Risk
3/16/2010
12:33 PM
Connect Directly
RSS
E-Mail
50%
50%

Army: Wikileaks A National Security Threat

An Army counterintelligence document claims the site is a security threat because it posts classified government materials.

Wikileaks.org is considered a threat to national security because it posts classified intelligence information, according to a 2008 U.S. Army document Wikileaks posted Monday.

The document, attributed to the Army Counterintelligence Center and titled "Wikileaks.org -- An Online Reference to Foreign Intelligence Services, Insurgents, or Terrorist Groups?", cited the leaking of classified Army materials as the chief reason Wikileaks is harmful to national security.

"Such information could be of value to foreign intelligence and security services (FISS), foreign military forces, foreign insurgents, and foreign terrorist groups for collecting information or for planning attacks against U.S. force, both within the United States and abroad," the document says.

The Army has tried to sniff out a possible mole within its own ranks who might be leaking materials to Wikileaks, doubting the site's assertion that it receives classified materials from former government agency employees, according to the document.

"These claims are highly suspect, however, since Wikileaks.org states that the anonymity and protection of the leakers or whistleblowers is one of its primary goals," according to the document.

Because anyone can post to the site and there is no editorial oversight, the public may use Wikileaks as a source of misinformation, or to create lies or propaganda to promote a positive or negative image of a targeted audience, according to the document.

The Army has sought not only to identify anyone within its own ranks leaking documents to the site, but also to encourage other organizations to do the same to try to take the site down.

"Web sites such as Wikileaks.org have trust as their most important center of gravity by protecting the anonymity and identity of the insider, leaker, or whistleblower," the document stated. "Successful identification, prosecution, termination of employment, and exposure of persons leaking the information by the governments and businesses affected by information posted to Wikileaks.org would damage and potentially destroy this center of gravity and deter others from taking similar actions."

Neither the Army nor Wikileaks could be reached immediately for comment Tuesday.

The goal of Wikileaks, according to the site, is to be an uncensorable and untraceable repository for the public to leak public and private-sector documents in an expression of freedom of speech.

Plagued by controversy since its inception, the site often runs afoul of institutions whose confidential documents have been posted to it, and has been embroiled in numerous legal battles. Wikileaks depends on financial donations and a list of organizations that back it.

In fact, the site is currently in the middle of a fundraising drive; it needs to raise $600,000 a year to remain online. Wikileaks is online now only in an abbreviated version until it raises enough money to relaunch.

Media publishers such as The Associated Press, The Hearst Corp., Gannett Co. Inc. and The E.W. Scripps Company, as well as advocacy groups such as The Electronic Frontier Foundation and The American Civil Liberties Union are among Wikileaks' supporters.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-6306
Published: 2014-08-22
Unspecified vulnerability on IBM Power 7 Systems 740 before 740.70 01Ax740_121, 760 before 760.40 Ax760_078, and 770 before 770.30 01Ax770_062 allows local users to gain Service Processor privileges via unknown vectors.

CVE-2014-0232
Published: 2014-08-22
Multiple cross-site scripting (XSS) vulnerabilities in framework/common/webcommon/includes/messages.ftl in Apache OFBiz 11.04.01 before 11.04.05 and 12.04.01 before 12.04.04 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, which are not properly handled in a (1)...

CVE-2014-3525
Published: 2014-08-22
Unspecified vulnerability in Apache Traffic Server 4.2.1.1 and 5.x before 5.0.1 has unknown impact and attack vectors, possibly related to health checks.

CVE-2014-3563
Published: 2014-08-22
Multiple unspecified vulnerabilities in Salt (aka SaltStack) before 2014.1.10 allow local users to have an unspecified impact via vectors related to temporary file creation in (1) seed.py, (2) salt-ssh, or (3) salt-cloud.

CVE-2014-3594
Published: 2014-08-22
Cross-site scripting (XSS) vulnerability in the Host Aggregates interface in OpenStack Dashboard (Horizon) before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-3 allows remote administrators to inject arbitrary web script or HTML via a new host aggregate name.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Three interviews on critical embedded systems and security, recorded at Black Hat 2014 in Las Vegas.