Is Centcom a WikiLeaks culprit?
The WikiLeaks fiasco might be called the mother of data exfiltraton. And as is often the case in the sloppy aftermath of disasters like this, not one looks particularly good. Certainly not the federal government.
Julian Assange, the purported founder of WiliLeaks, looks like the sort of creep who torments small animals. The private first class suspected of being the source of at least some of the material posted on WikiLeaks, Bradley Manning, could end up spending a very, very long time in military prison if he is found to be in fact the source of even some of the leaks. We’ll never know his motivation.
But what about keepers of the Central Command servers who were apparently unaware of what was going on?
Centcom is “criminally negligent” in the view of former federal honcho Richard Clarke. He said so at a conference put on today by CyberSecurity Seminars at Georgetown University. Clarke said he was “appalled” that Centcom didn’t seem to be running any of several software packages commercially available that alert network administrators to mass downloading or attempts at such, or other anomalous behavior.
“The people really responsible are the people who set up this network,” Clarke said.
Criminally negligent is a harsh way of describing the organization’s culpability. Regardless of whether the negligence is criminal, Centcom and the State Department and wherever else the WikiLeaks data came from have plenty of company. Corporate exfiltration is becoming a way of life, including in the military-industrial complex. The topic is discussed regularly in vertical industry forums and in cross-industry corporate function interest groups.
The whole WikiLeaks story isn’t out. I suspect Assange and his cohorts are fronts — and fall guys — for some large group, perhaps a rival nation, that is trying to harm the United States. Satisfying as it might be to zap WikiLeak servers, and it wouldn’t be hard to do, the pleasure would be fleeting. Because servers, to determined groups like WikiLeads will keep reproducing the material on other servers ad nauseum. As Clarke out it, forget about trying to get the toothpaste back into the tube.
From a technology standpoint, no federal agency can control the behavior of a WikiLeaks. But it can invest in the readily available technologies that tag data electronically and subject it to rules limiting its opening, sharing downloading, forwarding, copying or printing. An agency can install any number of products that comb log files for behavior worth looking further at. And it can sharply restrict what gets classified in the first place. Much of what it in WikiLeaks is boring or inconsequential in the first place.