In a Wednesday panel discussion at the RSA 2011 security conference entitled "Wikileaks: The Aftermath," security experts discussed the need to adjust to copycats piggybacking on the notion that all information wants to be free.
The U.S. government has been in a defensive posture for the past several years when it comes to security threats from malicious groups that would love nothing better than to take it down, and the Wikileaks scandal brought that into sharper relief, according to Jeff Bardin, chief security strategist at XA Systems, an Arlington, Va. based security consultancy.
Bardin believes it's time for that to change. "We should harness the skills of cyber-mercenaries to counter what we're getting hit with on a daily basis," he said, adding that this could take the form of a Blackwater-style paramilitary group that's hired to take down Wikileaks copycat sites whose sole purpose to disseminate classified data, in contrast with Wikileaks founder Julian Assange's quest for journalistic legitimacy.
The Wikileaks scandal has brought attention to the damage that can be wrought by a rogue employee. But Roger Cressey, president of Good Harbor consulting group and a former member of the U.S. National Security Council staff, says with both internal and external threats, the challenges are the same.
"If you're a large corporation, do you have total situational awareness of all your data, and what all of your employees are doing on the network? With servers, hard drives, and static tape data, you do not have that situational awareness, and that's an ongoing challenge," Cressey said.
Kevin Poulsen, former Black Hat hacker and current senior editor at Wired, agreed that the Wikileaks situation has caused the insider threat to become overblown. Groups are using the ethic and tone established by Wikileaks, but they're taking it in new directions, Poulsen noted.
One example of this is the attack on security firm HBGary earlier this month, during which attackers defaced the company's Web site and published some 60,000 corporate e-mails. HBGary left the RSA show Wednesday after claiming that hackers from Anonymous, who've been supporting Wikileaks by carrying out attacks against companies that have cut ties with it, broke into its computer systems and stole confidential data.
HBGary also said it received threats to individual employees, including show floor booth staff.
"Julian Assange made leaking sexy, and he made leaking itself the end, but he'd be unlikely to hack into a security company's Web site and post all their e-mails," Poulsen said. "But I think we will see that some Wikileaks copycat sites don't want anything except to expose data and don't crave legitimacy."
U.S. Army intelligence specialist Bradley Manning is accused of leaking the documents that led to the recent Wikileaks scandal. Future Mannings are virtually inevitable, but providing an outlet for venting frustration could help government and private sector organizations prevent the conditions that led to the Wikileaks scandal in the first place, according to the panelists.
"If people inside the government see something they don't like, there needs to be process for whistle blowing that protects the information in the right way," said Cressey. "It's the same for corporations, which need to have structures in place to identify disgruntled employees early in the process and institute processes for them to air their grievances."
One thing all panelists agreed on is that Wikileaks has had an enormous impact for an organization that has no infrastructure and no funding. And no matter what happens to Wikileaks and Assange, it's a movement that's certain to continue and evolve.
"The genie is definitely out of the bottle," said Cressey.
