The ongoing WikiLeaks saga has been one of the most intensely covered stories in information security, and for good reason. It involves the exposure of damaging national secrets; has ignited fresh debates about the freedom of information, and has a very willing villain/hero in Julian Assange who is all too happy to hold the spotlight. However, for all of these same reasons it is easy to be lured into following the narrative of WikiLeaks, while missing the very real lessons and warning signs for enterprise security.
We have recently covered this topic is some detail in our recent Threat Review series which can be found here. What we see is that information security is at the heart of the issue for all players involved. Both WikiLeaks and their targets rely on the absolute security of their own information. WikiLeaks simply could not exist without the secrecy of their sources, their financial backers, the information that they possess, all of which is very professionally secured. In this light we see not a debate about freedom of information, but a very modern power struggle where the power is exerted in terms of information security.
Additionally we see DDoS attacks on both sides of the debate targeted at enterprises that are seen as supporting one side or the other. We see an evolving landscape of both traditional and very new methods of data exfiltration. We see the central role of evasive and anonymizing technologies in the lifecycle of a data breach and WikiLeaks as an organization. Lastly we see a new emerging market of WikiLeaks emulators who aim to become publishers and distributors of exfiltrated data. This is the new reality of data loss, and enterprise security teams must understand the challenges and how to protect themselves. Click http://www.paloaltonetworks.com/events/threat-review/ep3/index.php to view the recorded Threat Review presentation, and be sure to leave us your thoughts.