WikiLeaks upends digital security assumptions
The leaking of tens of thousands of classified reports about the Afghan War raises policy, IT security questions
As pundits debate the military, legal and political fallout from thousands of classified military documents about the war in Afghanistan being made public by WikiLeaks, one conclusion seems indisputable: Information technology has changed the nature of the government leak.
In announcing the release of the documents, the Web site WikiLeaks said they were in several computer languages (HTML, CSV and SQL), as well as rendered in KML to be compatible with Google Earth.
Although the documents were shared with the New York Times, The Guardian and Der Spiegel ahead of time, it’s all a far cry from the days of the famed Pentagon Papers episode that some have compared this massive leak. IT has played a prominent role at every turn of this story that’s dominated international headlines for days.
“It’s clear that it’s easier than ever to circumvent classification restrictions and to broadcast secret information around the world, and that is a serious challenge to the classification system,” said Steven Aftergood, director of the Project on Government Secrecy at the Federation of American Scientists. Technology makes it easier to leak on a larger scale, he added.
Patrice McDermott, director of OpenTheGovernment.org organization, said, “In some ways the risk was the same in that it was taking documents, but it’s much easier to do it electronically.”
The source of the 90,000-plus documents made public by WikiLeaks remains unknown. However, according to news reports, investigators are exploring whether Pfc. Bradley Manning, an Army intelligence analyst who was charged earlier this month with leaking classified information, is involved. According to an article in the Wall Street Journal, Col. Dave Lapan, a Pentagon spokesman, said investigators are exploring where the material was taken from, but acknowledged that Manning was a person of interest in the investigation.
Earlier this month, the military announced it would press criminal charges against Manning for allegedly transferring classified military information to his computer and delivering data to an unauthorized source. Those charges, the Journal article said, appear to be connected to the leak of a classified video that WikiLeaks also made public.
McDermott said although it’s not known if Manning was involved in the more recent release of the thousands of reports, his case exposes “some real vulnerabilities.”
“I think what it points [out] for government is – and, again, this causes some concern for us on the outside – is that they have not fully understood, at least in the Manning situation, how vulnerable their computer systems really are,” she said.
Aftergood noted that although there regularly are stories in the news about classified documents, it was very rare to see a classified document made public.
“Within the past 10 years that has started to change, and a number of Web sites have from time to time published classified records,” he said. “There has never been a release of currently classified documents as large as the WikiLeaks release on the Afghanistan war.”
Aftergood said one thing that hasn’t changed is the role of the insider who chooses to disclose information and transmit it to a publisher. “This is not a purely technology story in the sense that this information was not hacked [nor] it was not inadvertently released; all indications are that this was a deliberate leak and that’s not a new problem.”
However, McDermott noted that the person who leaked the information didn’t take the traditional path. Instead of going through their agency and their [agency's] inspector general] and potentially to Congress and then eventually going to a news outlet, the person seems to have gone much more directly to an Internet repository that then went to the news media, she said.
“What that says, I think, is that people are relating to the media differently and, perhaps, if this is from Manning, that younger people see the Internet as a more reliable way of getting the information that they want out, out, that there might be less of a screen, less of filter there,” she added.
The complete government response to the massive leak of classified information remains to be seen. Aftergood said possible responses could involve increasing operational security and leak investigations, improving document tracking technology or trying to reduce the scope of the secrecy system.
So far the leak has produced a lot of debate on Capitol Hill about information security policy and the war in general. As a sign of the times, government response to the leak has also made use of social media technology.
A tweet sent July 27 from the Twitter account of Navy Adm. Mike Mullen, chairman of the Joint Chiefs of Staff, said, “Appalled by classified docs leak to WikiLeaks & decision to post. It changes nothing on Afghanistan strategy or our relationship w/Pakistan.”
Ben Bain is a reporter for Federal Computer Week.