WikiLeaks: Security breaches from the inside

WikiLeaks is an organization that publishes submissions of private, secret, and classified media from anonymous news sources and news leaks. There has been a lot of publicity lately about WikiLeaks, as several government officials have criticized them for exposing classified information, harming national security, and compromising international diplomacy. Some people have even characterized the organization as irresponsible, immoral, and illegal.

While WikiLeaks is grueling under scrutiny, lawsuits, and criticism for releasing sensitive information, the real story I believe, is about the anonymous individuals who submitted these secret documents to WikiLeaks.

These folks are employees of the government or company in question who have signed confidentiality agreements, in most cases, yet because of some issue or grievance seek to expose sensitive information in an effort to embarrass, harm or bring about change to their employer. WikiLeaks is merely a vehicle for these nameless individuals.

There are no firewalls or security platforms to protect against this threat. Yes, there are technologies that can track documents downloaded to thumb drives, encrypt PDF documents, monitor  documents that have been printed, track emails that are sent, but when an employee, an insider, has access to key information and a copier machine there’s only so much security one can do short of monitoring every movement of every employee all day long.

The question I pose today is can anything be done to prevent a breach of trust? It’s an age old dilemma in the security field and something organizations continue to grapple with. It brings to mind a scene in the movie “Braveheart” when the character played by Mel Gibson realizes he has been betrayed by a man he considered a brother.

He was so astonished he could not move, so disappointed that he sat down in despair in the middle of the battlefield. Here was a man who was a valiant warrior and defeated armies greater in number, but who suffered a blow he was unprepared for, a blow of betrayal from a friend.

As we move into the New Year and gird ourselves with security strategies and plans,  it’s a good reminder that we should not only  seek to protect against external threats, but  also the enemy within the camp.