Cyberdefense and Information Assurance

The Next WikiLeaks – TwitterLeaks?

For those who think the whole WikiLeaks thing is awful, it’s time to suck it up. Because, in all honesty, WikiLeaks is just the beginning.

Tomorrow, I’ve got a column running in InternetEvolution that briefly discusses the problem. But in even briefer form, here it is:

DOD does not have full situational awareness of its networks. And DOD is at least thinking about this stuff–many organizations have even less control over information systems.

Audit trails are only good for closing the barn door after the cow is gone.

There are plenty of ways to exfiltrate data that look like normal system usage.  Hell, people can exfiltrate data using their iPod’s camera now, and worry about text indexing later.

Distributed social networks, URL shorteners, and plenty of places to hide data mean that the next leaker won’t need a web address to get the information disseminated.

There will be more leaks because people will always have a reason to.

And there will always be someone in an adversarial role willing to host the content (thank you, Uruguay).

So, rather than crying over spilt cables, and pursuing investigations of the New York Times, perhaps people who care about security should start thinking about what security really means, and what information should be classified and what shouldn’t.  And be thankful that some Army specialist didn’t have access to a CD-R connected to a JWICS terminal.