Thursday’s news that WikiLeaks’s entire cache of 250,000 unredacted, classified US government documents has been unintentionally released directly onto the Internet has elicited groans and guffaws from both media and security analysts.
The sequence of events that led to the data dump – a trove of documents ranging from sensitive diplomatic cables to military field reports that could potentially put people, such as government informants, in jeopardy – is in hot dispute. WikiLeaks blames the British newspaper The Guardian. The Guardian says WikiLeaks is at fault.
As the battle of words over how the dump occurred wages on, pundits suggest it is an ironic cautionary tale to see the site devoted to exposing other people’s secrets getting a taste of its own medicine.
“It is extremely ironic that a group which has devoted itself to undermining the rules of other organizations” is now complaining about violations of its own protocols, says Gene Grabowski , senior vice president of Levick Strategic Communications and manager of the firm’s Crisis and Litigation Practice.
Whoever is responsible for making the cables freely available, this latest in a series of controversial document dumps stands as an important reminder of the difficulties inherent in cybersecurity in a digital age, say experts. And this security breach has put WikiLeaks once again under the close scrutiny of its critics.
In a 1,600-word editorial on its website, WikiLeaks accuses The Guardian, its former partner in publishing secret files, of releasing a password to an encrypted file containing the entire store of the sensitive material. Noting that the group had taken special care to withhold potentially dangerous information that might jeopardize lives, it continues, "Revolutions and reforms are in danger of being lost as the unpublished cables spread to intelligence contractors and governments before the public."
In a statement issued Thursday, however, the British newspaper says it "utterly rejects any suggestion that it is responsible for the release of the unedited cables.”
The reputation and ability of WikiLeaks to continue with its stated mission may be one of the first casualties of this security breach, says Mr. Grabowski.
“WikiLeaks needs the trust and cooperation of other organizations to be relevant,” he says, pointing to its relationship with The New York Times and Guardian. Both those newspapers worked hand in hand with WikiLeaks when the documents first surfaced last year.
But, he says, if the site’s mounting troubles continue, including the legal charges facing founder Julian Assange with whom the site is tightly identified, “WikiLeaks could become so radioactive as to become irrelevant.”
But security experts also see a broader caution in the story. “This is just one big wake-up call about the problems inherent in securing any data these days,” says cybersecurity expert Joseph Steinberg, CEO of Green Amor Solutions. "Here you have two organizations, with high levels of incentive to maintain tight security over its information, and yet somehow, relatively simply, those protections were circumvented.”
Human error is the most difficult to prevent, he says, but there are many elements of the security equation that this latest example highlights. The current case hinges on both access and password protection, he says, both of which can be tightened.
“Data is everywhere and it is extremely easy to lose control of it,” says Internet security expert Mike Logan, president and co-founder of Axis Technologies. It is too easy to be careless with digital files he says, but when they are full of information that is potentially dangerous – as with the WikiLeaks cables – it highlights just how important cybersecurity is.
Indeed, people tend to ignore even the most simple security advice such as using hard-to-guess passwords and changing them often. One report suggests that Mr. Assange may have fallen into this trap by recycling an old password.
The ability to communicate freely may be yet another casualty of such incidents, says Mark Tatge, journalism professor at DePauw University’s Pulliam Center for Contemporary Media.
As it becomes harder to keep any information private, everyone from politicians to diplomats and businesses will find it increasingly difficult to communicate. “If nobody wants to commit anything to paper or an e-mail or even a phone conversation for fear of being tapped or exposed, then we are setting back important functions of our culture quite significantly,” he says.