WikiLeaks Exposes Classified Information and the Need for Improved Separation and Isolation
The latest release of almost 400,000 classified documents from the war in Iraq exposed exposed by WikiLeaks has stirred up another round of controversy in the news, and raised further questions around how this information was able to leak out in the first place. Specifically, how could so many documents, supposedly accessible only to those with appropriate clearance levels, have been copied without authorization?
Many experts have weighed in, providing various explanations as to how this could have happened. I’ve offered my opinion below, and have chosen to look at the WikiLeaks exposure from a technical angle.
To begin, despite many claims otherwise by detractors, the US Government has a very effective system of assigning need to know access privilege to appropriate individuals. Unfortunately, due to dated IT implementations and policies that were written before the Internet age, there are real and significant challenges in the enforcement of access. The fact of the matter is that the individual or individuals that leaked these documents should never have been able to get to this volume of information. There are separation and isolation technologies available that could prevent this.
Many organizations, both within and outside of the Government are looking at network security, as well as the way they attach assets and information to networks, in an outdated way. Traditional security technology, like firewalls, are hacked and penetrated on a daily basis. Additionally, intrusion prevention and detection systems are successful at finding security issues only after a threat has entered a system. Today’s modern cyber warfare is based on data and information, which is being captured, cataloged and stored at an alarming rate. Traditional security technologies are struggling to keep pace with this explosion of information, and the WikiLeaks exposure is a prime example of what can happen when the wrong individual has access to a multitude of data.
Today, warfighters must have access to classified networks and information not only do their jobs, but to ensure their safety and the safety of those around them. Similarly, in a business setting, fast access to information is critical to maintain a competitive edge. However, today’s network architectures have not kept pace with the rapid influx of data it’s tasked with storing. The result? Too much information is kept in large, flat networks with limited hierarchical segmentation based on rank and authorization.
The WikiLeaks exposure highlights a clear need for a change in the way many classified networks are architected and managed, the way organizations manage their most sensitive information, and should also be looked at as a red flag by enterprises. Technology that would enforce access policies around this type of information needs to be implemented to minimize a leak of this magnitude. Additionally, organizations should consider investing in new solutions that can enforce the separation of critical valuable data from users and networks that have no need to access this information, while still allowing access to those that do.
Organizations, including the government, should invest in technology that would enforce hierarchical access policies around sensitive data, confining and restricting access to classified information. In addition to technology, cultural changes should take place within an organization first and foremost. Countless security breaches within the government space point to the need to establish a culture of 'security first and foremost.' Many organizations today believe that a security-first approach means that functionality or performance has to be sacrificed – this is not the case – this is simply not the case. If put in place correctly, this type of technology would not allow a single person, regardless of rank or position, to have the sole authority to access such large volumes of classified data.
Tags: WikiLeaks, WikiLeaks Exposing Classified Information, Dangers of WikiLeaks, WikiLeaks 400k