Risk
3/16/2010
12:33 PM
Connect Directly
RSS
E-Mail
50%
50%

Army: Wikileaks A National Security Threat

An Army counterintelligence document claims the site is a security threat because it posts classified government materials.

Wikileaks.org is considered a threat to national security because it posts classified intelligence information, according to a 2008 U.S. Army document Wikileaks posted Monday.

The document, attributed to the Army Counterintelligence Center and titled "Wikileaks.org -- An Online Reference to Foreign Intelligence Services, Insurgents, or Terrorist Groups?", cited the leaking of classified Army materials as the chief reason Wikileaks is harmful to national security.

"Such information could be of value to foreign intelligence and security services (FISS), foreign military forces, foreign insurgents, and foreign terrorist groups for collecting information or for planning attacks against U.S. force, both within the United States and abroad," the document says.

The Army has tried to sniff out a possible mole within its own ranks who might be leaking materials to Wikileaks, doubting the site's assertion that it receives classified materials from former government agency employees, according to the document.

"These claims are highly suspect, however, since Wikileaks.org states that the anonymity and protection of the leakers or whistleblowers is one of its primary goals," according to the document.

Because anyone can post to the site and there is no editorial oversight, the public may use Wikileaks as a source of misinformation, or to create lies or propaganda to promote a positive or negative image of a targeted audience, according to the document.

The Army has sought not only to identify anyone within its own ranks leaking documents to the site, but also to encourage other organizations to do the same to try to take the site down.

"Web sites such as Wikileaks.org have trust as their most important center of gravity by protecting the anonymity and identity of the insider, leaker, or whistleblower," the document stated. "Successful identification, prosecution, termination of employment, and exposure of persons leaking the information by the governments and businesses affected by information posted to Wikileaks.org would damage and potentially destroy this center of gravity and deter others from taking similar actions."

Neither the Army nor Wikileaks could be reached immediately for comment Tuesday.

The goal of Wikileaks, according to the site, is to be an uncensorable and untraceable repository for the public to leak public and private-sector documents in an expression of freedom of speech.

Plagued by controversy since its inception, the site often runs afoul of institutions whose confidential documents have been posted to it, and has been embroiled in numerous legal battles. Wikileaks depends on financial donations and a list of organizations that back it.

In fact, the site is currently in the middle of a fundraising drive; it needs to raise $600,000 a year to remain online. Wikileaks is online now only in an abbreviated version until it raises enough money to relaunch.

Media publishers such as The Associated Press, The Hearst Corp., Gannett Co. Inc. and The E.W. Scripps Company, as well as advocacy groups such as The Electronic Frontier Foundation and The American Civil Liberties Union are among Wikileaks' supporters.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
In a digital world inundated with advanced security threats, Intel Security seeks to transform how we live and work to keep our information secure. Through hardware and software development, Intel Security delivers robust solutions that integrate security into every layer of every digital device. In combining the security expertise of McAfee with the innovation, performance, and trust of Intel, this vision becomes a reality.

As we rely on technology to enhance our everyday and business life, we must too consider the security of the intellectual property and confidential data that is housed on these devices. As we increase the number of devices we use, we increase the number of gateways and opportunity for security threats. Intel Security takes the “security connected” approach to ensure that every device is secure, and that all security solutions are seamlessly integrated.
Featured Writers
White Papers
Cartoon
Current Issue
Dark Reading's October Tech Digest
Fast data analysis can stymie attacks and strengthen enterprise security. Does your team have the data smarts?
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-2413
Published: 2014-10-20
Cross-site scripting (XSS) vulnerability in the ja_purity template for Joomla! 1.5.26 and earlier allows remote attackers to inject arbitrary web script or HTML via the Mod* cookie parameter to html/modules.php.

CVE-2012-5244
Published: 2014-10-20
Multiple SQL injection vulnerabilities in Banana Dance B.2.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) return, (2) display, (3) table, or (4) search parameter to functions/suggest.php; (5) the id parameter to functions/widgets.php, (6) the category parameter to...

CVE-2012-5694
Published: 2014-10-20
Multiple SQL injection vulnerabilities in Bulb Security Smartphone Pentest Framework (SPF) before 0.1.3 allow remote attackers to execute arbitrary SQL commands via the (1) agentPhNo, (2) controlPhNo, (3) agentURLPath, (4) agentControlKey, or (5) platformDD1 parameter to frameworkgui/attach2Agents.p...

CVE-2012-5695
Published: 2014-10-20
Multiple cross-site request forgery (CSRF) vulnerabilities in Bulb Security Smartphone Pentest Framework (SPF) 0.1.2 through 0.1.4 allow remote attackers to hijack the authentication of administrators for requests that conduct (1) shell metacharacter or (2) SQL injection attacks or (3) send an SMS m...

CVE-2012-5696
Published: 2014-10-20
Bulb Security Smartphone Pentest Framework (SPF) before 0.1.3 does not properly restrict access to frameworkgui/config, which allows remote attackers to obtain the plaintext database password via a direct request.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Follow Dark Reading editors into the field as they talk with noted experts from the security world.