Feeds

Of Wikileaks and data theft

Maladroit is as maladroit does

Beginner's guide to SSL certificates

Private First Class Bradley Manning may be one of the most celebrated whistleblowers ever but he is also, if he really is the Wikileaks source, a damn fine data thief. The corollary of that is that the United State military is a an awful guardian of classified data.

Manning, a US army intelligence analyst, is believed to have delivered more than 150,000 State Department documents and possibly more than a quarter of a million diplomatic cables, to Julian Assange's Wikileaks. He caused immense embarrassment to the United States  military and government establishments by showing the military's machine gunning of Iraqi  civilians by a helicopter gunship and revealing thousands of other things dozens of government around the world would prefer to be remain secret.

We don't know if Manning really is the source. He hasn't appeared in court yet and certainly hasn't been tried and convicted. So, until proved otherwise he is innocent. But there certainly was a source, perhaps more than one. For the purposes of argument, we'll call him Jim Leaks.

He started off from a lucky base; diplomatic cables and secret files are now in digital format, not paper, as in the days of the Pentagon Papers.

Put yourself in Jim Leaks' place. Your task, Jim, should you accept it, is to deliver 150,000-plus US State Department documents and videos to Wikileaks. Let's say that they take up 500GB of storage capacity. We are not going to email this stuff. Such a massive transmission or series of transmissions would leave a huge tell-tale footprint behind and take an age to organise.

If we can't digitally transmit the data then we have to physically carry it out of the place where we access it. That means, doesn't it, that either a CD, DVD, or an external hard drive must have been used, maybe one of those high-capacity, pocket-sized, 2.5-inch ones.

Jim obviously had access rights and privacy to copy this 500GB of data from a system he used, a desktop or laptop, onto an optical disk or simple USB-connected external drive, leave the premises and ship the disks or drive to Wikileaks. Simple enough in concept, deadly effective in execution, and totally, utterly, completely preventable.

What Jim did would only be possible if the IT infrastructure he used was designed and run by ineffective people. Here we have classified and secret files and cables and Jim was able to spend a lot of time collecting them and copying them to an optical disk or hard drive which he then walked away with, in his brief case presumably. He had system access rights and privileges enabling him to do this. Who organised and was responsible for the security of this data?

Data Loss Prevention (DLP) is a well known body of technology. It looks at data in use, in motion across a network, and at rest in a storage device. The technology can inspect data to find out if it contains sensitive information that should not leave the system, such as credit card numbers. That level of sophistication would not have been needed in this case. Whole folders could have been classed as secret, highly secret and top secret; whatever levels of security are used in these cases.

Then host-based DPL agent software could have been used to monitor what Joe Leaks was doing and simply prevented the copying of files from the computer he was use using to any external storage device, or its being emailed outside the firewall. Secondly it could have sent an alert to a security policy compliance officer and, thirdly, locked down the files and prevented further access.

It's the Pentagon Papers all over again. The US government and military are lashing out at Assange when, instead of shooting the messenger, they should lock the metaphorical doors through which his source entered their IT infrastructure and pillaged it. The US government and military establishment has been shown to be laughably inept at looking after classified information. It beggars belief that one of the most technically accomplished countries on Earth should be so maladroit. ®

Internet Security Threat Report 2014

More from The Register

next story
The cloud that goes puff: Seagate Central home NAS woes
4TB of home storage is great, until you wake up to a dead device
Azure TITSUP caused by INFINITE LOOP
Fat fingered geo-block kept Aussies in the dark
You think the CLOUD's insecure? It's BETTER than UK.GOV's DATA CENTRES
We don't even know where some of them ARE – Maude
Intel offers ingenious piece of 10TB 3D NAND chippery
The race for next generation flash capacity now on
Want to STUFF Facebook with blatant ADVERTISING? Fine! But you must PAY
Pony up or push off, Zuck tells social marketeers
Oi, Europe! Tell US feds to GTFO of our servers, say Microsoft and pals
By writing a really angry letter about how it's harming our cloud business, ta
SAVE ME, NASA system builder, from my DEAD WORKSTATION
Anal-retentive hardware nerd in paws-on workstation crisis
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
The Heartbleed Bug: how to protect your business with Symantec
What happens when the next Heartbleed (or worse) comes along, and what can you do to weather another chapter in an all-too-familiar string of debilitating attacks?
Top 5 reasons to deploy VMware with Tegile
Data demand and the rise of virtualization is challenging IT teams to deliver storage performance, scalability and capacity that can keep up, while maximizing efficiency.