERE EXPENDED NOT ONLY TO CONTAIN AND RECOVER FROM THE
SUBJECT SPILLAGE, BUT TO EDUCATE COMMAND PERSONNEL ON THEIR
RESPONSIBILITIES IN THESE MATTERS.
3. DISCUSSION. THE RISING NUMBER OF INADVERTENT "SPILLAGES" AND
SUBSEQUENT POOR FOLLOW-UP PROCEDURES CLEARLY ILLUSTRATES
THAT ALL PARTIES HANDLING ELECTRONIC CLASSIFIED FILES DO NOT
HAVE A CLEAR UNDERSTANDING OF PROPER PROCEDURES FOR CURTAILING
DAMAGE THAT MAY RESULT FROM ELECTRONIC "SPILLAGES" OF CLASSIFIED
INFORMATION. ALL MARINES HANDLING CLASSIFIED ELECTRONIC FILES
MUST BE REMINDED OF THE POTENTIALLY DISASTROUS IMPACT THAT
ELECTRONIC SPILLAGES OF CLASSIFIED INFORMATION MAY HAVE ON
NATIONAL SECURITY. THE SERIOUS NATURE OF THIS SITUATION CANNOT
BE OVEREMPHASIZED. JUST AS ANY COMPROMISE OF CLASSIFIED
DOCUMENTS WOULD JUSTIFY COMMAND SECURITY PERSONNEL ENGAGING IN
REQUISITE RECOVERY AND INVESTIGATIVE PROCEDURES, THE SAME
PREREQUISITES AND PROCEDURES APPLY TO CLASSIFIED INFORMATION IN
ELECTRONIC FORMS.
4. ACTION. NLT 30 DAYS FROM RECEIPT OF THIS MESSAGE, ALL COMMANDERS
ARE DIRECTED TO CONDUCT SECURITY REFRESHER TRAINING REGARDING THE
PROPER HANDLING OF CLASSIFIED INFORMATION WITH PARTICULAR EMPHASIS
ON THE UNIQUE ASPECTS OF ELECTRONIC MEDIUMS. THIS SUBJECT TRAINING
SHOULD ALSO INCLUDE THE "SPILLAGE" PROCEDURES CONTAINED IN REF A
UNDERSCORING THE IMPORTANCE OF TIMELY REPORTING AND HANDLING OF
ELECTRONIC "SPILLAGES". IT IS ALSO IMPORTANT TO NOTE IN TRAINING THAT
ANY COMPROMISE OF CLASSIFIED DOCUMENTS JUSTIFIES COMMAND SECURITY
PERSONNEL ENGAGING IN REQUISITE RECOVERY AND INVESTIGATIVE
PROCEDURES. COMPLIANCE REPORTING OF THIS SUPPLEMENTAL TRAINING IS NOT
REQUIRED HOWEVER, THIS TRAINING MUST BE A PRIORITY TO ENSURE THAT WE
ARE DOING EVERYTHING WITHIN OUR MEANS TO PREVENT ANY FURTHER
INCIDENTS OF "SPILLAGE."
5. CONCLUSION. IT IS EVERY MARINE'S AND CIVILIAN MARINE'S
RESPONSIBILITY TO ENSURE THE SECURITY OF APPROPRIATELY
CLASSIFIED INFORMATION. RECOGNIZING THAT WE CAN NO LONGER SIMPLY
"DELETE" THE ACCIDENTALLY SPILLED INFORMATION FROM AN UNCLASSIFIED
MEDIUM, WE ALL NEED TO UNDERSTAND THE CORRECT PROCEDURES OF DEALING
WITH "SPILLAGES" TO MAKE CERTAIN THE INTEGRITY AND SECURITY OF THE
INFORMATION IS MAINTAINED. PLEASE DISTRIBUTE THIS MESSAGE TO ALL
ECHELONS OF YOUR COMMAND, ENGAGE ALL LEVELS OF LEADERSHIP TO STRESS
THE IMPORTANCE OF THE TASK AT HAND, AND BY ALL MEANS ENSURE THAT ALL
INSTANCES OF "SPILLAGES" ARE REPORTED PROMPTLY.
6. QUESTIONS CONCERNING SECURITY REFRESHER TRAINING SHOULD BE
DIRECTED TO MAJ HENSEN AT DSN 224-2320. QUESTIONS REGARDING THIS OR
ANY OTHER USMC COMPUTER NETWORK DEFENSE ACTIONS SHOULD BE DIRECTED
TO THE MITNOC HELPDESK AT DSN: 278-5300, COMMERCIAL 703.784.5300.//