In the recent public discussions of Wikileaks, I haven’t seen (though I could have missed it) any credit and congratulations given to Julian Assange’s organization for exposing the insecurity of the US Government’s SIPRNet. That exposure was an important service to the people of the United States, as well as to our hired help, the US Government.
According to the Pentagon, SIPRNet has approximately half a million users. Access is also available to a “…small pool of trusted allies, including Australia, Canada, the United Kingdom and New Zealand…”
I don’t know if Wikipedia is right about the number, “half a million users”. I’ve seen quotes lately that claim a million users. But even if it’s a tenth of the Wikipedia figure – that is, 50,000 users — that is a sizable global network, and if data on that sizable network has value, it’s simply naive for someone to think data will not leak out — naive about networks and computers, and naive about people.
The bureaucratic position is, “But this network is locked down, not physically connected to the Internet, accessible only by people who are authorized, closely monitored… blah, blah, blah…” In a word, Naive.
Think about it: Here’s a network 1) with data that has value and 2) 50,000 or 500,000 or a million users. A network admin claims data will never be copied from the network for some unauthorized purpose…
That doesn’t even make sense.
But if you’re a bureaucrat without much knowledge of technology in general, or of networks and the internet in particular, and if you have little or no understanding of human nature, you might think it does make sense, which is sad for you at a personal level, but also bad for the people you work for. And it’s why you should thank Wikileaks for giving you the benefit of a little education.
The way data would normally be copied from a network like SIPRNet — the way it has been copied from SIPRNet in the past, we can assume — is secretly, without fuss, without fanfare. People with access to the network, and with particular interests, have quietly copied data by various means, to be delivered to persons with a shared ideology or religion, or to persons of whatever ideology, who are able to pay well, and pay in cash.
Wikileaks, by making SIPRNet data available publicly and with great fanfare, badly mauled the business models and espionage exploits of everyone who was already quietly copying data from SIPRNet for profit or for a cause. The network security clampdown, inspired by Wikileaks, will impact an unknown number of enterprises.
The outrage of the US Government at Wikileaks for making secrets public is probably echoed behind closed doors in obscure facilities in Iran, North Korea and elsewhere. But the outrage in the echo is not that Wikileaks made secrets public, but that Wikileaks made it public that secrets could be acquired from SIPRNet. Lots of secrets.
The Big Secret — that SIPRNet leaks — was leaked by Wikileaks, and we can be certain there are people of various nationalities who would rather that were not known.
Thank you, Mr. Assange. You’ve done us a favor.