Attacks/Breaches
9/1/2011
10:41 AM
Connect Directly
RSS
E-Mail
50%
50%

WikiLeaks Sues Guardian, Cables Controversy Grows

WikiLeaks alleges that the newspaper violated its confidentiality agreement by publishing a password to a file containing unredacted versions of 251,000 State Department cables.

10 Massive Security Breaches
(click image for larger view)
Slideshow: 10 Massive Security Breaches
WikiLeaks on Thursday announced that it's suing the Guardian newspaper in Britain for facilitating the leak of unredacted U.S. diplomatic cables.

"A Guardian journalist has negligently disclosed top secret WikiLeaks' decryption passwords to hundreds of thousands of unredacted unpublished U.S. diplomatic cables," according to a statement released by WikiLeaks.

"WikiLeaks has commenced pre-litigation action against the Guardian and an individual in Germany who was distributing the Guardian passwords for personal gain," it said. In particular, WikiLeaks alleged that the Guardian violated the confidentiality agreement that it signed with the whistleblowing group, which dictated that the cables be published by groups in exchange for their "local knowledge," which would be used to "remove the names of persons reporting unjust acts to U.S. embassies."

The suit marks an abrupt change in the tenor of WikiLeaks with the Guardian, which along with the New York Times, Der Spiegel, Le Monde and El Pais were selected by the group to help study, redact, release, and publicize the sensitive diplomatic cables.

The Guardian, however, has denied the WikiLeaks allegations. "It's nonsense to suggest the Guardian's WikiLeaks book has compromised security in any way," according to a statement released by the paper.

"Our book about WikiLeaks was published last February," according to the statement. "It contained a password, but no details of the location of the files, and we were told it was a temporary password which would expire and be deleted in a matter of hours."

The password in question--ACollectionOfDiplomaticHistorySince_1966_ToThe_PresentDay#--appears on page 148 of WikiLeaks: Inside Julian Assange's War On Secrecy written by David Leigh and Luke Harding, and published in February 2011.

Earlier this week, news reports cited rumors that WikiLeaks had lost control of a password-protected archive containing unredacted versions of all 251,287 cables in its possession. Rumors also suggested that the password was circulating separately, and available via the Internet. Some news reports cited WikiLeaks rival OpenLeaks, founded by WikiLeaks defector Daniel Domscheit-Berg, as the source of the tip-offs. A resident of Germany, he may be the "individual in Germany" mentioned by WikiLeaks as a target of its "pre-litigation action."

Over the past nine months, just a fraction of the 251,287 cables that WikiLeaks obtained had been released. But the availability via BitTorrent of the "cables.csv" file, containing all of the cables, as well as accessibility of the password, led WikiLeaks to last week to suddenly release 134,000 new cables. Those cables included the names of at least 100 diplomatic sources that had been marked for "special protection," meaning that the State Department didn't want the names to be disclosed publicly.

WikiLeaks said that it's known of the existence of the BitTorrent file, as well as the "passwords" for accessing it, for the past month, but avoided commenting on the matter, in an attempt to not draw attention to the passwords.

WikiLeaks blames the Guardian for causing it to rush its cable-release program. "Over time WikiLeaks has been building up, and publishing, the complete Cablegate 'library'--the most significant political document ever published," it said. "The mammoth task of reading and lightly redacting what amounts to 3,000 volumes or 284 million words of global political history is shared by WikiLeaks and its partners. That careful work has been compromised as a result of the recklessness of the Guardian."

These days, of course, data breaches--or in this case at least, loss of data control--are nothing new. Furthermore, numerous breaches can be traced to insiders who release, maliciously or inadvertently, sensitive information. Accordingly, was it reasonable for WikiLeaks to expect that it could maintain full control over a sensitive cache of all of the cables, many of which it's already shared with more than 90 media and human rights groups worldwide? Perhaps the group can consider itself lucky that it managed to control its publication schedule for as long as nine months.

The vendors, contractors, and other outside parties with which you do business can create a serious security risk. Here's how to keep this threat in check. Also in the new, all-digital issue of Dark Reading: Why focusing solely on your own company's security ignores the bigger picture. Download it now. (Free registration required.)

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-3345
Published: 2014-08-28
The web framework in Cisco Transport Gateway for Smart Call Home (aka TG-SCH or Transport Gateway Installation Software) 4.0 does not properly check authorization for administrative web pages, which allows remote attackers to modify the product via a crafted URL, aka Bug ID CSCuq31503.

CVE-2014-3347
Published: 2014-08-28
Cisco IOS 15.1(4)M2 on Cisco 1800 ISR devices, when the ISDN Basic Rate Interface is enabled, allows remote attackers to cause a denial of service (device hang) by leveraging knowledge of the ISDN phone number to trigger an interrupt timer collision during entropy collection, leading to an invalid s...

CVE-2014-4199
Published: 2014-08-28
vm-support 0.88 in VMware Tools, as distributed with VMware Workstation through 10.0.3 and other products, allows local users to write to arbitrary files via a symlink attack on a file in /tmp.

CVE-2014-4200
Published: 2014-08-28
vm-support 0.88 in VMware Tools, as distributed with VMware Workstation through 10.0.3 and other products, uses 0644 permissions for the vm-support archive, which allows local users to obtain sensitive information by extracting files from this archive.

CVE-2014-0761
Published: 2014-08-27
The DNP3 driver in CG Automation ePAQ-9410 Substation Gateway allows remote attackers to cause a denial of service (infinite loop or process crash) via a crafted TCP packet.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
This episode of Dark Reading Radio looks at infosec security from the big enterprise POV with interviews featuring Ron Plesco, Cyber Investigations, Intelligence & Analytics at KPMG; and Chris Inglis & Chris Bell of Securonix.