WikiLeaks and Information Security
Q&A With School of Business Associate Professor Sanjay Goel
Governments and corporations need to focus on internal access control to prevent another 'mega-leak' akin to WikiLeaks' release of U.S. diplomatic ables, according to Sanjay Goel of UAlbany's School of Business.
ALBANY, N.Y. (December 13, 2010) --
On Nov. 28, 2010, WikiLeaks released 291 of 251,287 confidential diplomatic cables detailing correspondence between the U.S. Department of State and U.S. Embassies. In the coming months, WikiLeaks promises to release the remaining documents while the United States works to shut down the "new media" organization.
School of Business Associate Professor Sanjay Goel is an expert on information security, computer forensics, security risk analysis and wireless security. He is also the research director of the New York State Center for Information Forensics and Assurance (CIFA). Goel discusses WikiLeaks' latest 'mega-leak' and what it means for governments and corporations.
Q: How is it possible for one person or organization to pull off such an astounding theft of secured information?
A: This is most likely a case of an insider attack where a trusted officer who had access to sensitive information was able to download and store it. While information is protected from access outside the organization, people in trusted circles have authorizations which can be misused to release confidential information.
UAlbany Associate Professor Sanjay Goel (Photo Mark Schmidt)
Q: Historically, how does this rank among data breaches?
A: This revelation is probably more embarrassing than damaging. Countries often have suspicion of the positions of different nations as well as individuals. However, civility is maintained in public. The information presented through the Wiki is just privileged communication among state department officials. This is in some ways breach of individual privacy even though this is work-related. People often say and do things in private that they would not say and do in public.
Q: How should organizations or governments defend against this type of security breach?
A: Insider leaks are hard to prevent since people are provided information based on trust. Employees who are trusted with such sensitive information are carefully selected after background and behavioral checks. They are a part of the trusted circle. One way to improve security is by tightening internal access control, i.e., by selectively allowing insiders access to sensitive information on a needs basis. To set an example and deter others, perpetrators need to be identified and prosecuted. Finally, older information that is no longer deemed necessary should be destroyed on a regular maintenance schedule. Having multiple employees overlap in responsibility such that they can observe each other's activities may also offer some protection.
Q: Considering the scale of this security breach, going forward, is there any way for governments/organizations to feel completely secure?
A: Achieving 100 percent security is virtually impossible. There is always some residual risk that organizations have to accept. To minimize risk, information should be classified according to its sensitivity and access should be allowed based on need and security clearance. The only way to protect information leaks is to destroy the information.
Q: Following government and corporate shutdowns of WikiLeaks, a number of hackers have launched a series of "denial-of-service" attacks on companies that have severed links with the site. What are denial-of-service attacks, and what potential damage could they cause?
A: Denial-of-service on computer networks refers to network attacks that prevent legitimate users from accessing services and resources on a computer network. For instance, a denial of service attack on Amazon.com would prevent people from accessing the website and ordering products. Denial-of-service attacks can be launched by making a large number of fake requests to the server and depleting its capacity to serve legitimate users, or by finding a weakness in the web server and launching an attack to disable it. Botnets are often used as a resource to launch such attacks as is the case with the attacks launched on selected financial institutions by the supporters of WikiLeaks.
For more news, subscribe to UAlbany's RSS headline feeds
Educationally and culturally, the University at Albany-SUNY puts "The World Within Reach" for its 18,000 students. An internationally recognized research university with 58 undergraduate majors and 128 graduate degree programs, UAlbany is a leader among all New York State colleges and universities in such diverse fields as public policy, nanotechnology and criminal justice. With a curriculum enhanced by 300 study-abroad opportunities, UAlbany launches great careers. For more information about this globally ranked University, visit http://www.albany.edu/. For UAlbany's extensive roster of faculty experts, visit www.albany.edu/news/experts.shtml.