WikiLeaks Source Manning Used Data-Mining Software

Tuesday, April 05, 2011

Headlines

69dafe8b58066478aea48f3d0f384820

The U.S. Army has confirmed that accused WikiLeaks source Bradley Manning had installed data-mining software on his SIPRnet-linked computer during the same period he is suspected of harvesting hundreds-of-thousands of classified government documents.

Army spokeswoman Shaunteh Kelly clarified the language used in charges against Manning in response to questions from Wired's Threat Level, stating that “the allegations… refer to data-mining software. Identifying at this point the specific software program used may potentially compromise the ongoing criminal investigation.”

SIPRnet is shorthand for the Secret Internet Protocol Router Network that has been determined to be the system breached in the WikiLeaks data loss event, and prosecutors believe Manning installed the data-mining software on the system on at least two occasions.

The use of data-mining software to glean the classified material would present an indication of forethought on the part of the Manning, and could prove to be powerful evidence in his pending prosecution.

“Generally, people who engage in unauthorized access — many of them anyway — are thrill seekers who do it without any specific plan in mind. But to upload a data-mining suite of software suggests you have a plan in mind, you’re sophisticated enough to use the software and to configure it to find what you want, and that you have given this plan a great deal of attention," said a former federal prosecutor Scott Christie.

The use of data-mining software would have allowed Manning to execute sophisticated data search queries, helping him to gather information on specific topics of interest. The software may also have helped Manning avoid detection, as the SIPRnet search functions may have been monitored.

The level of complexity involved with using data-mining software to harvest information from the SIPRnet systems leads some to speculate that Manning could possibly have needed the help of a third party.

“You’d have to understand the query language they use to build up different rules. I don’t think it would be that difficult, but you probably need to have somewhat of a programming mindset. I don’t know if Manning would have that, or if he would need someone to help him do that," said VeraCode CTO Chris Wysopal.

Source:  http://www.wired.com/threatlevel/2011/04/manning-data-mining/

Possibly Related Articles:
10379
Network->General
Software Data Mining Headlines Espionage WikiLeaks Siprnet National Security breach Bradley Manning
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.