WikiLeaks: Coming to an Agency Near You

Posted December 9th, 2010 by

Nope, we’re not going to talk about ego trips, hidden agendas, or complete irresponsible transparency.  This blog post is about some of the fallout inside the Government security teams.

The powers that be would like to remind you that downloading classified documents off the Intertubez does not make them unclassified.  An anonymous source that I talked to last week gave me the info that they were busy tracking their users’ browsing behaviors so that if you (the hypothetical you) went to WikiLeaks and downloaded a classified document, the InfoSec goon squad would show up outside your cubicle to shred your hard drive because you had just been responsible for a classified spillage–ie, your unclassified desktop now has classified material on it and as per procedure the only way to deal with the situation is to overwrite your hard drive and reimage it.  I have a couple thoughts about this:

  • Where were the InfoSec goons when their users were getting drive-by malware from questionable sites?
  • If it’s on TV, it’s not a “secret” anymore.
  • Don’t our InfoSec teams have something better they can spend their time doing other than being the WikiLeaks monitor?

And then there’s the Ambulance Chasing Department.  According to a different anonymous source, the vendors have descended upon the State Department hawking their security solutions, including this gem of a webinar.  Not quite sure what the webinar is on, except that they’re targeting you to sell something.

From: Prism Microsystems

Sent: Wednesday, December 01, 2010 10:01 AM


Subject: Webinar: Prevent “WikiLeaks-type” Data Loss

Webinar:  How to Prevent “WikiLeaks-type” Data Loss in Government Networks

Following the most recent publication of classified documents by WikiLeaks, government agencies are reviewing current provisions for protecting classified and top secret data – they are also researching best practices and alternative methods to monitor, prevent, and document data loss.

Attend this webinar to learn:

  • how the leaks happened
  • telltale signs of a leak
  • what you can do to prevent them

Leak picture by jillallyn.

Similar Posts:

Posted in Rants | 4 Comments »

4 Responses

  1.  Ben Says:

    And the worst part is that a) this is who “security” has been legislated over the past decade (+?), and b) I’m sure State (and other agencies) will feel compelled to buy from $VENDORS, not because the solutions meet the need, but out of undefined obligation. I bet they can’t even tell you what problem their solving, just that they’re going to “solve the problem” very soon. *sigh*

  2.  Tweets that mention WikiLeaks: Coming to an Agency Near You | The Guerilla CISO -- Says:

    […] This post was mentioned on Twitter by rybolov and novainfosec, M48813. M48813 said: In case you didn't figure it out on your own, don't download cables at work. thx -> RT @rybolov […]

  3.  Handsome Donkey Says:

    It’s just like transubstantiation. If you eat the cookie at home, it doesn’t do anything. If you eat the cookie at the office, though, it turns into the body of secrets (kind of like your SOPs make sense when you practice them in an imaginary place that has no internet, but when you practice them in real life, they resemble some of the more cuckoo elements of religious dogma).

  4.  fin Says:

    Air Force has blocked their network users from accessing New York Times and other cable news reporters. I’ve heard that agencies have already blocked wikileaks.

    DoS has sent threatening email to forgien service students at Columbia threatening retaliation during job applications.

    OMB has told agencies AND contractors that they shouldn’ outta and that goes for personal devices as well.
    (wonder how they intend to enforce that?)

    It goes without saying . . . this is a direct and predictable result of no to ‘need to know’ yes to ‘need to share’.

    Damage control has been limited to preventing only those people cleared to see the material from seeing it.

Leave a Comment

Please note: Comment moderation is enabled and may delay your comment. There is no need to resubmit your comment.

Visitor Geolocationing Widget: