Wikileaks Fiasco: Lessons to be learned?

Discussion in 'Int Corps' started by REMFQuestions, Jul 26, 2010.

Welcome to the Army Rumour Service, ARRSE

The UK's largest and busiest UNofficial military website.

The heart of the site is the forum area, including:

  1. Does the prominence of whisteblowing websites (and the anonymity) they provide now require more robust security measures?

    I suppose...not taking a USB stick to theatre with an alternative to i2 would be a start :)
    (but that is neither here nor there!)

    Seriously though - should security procedures be reviewed and intelligence access become more compartmentalised? 91,000 records is pretty damning. Now Assange is claiming he has videos of US soldiers mowing down civilians with machine guns on purpose and they will be released in due time.

    Do we need to learn anything from this?
     
  2. I would suggest doing this would make you even more irrelevant to the Commander in the field. MG Flynn (Head of J2 in Afg) recommends that J2 product is disseminated much more widely, and that in fact very little of this stuff is not unknown to the guys on the ground.

    (Fixing Intel: A Blueprint for Making Intelligence Relevant in Afghanistan | Center for a New American Security for link to the publication, pg 8 in particular)

    And if I were being glib, if we'd told the truth about the Civilian incidents, and didn't mow down those civilians with machine guns (allegedly), there'd be very little to report about. No-one with more than a passing interest in the geo-politics of the region can claim to be surprised that the ISI and IRGC are playing silly buggers there, and I'd be even more surprised if the Indians aren't at it as well.

    But I presume there will be some knee-jerk reaction, things will get much harder to access, everyone will be satisfied that Operation Stable Door is successful, and in 18 months time things will decay away to the same kind of state they are in now. Or, the controls could remain in place, and like DII(F) Secret, stop the CD drives from working, and then issue all our Secret publications solely on CD.....
     
  3. i don't think it's glib at all; it's the very first thought that popped into my head.
     
  4. If I've followed the story correctly, Manning was known to be a disgruntled or disillusioned individual with 'issues' who was due to leave the service. So why was he allowed to have continued access to classified material? It can't be because the section was overworked - I mean, nobody seemed concerned that he spent his time in the office lip-synching to Lady Gaga.

    So maybe, as so often happens, there were HR screw-ups in addition to piss poor IT security.

    C_C
     
  5. One of the most important parts of security is convincing the troops that secrets are worth keeping. It appears to me as if the disparity between what we say (schools for girls, aid, smiling faces, kittens etc) and the reality (dead civvies) has prompted this leak. People kept quiet about some really awful stuff in WW2 / the Cold War as they felt it was justified (and are no doubt still keeping quiet). For our current conflicts where we preach the moral high ground the leaker may have felt that we should actually practise the same.

    Regrettably, I feel we haven't seen the last of this sort of thing nor will we until the values and standards we teach in the Army are followed by our political masters, or we fight a war against an enemy that actually threatens us.
     
  6. That is the problem with IT, it depends on a legion of very junior people having admin access to the entire server estate and everything on it. In the days of paper this lot would have been under lock and key with limited access until XXXXX came along that was. :)
     
  7. msr

    msr LE

    This has nothing to do with IT...
     
  8. I'm sorry msr but I disagree, modern technology including IT and the readily available access to it means that leaks will increase. Not the whole story of course but IMHO the biggest factor.
     
  9. msr

    msr LE

    No amount of technology is going to stop a determined insider...

    I side largely with Oots (again) and suspect that the ludicrous over-classification of these reports may also be a factor.

    msr
     
  10. Clearly this unauthorised disclosure is out of order, but perhaps a lot of it should have been released far earlier in order to deny our enemy the opportunity to exploit our failings. There needs to be a clear distinction between that which is truly OPSEC and that which is merely politically inconvenient or embarrassing to individuals through exposure of their failings.

    If war crimes have occurred then it shouldn't be treated as highly sensitive for reasons of embarrassment / convenience. I'm not sure any of the examples that have been referred to in the press have sounded like real OPSEC breaches as at all, merely things that we would prefer the public not to know. Doesn't sound like any of it is stuff that we need to keep secret from Terry. For example, if everyone knows the Taliban and the ISI are in cahoots, then what value is there in hiding the fact, other than it undermining the official story. Likewise, if some ISAF troops have mortared a school then I see little value in covering it up, as it plays into the hands of our enemies.

    Remember the variant of the OODA loop - Observe, Over-react, Deny all knowledge, Apologise.
     
  11. Surely the real IT security issue in this case is not Manning’s access to databases but the fact he had the ability to easily and unobtrusively exfiltrate huge volumes of data? Once upon a time I had access to lots of 'secret' databases - what I did not have was any way to copy the stuff to CD, thumb drive, etc.without jumping through various hoops. This was a PITA, but it did not seriously interfere with my ability to do my job. Had I wanted to remove 90+K reports from the office my only option was to print them out.

    IT allows the movement and sharing of intelligence (and other information) in ways unimaginable a few years ago and that is all fine and dandy as long as the information remains within the proper channels. It would be a seriously retrograde step if that sharing was inhibited by knee-jerk reaction to this incident. And I still think the failings here are as much to do with human factors as with IT.

    C_C
     
  12. What a ridiculous and unsubstantiated remark.
     
  13. I spent many years working with large networks and was involved with IT security issues similar to those coming to light here. Whilst there are steps which can be taken to prevent the unauthorised removal of documents and data from IT systems via removable media\file transfers the main point of failure here was allowing access to this information by someone who clearly should have been removed from his position some time ago. Often with IT security the biggest point of failure is the end users.
    There are steps which can be taken, even down to having a particular trade group whoes job it is to monitor network traffic. It is possible, and there are many commercial products available to assist in recognising patterns indicating potential security breaches. Banks and large financial groups are very big on these.
    At the end of the day though, it was the failure of not removing one individual who had access to the information, and who had already been identified as a liability.
     

  14. Since that follows directly after a posting of mine I take it as directed at me. Would you care to expand?

    C_C
     
  15. I have trawled the majority of the database and the Int Reports are quite damning. I have posted the details on the other thread but a full compendium of RC(S) intsums have been made available as well as J2X.

    The press don't really know what they are sitting on but a retired Int Analyst will be wheeled onto the news fairly soon I am certain.