The Wikileaks Fiasco
September 20th, 2011
To be completely candid, I have been frustrated concerning my inability to write about the Wikileaks drama until now. I felt very strongly that once I had started the series on Bluetooth security, I should finish it before moving on to something else. Besides, Bluetooth security issues are really quite interesting. At the same time, however, there is a conflagration that is still burning, and this conflagration centers around Julian Assange and Wikileaks.
To put it bluntly, both Assange and Wikileaks are in a world of trouble–but for different reasons. Assange, the head of Wikileaks, elected to post volumes of U.S. government classified documents provided to him by a lowly U.S. Army private in Afghanistan. Assange’s directing that these documents be posted is one thing, but seeing him engage in behavior that can be described as little more than outright grandstanding is downright disgusting. True–Wikileaks posted classified documents, helping Wikileaks achieve one of its goals of exposing deceit and treachery on the part of governments. But much to Assange’s discredit, the documents appear to be neither all that valuable nor damaging to the U.S. government. Come on–should we really care that the Desperate Housewives television show creates a positive image for the U.S. in the Middle East? People who sense that they have power often become fiends, and Assange has increasingly acted accordingly.
I first virtually met Assange when I headed the U.S. Department of Energy’s incident response team. His site, suburbia.lacc.net, was then the foremost site dealing with cybersecurity-related legal issues. He did an excellent job in making information about computer-related laws and rules available to the then cybersecurity legal naive masses. I also appreciated his willingness to reply to my questions very courteously and also with extremely useful information. So until recently, my opinion of him was very positive.
What is truly frightening about the ongoing Wikileaks is that U.S. government officials and media staff are claiming that the Wilileaks disclosures border on Armageddon itself. How inane can they be? The Chinese have repeatedly rifled their way in and out of U.S. government and commercial systems, stealing vast amounts of highly classified and commercially proprietary data. I am quite sure that Chinese officials just laugh at the hysteria surrounding the exposure of information posted on Wikileaks. The Chinese, not Wikipedia, own the real goods…
Then several credit card and payment companies quit accepting donations to Wikileaks. Wikileaks supporters retaliated by flooding the Web sites of these companies for a few hours. Because denial of service attacks are usually so “sloppy,” I suspect that a number of the attackers will be identified and brought to justice–just like the head of Wikileaks appears to also be.
Then acrimony within Wikileaks started to skyrocket. This kind of thing invariably happens when top-level leadership of an organization becomes a demagogue. One of Assange’s right-hand men quit when Assange pressed him too hard concerning leaks of information related to Assange himself. Hmmm, Does Assange really think that it is o.k. to leak information about anyone but himself? Then others within Wikileaks have started to defect, going to the less renowned openleaks.com. In short, an organization built on sand will not endure, and if I were a betting person, I would not bet on Wikileaks surviving all that much longer.
Assange is likely to get prison time somewhere for changes completely unrelated to posting classified information, and so be it. But what really troubles me is how Wikileaks has sold out the private who furnished so much information to this organization. The Wikileaks top brass has showed almost total indifference to this person’s plight (especially in comparison to how they have almost canonized Assange), and please do not think that I am in any way saying that Manning was an innocent bystander. I seriously doubt if anyone within Wikileaks advised this private of the risks of providing the kind of information that he gave. My prediction is that PFC Manning will be tried on the grounds of treason, and he may possibly face execution if he is found guilty. Will Assange care? Will the top brass within Wikileaks care? I completely doubt it. And regarding the alleged $50K that Wikileaks raised for Manning’s defense, it suddenly disappeared. There is something very wrong here, and Wikileaks and Assange are at the center of it.
–Gene Schultz, Ph.D., CISSP, CISM, GSLC
– – – – – – – – – – – – – – – – –
Dr. Eugene Schultz is the CTO at Emagined Security, an information security consulting practice based in San Carlos, California. He is the author/co-author of five books, and has also written over 120 published papers. Gene has been the editor-in-chief of two journals and is currently on the editorial board of three journals. He is also a SANS instructor, member of the SANS NewsBites editorial board, co-author of the 2005 and 2006 CISM preparation materials, and is on the technical advisory board of three companies. Gene has previously managed an information security practice as well as a national incident response team. He has also been professor of computer science at several universities and is retired from the University of California. He has received the NASA Technical Excellence Award, the Department of Energy Excellence Award, the ISACA John Kuyers Best Speaker/Best Conference Contributor Award, the Vanguard Conference Top Gun Award (for best presenter) twice, the Vanguard Chairman’s Award, and the National Information Systems Security Conference Best Paper Award. A Distinguished Fellow of the Information Systems Security Association (ISSA), Gene has also been named to the ISSA Hall of Fame and has received ISSA’s Professional Achievement and Honor Roll Awards. He is currently a member of the accreditation board of the Institute of Information Security Professionals (IISP). Dr. Schultz has provided expert testimony before committees within the U.S. Senate and House of Representatives on various security-related issues, and has served as an expert witness in legal cases.