Wired’s Threat Level blog blows open the door on the Wikileaks/Collateral Murder mystery by naming a suspect: SPC Bradley Manning, 22, of Potomac, Md., who apparently had top-secret access and was arrested two weeks ago:
Manning was turned in late last month by a former computer hacker with whom he spoke online. In the course of their chats, Manning took credit for leaking a headline-making video of a helicopter attack that Wikileaks posted online in April. The video showed a deadly 2007 U.S. helicopter air strike in Baghdad that claimed the lives of several innocent civilians.
He said he also leaked three other items to Wikileaks: a separate video showing the notorious 2009 Garani air strike in Afghanistan that Wikileaks has previously acknowledged is in its possession; a classified Army document evaluating Wikileaks as a security threat, which the site posted in March; and a previously unreported breach consisting of 260,000 classified U.S. diplomatic cables that Manning described as exposing “almost criminal political back dealings.”
Wired.com could not confirm whether Wikileaks received the supposed 260,000 classified embassy dispatches.
OK, if the charges are true, then this is the most alarming part of the story. Someone, who at the time of the alleged crime was barely old enough to legally drink, was able to copy volumes of top secret files because the military has an IT policy weaker than your Starbucks’ does. The famed air-gap – having servers completely disconnected from the Internet – was overcome by a kid who copied files onto a CD labeled “something like ‘Lady Gaga’”:
Manning had access to two classified networks from two separate secured laptops: SIPRNET, the Secret-level network used by the Department of Defense and the State Department, and the Joint Worldwide Intelligence Communications System which serves both agencies at the Top Secret/SCI level.
The networks, he said, were both “air gapped” from unclassified networks, but the environment at the base made it easy to smuggle data out.
“I would come in with music on a CD-RW labeled with something like ‘Lady Gaga’, erase the music then write a compressed split file,” he wrote. “No one suspected a thing and, odds are, they never will.”
“[I] listened and lip-synced to Lady Gaga’s ‘Telephone’ while exfiltrating possibly the largest data spillage in American history,” he added later. ”Weak servers, weak logging, weak physical security, weak counter-intelligence, inattentive signal analysis… a perfect storm.”
Even worse, he did this undetected until he was foolish enough, reportedly, to talk to an FBI informant, ex-hacker Adrian Lamo (who Wired profiled last month).
And hey, what about that time when WikiLeaks released footage of U.S. gunships gunning down civilians and the military said they couldn’t confirm it as totally real because they had lost their own copy? According to Wired’s account, Manning tells Lamo specifically where he got the video…why don’t we see if it’s still there?
“At first glance it was just a bunch of guys getting shot up by a helicopter,” Manning wrote of the video. “No big deal … about two dozen more where that came from, right? But something struck me as odd with the van thing, and also the fact it was being stored in a JAG officer’s directory. So I looked into it.”
Read More http://www.wired.com/threatlevel/2010/06/leak/#ixzz0qB1oYOCN
One last point. The Wired article is pretty amazing in its detail; it’s pretty obvious that Lamo divulged the case to Wired in such a way that they felt comfortable working on it for a couple weeks before breaking the story. But, as @Wikileaks insinuates, how come no mention in the article of the relationship between the Wired author, ex-black-hat Kevin Lee Poulsen and Lamo…if any? Is this photo of Poulson and Lamo just a random-pose-with-a-celeb-hacker-on-the-street?
More from the NYT Lede.