WikiLeaks might make America safer
[Updates to this post, through Monday Dec. 13, follow below.]
When the “Afghan war logs” became public earlier this year, I focused on WikiLeaks from the standpoint of its huge impact on the media. The ongoing release of a quarter million State Department cables has since unleashed a torrent of hot debate about government secrecy and whether Julian Assange’s organization is a force for good or evil.
Like many others, I’ve marinated myself in related articles and commentary over the last week but remain ambivalent about some of the complex moral issues involved. I’ve also been pondering a question that seems noticeably absent from the discussion: Could it be that WikiLeaks is actually the best thing in a long time to afflict U.S. national security?
The cacophonous phenomenon on the world’s front pages has been a grand wake-up call — the rise of cyberwar is no longer a matter of theory. It’s here whether you believe Assange is an enemy or a hero. If it proves true that a low-level Army analyst was able to get his hands on such a colossal amount of sensitive documents, what does that say about Pentagon preparedness for the security challenges of the proliferating information age?
So far some contents of “cablegate” itself have informed our view of just how serious an issue this is. As the Times reported on Sunday, “repeated and often successful hacking attacks from China on the United States government, private enterprises and Western allies” have been taking place since as far back as 2002. One previously unreported attack “yielded more than 50 megabytes of e-mails and a complete list of user names and passwords from an American government agency.”
The China cables also show the fire with which WikiLeaks plays; you get the sense that if some of the redacted names were revealed, it could potentially be disastrous, both to individuals involved and to U.S. intelligence gathering.
It’s noteworthy that the Obama administration’s assessment of the damage from WikiLeaks has consistently been inconsistent. The latest round has Attorney General Eric Holder saying that “national security of the United States has been put at risk,” while Defense Secretary Robert Gates says that concerns about potential harm are “significantly overwrought” and that the disclosures will have a “fairly modest” impact on foreign policy. The mixed message would seem to suggest that the U.S. government yet lacks a coherent approach to safeguarding the nation’s information infrastructure.
In the later years of the Bush administration, the federal government began to prioritize cyberwar, a focus continued by the Obama administration. But today there are the troubling, all too familiar signs of unpreparedness, agency turf wars and legal muddle. The Pentagon’s Cyber Command seeks to expand its powers aggressively and is, not coincidentally, publicizing that fact now. According to the Washington Post, its general in charge recently testified to Congress that he could not adequately defend the country against cyber-attack because it “is not my mission to defend today the entire nation.” If an adversary attacked power grids, he said, a defensive effort would “rely heavily on commercial industry.” Former national intelligence director Dennis C. Blair warned, “This infuriating business about who’s in charge and who gets to call the shots is just making us muscle-bound.”
By some accounts the world hasn’t seen anything yet in terms of the looming dangers of cyberwar. An attack could cripple America, argues former counterterrorism chief Richard Clarke, striking everything from train routes and electrical grids to bank data and medical records.
WikiLeaks over the last few months, then, may have exposed U.S. government vulnerability in an alarmingly useful way, if one not much in line with Assange’s ideas about undermining state power. You can bet it has lit a serious fire under officials involved with the nation’s cybersecurity, who now must be working that much more intensively to plug any leaks in the ship of state and build up defenses against future attacks. They are, of course, likely toiling in secrecy. For now, anyway.
UPDATE: On the eve of his arrest in London, Assange publishes an article in The Australian: “Don’t shoot messenger for revealing uncomfortable truths.” He opens with a quote from Rupert Murdoch: “In the race between secrecy and truth, it seems inevitable that truth will always win.”
UPDATE 12/8/10: Hackers sympathetic to Assange and WikiLeaks have launched a series of cyberattacks in recent days, targeting MasterCard, PayPal and a Swiss bank. (Could Twitter be next?) The Guardian looks into the “shadowy group” allegedly behind the attacks:
A 22-year-old spokesman, who wished to be known only as “Coldblood”, told the Guardian that the group – which is about a thousand strong – is “quite a loose band of people who share the same kind of ideals” and wish to be a force for “chaotic good”.
There is no real command structure in the group, the London-based spokesman said, while most of its members are teenagers who are “trying to make an impact on what happens with the limited knowledge they have”. But others are parents, IT professionals and people who happen to have time – and resources – on their hands.
It’s really too bad that Stieg Larsson isn’t still around to witness all this.
UPDATE 12/13/10: The WikiLeaks saga itself continues to ratchet up the potential for cyberwar. With a secret grand jury in Virginia reportedly now considering criminal charges against Assange, a headline in today’s Daily Mail raises the specter of retribution for Assange’s potential extradition: “Britain on cyber warfare alert as Whitehall prepares for WikiLeaks revenge attacks on Government website, it reads. Apparently “bank details of taxpayers and benefits claimants” could be at risk.
Stateside, meanwhile, the Times’ Scott Shane reports movement on the cyberwar front: “Whether or not the Obama administration tries to prosecute those who disseminated the information, it is determined to use technology to preserve its secrets. The Defense Department is scaling back information sharing, which its leaders believe went too far after information hoarding was blamed for the failure to detect the Sept. 11 plot. The department has also stripped CD and DVD recorders from its computers; it is redesigning security systems to require two people, not one, to move large amounts of information from a classified computer to an unclassified one; and it is installing software to detect downloads of unusual size.”