WikiLeaks exposes US security

2010-07-27 11:12
Washington - The massive release of secret Pentagon documents by WikiLeaks highlights the security challenges of the digital age, when gigabytes of sensitive data can be exposed with a single click, analysts said.

"I think about this in relationship to the Pentagon Papers," said James Lewis, a cyber security expert at the Centre for Strategic and International Studies (CSIS), of the 1971 leak of Pentagon files about the Vietnam War.

"The difference with the Pentagon Papers is that Daniel Ellsberg took a huge sheaf of paper and gave it to a reporter," said Lewis. "Now you can take even more documents and give them to the whole world."

WikiLeaks has not identified the source of the documents it obtained, but suspicion has fallen on Bradley Manning, a US Army intelligence analyst who is currently being held in a military jail in Kuwait.

Manning was arrested in May following the release by WikiLeaks of video footage of a US Apache helicopter strike in Iraq in which civilians died and has been charged with delivering defence information to an unauthorised source.

Bad actors

The Pentagon in June said it was probing allegations that Manning supplied classified video and 260 000 secret diplomatic cables to WikiLeaks.

Lewis said the Pentagon, like any organisation, is going to have "bad actors" - insiders who turn against their employer - "but now it's a lot easier for them to do things like this".

"Everything's digital now, everything's on the network," said Tom Conway, director of federal business development at computer security firm McAfee.

WikiLeaks appeared to be a "classic insider threat case", he said, noting that safeguarding computerised information posed particular challenges to an institution with the "sheer size and complexity" of the US military.

"Ultimately, where there's a will there's a way," Conway said. "What you have to do is make it difficult."

That includes such measures as blocking access to the internet, disabling DVD drives on personal computers, compartmentalising sensitive information and flagging or blocking behaviour that is "outside the norm", he said.

"If all of a sudden someone goes from downloading 50MB a day to 9 000 a day that should set off a red flag," he said. "Maybe there's nothing wrong, a perfectly reasonable explanation for it, but maybe there isn't."


A former Pentagon official who requested anonymity said the "proliferation of digital media and social software is certainly going to increase the risks of things like this happening".

"Security is always going to be a balance between convenience and security," said the former official. "It's always a trade-off between functionality and security and the pendulum has swung way to the functionality side."

He cited a controversial Pentagon ban in 2009 on the use of thumb drives by military personnel. "They've now re-allowed them but with special thumb drives that are encrypted and tamper proof," he said.

"You've got to rethink how you secure information," said Lewis, who heads the technology and public policy programme at the Washington-based CSIS think tank.

"In the paper world, I got a document that had top secret stamped on it and the government trusted that I wouldn't take that piece of paper and share it. Maybe in the paper world that was okay but it's not for the digital," he said.

"The way we control that access is based on an older model, it's pretty much personal trust," Lewis said. "The Pentagon trusts its employees, which is good, but it's not enough."

Don Jackson of SecureWorks said military security clearances, access and "need-to-know" requirements are "based on the analogue world, where the worst you had to worry about was information like this being published in a newspaper.

"Something like WikiLeaks is not something you had to worry about before the internet," said Jackson, a security researcher with the counter-threat unit at the information security firm.

"The newspaper can't publish 90 000 documents but WikiLeaks can do it in a matter of seconds."

Read more on:    internet  |  cybercrime

linking and moving

2015-04-22 07:36


Read News24’s Comments Policy publishes all comments posted on articles provided that they adhere to our Comments Policy. Should you wish to report a comment for editorial review, please do so by clicking the 'Report Comment' button to the right of each comment.

Comment on this story
Add your comment
Comment 0 characters remaining

Inside News24


It is a good day to network and connect with significant people that can help you to expand on your ideas. Try to keep things in more

There are new stories on the homepage. Click here to see them.


Create Profile

Creating your profile will enable you to submit photos and stories to get published on News24.

Please provide a username for your profile page:

This username must be unique, cannot be edited and will be used in the URL to your profile page across the entire network.


Location Settings

News24 allows you to edit the display of certain components based on a location. If you wish to personalise the page based on your preferences, please select a location for each component and click "Submit" in order for the changes to take affect.

Facebook Sign-In

Hi News addict,

Join the News24 Community to be involved in breaking the news.

Log in with Facebook to comment and personalise news, weather and listings.