WikiLeaks Scandal Suggests Government Info Security Is Lacking

Share it on Twitter  
Share it on Facebook  
Share it on Linked in  

Over the weekend when WikiLeaks released 250,000-plus diplomatic cables that had come into its possession, tempers flared high and fast.


There are those like my colleague Don Tennant, who called on the U.S. government to use whatever means necessary to shut down the site because it is trafficking in stolen documents and information. Some even want to have the site declared a terrorist organization and support the prosecution of founder Julian Assange under the Espionage Act.


U.S. Rep. Pete King, D-N.Y., urged Secretary of State Hillary Clinton to declare WikiLeaks a Foreign Terrorist Organization (FTO) under the Immigration and Nationality Act. He wrote, in part:

WikiLeaks appears to meet the legal criteria for FTO designation as a (1) a foreign organization; (2) engaging in terrorist activity or terrorism which (3) threatens the security of U.S. nationals or the national security of the United States. Specifically, pursuant to Section 212 (a)(3)(B) of the INA, 8 U.S.C. 1182(a)(3)(B), WikiLeaks engaged in terrorist activity by committing acts that it knew, or reasonably should have known, would afford material support for the commission of terrorist activity.

Essentially, King argues that WikiLeaks should be declared a terrorist organization-which would allow the government to freeze its assets, among other things-because it collected classified information and made it publicly available, which meant Al Qaeda and other terrorist cells also have access to it.


But like Slate's David Weigel pointed out:

[A] document dump of outdated information, one that can be accessed by anyone, doesn't fit the bill. 'A definition of material support which includes that would be so broad that it could include scholarly research and op-eds,' says Emily Berman, a lawyer with the Liberty and National Security Project at NYU Law School.

On the other side of the spectrum are those who praise WikiLeaks for "blowing the whistle" on secrecy in the U.S. government and think that the site should post everything it can get its hands on. For instance, comments to Don's post include such sentiments as:

I find it interesting that we now live in an age where revealing the truth is a treasonous act. Where is your article condemning the TORTURE that our former and current Presidents allow to happen in gulags your tax money pays for? What's the matter? Cat got your tongue?

Whether WikiLeaks is a terrorist organization to be stopped or a whistleblower outfit to be commended, the real issue-from a technology perspective-is one fellow blogger Rob Enderle brought up in his post on the topic: WikiLeaks got its hands on classified information in spite of the government's information security protocols and processes.


He wrote:

This leak was apparently not identified until WikiLeaks actually reported that they had the information. [That] suggests internal monitoring and classified information security in the U.S. government is unable to identify such leaks, [but can] only track them back once the leak is externally reported.


If you have a leak, research the cause, assume there are likely others and patch the holes in the process so that the act can't be repeated by anyone else. If you put all your effort into crucifying a scapegoat, the problem will likely come up again, and a bigger problem may go unfound.

So while the government decides whether to freeze the site's assets and/or prosecute Assange under the Espionage Act, it also should work on correcting the internal problems that allowed the theft to occur in the first place. Thankfully, it appears to be doing just that, according to reports from Reuters and CBS News.