WikiLeaks and U.S. Computer Security: The ‘Second Spy’ Theory
Either U.S. intelligence is massively incompetent, or PFC Manning had help — an insider with high-level access.
December 6, 2010 - 7:37 am
First is the “need to know” question. Manning had been a E-4 Specialist (same pay grade as a corporal) analyst — he was busted to PFC for unrelated reasons — and would have had access to intelligence in theatre. It seems inconceivable that he would have access to worldwide diplomatic cable traffic. The Guardian story’s answer is that these cables were being dumped into SIPRnet as part of a 9/11-inspired attempt to make information available, and thus avoid the problem of people not “connecting the dots.”
Perhaps. But the other side of that argument is what’s known as the “aggregation problem” in computer security: the more information you collect together, the more you can learn. As we’re seeing in these leaks, you can infer some very sensitive stuff from a lot of relatively low-level information. Are we really giving any random person with a SECRET clearance access to this much information, including video of Baghdad firefights and Special Forces operation reports?
Second, there’s the way Manning is said to have gotten the information out of his secure area. According to the Guardian, Manning brought in some rewritable CD-ROMs with music, erased the music, copied the data to the CD-ROMs, and walked back out with them.
If so, there is an ex-officer from his unit who is now counting socks in Thule, Greenland, or should be. Secure areas have a very straightforward rule on such things: media may come in, but it can’t go back out. (In fact, when I worked in a secured area, we even had to lock up our typewriter ribbons and platens.)
But this seems unlikely, because the DoD had forbidden people to even bring CDs and thumb drives in to secure areas in 2008.
As CNET reported:
The U.S. Department of Defense has temporarily banned the use of thumb drives, CDs, and other removable storage devices because of the spread of the Agent.bzt virus, a variant of the SillyFDC worm, according to Wired.
This explanation isn’t completely implausible. Not completely. If it’s true, it appears that it means general breakdowns in the methods by which the U.S. has protected classified information since the First World War, as well as violating explicit policies and procedures.
Of course, there’s another explanation: someone at a higher level of trust than Pfc. Manning is the real source, and Manning is just a convenient fall guy.
We can draw a picture of that source, just from what we know already. The source has access to diplomatic cable traffic, U.S. war reports, and even gun sight video across both major theaters of the war. Compartmentalization puts that person back inside the Washington, D.C., theater.