As cables continue to trickle out of WikiLeaks in the second week since the site began posting, it appears that WikiLeaks and the United States government have learned some hard lessons.
"Previously with security breaches, the focus has been on the outside threat," said Darren Hayes, Computer Information Services Program Chair at New York's Pace University. Companies have been worried about other organizations trying to steal corporate secrets and the government has been protecting against foreign countries trying to breach U.S. security and defenses, Hayes said. There hasn't been "enough mention of internal threats, in the past," he said.
The "WikiLeaks debacle" essentially boils down to an insider data breach, according to Hayes, as it involves a user with access leaking the data to someone else. Organizations - business and the federal government - are reviewing their policies to prevent similar breaches in the future.
As for U.S. military analyst Army Private Bradley Manning, the one suspected of leaking the cables to WikiLeaks, "he simply had too much access to sensitive government information," said Thom VanHorn, vice president of global marketing at Application Security. If employees "only have access to the information necessary to do their jobs" and access privileges are properly assigned, "sensitive information doesn't get into the wrong hands," VanHorn said.
The U.S. Office of Management and Budget ordered each agency that handles classified information to perform a security review of its procedures.
The U.S. Department of Defense will "rethink computer security procedures and change their policies in a revolutionary way," said Hayes. At the moment, the changes are fairly straightforward: banning all removable devices on classified systems. The Defense Department said there will be other changes as well, such as a network monitoring solution that will identify anomalous network activity and changes in how data is transferred between classified and unclassified computers.
For WikiLeaks, the question is no longer about whether it will get shut down soon, but about money. Instead of a single DNS provider, the site now has a round-robin setup of at least 14 DNS providers directing traffic to its domain name, of which it now has several.
Despite losing the wikileaks.org domain name, Web hosting, ongoing denial-of-service attacks and getting blacklisted by some countries in the first week, the site remains up, bolstered by nearly a thousand mirror sites around the world keeping the content online.
"The harder you hit them, the bigger they get," said James Cowie, a security researcher with Renesys.
But PayPal, MasterCard and Visa have all suspended accounts, and Switzerland's PostFinance suspended one of the bank accounts set up for founder Julian Assange's legal bills. Even if donations don't come in, the bills are going to mount, and the site needs a legal fund for when the United States lawyers come knocking. U.S. Attorney General Eric Holder has made no secret of his desire to prosecute Assange.
"To the extent that we can find anybody who was involved in the breaking of American law, who put at risk the assets and the people I have described, they will be held responsible; they will be held accountable," Holder said at a news conference.
The controversy around Assange appears to be too much for some WikiLeaks staffers, as they resigned to launch a rival whistle-blower site OpenLeaks.
Even though PayPal released all the funds to the foundation that was raising funds for the site, PayPal said the accounts will remain inaccessible. The donations are right now limited to going through Flattr, a Web-based donation system run by a British-Swedish firm. "We will never stop this as long as WikiLeaks' operations are legal," said Leif Hogberg, a system developer and co-owner of the small firm, to AFP. He noted that WikiLeaks is not yet illegal in Great Britain or Sweden.