WikiLeaks Response v6
-
Upload
aaronworthing -
Category
Documents
-
view
248 -
download
0
Transcript of WikiLeaks Response v6
-
7/31/2019 WikiLeaks Response v6
1/24
TheWikiLeaksThreat
AnOverviewbyPalan6rTechnologies,HBGary
Federal,andBericoTechnologies
-
7/31/2019 WikiLeaks Response v6
2/24
WikiLeaksOverview
WikiLeaks was launched in 2006 by self-describedChinese dissidents and interested parties from fivecontinents
- Within a year of its launch, WikiLeaks claimed to
possess over 1.2 million documents from thirteencountries
As of January 2010, the WikiLeaks team consisted offive full-time employees and about 800 volunteers
- The employees and volunteers are spread acrossthe world, with their identities largely unknown
-
7/31/2019 WikiLeaks Response v6
3/24
JulianAssange
Born:July3,1971inQueensland,AustraliaMaritalStatus:Divorced
Children:DanielAssange,age20
Occupa5on:Editor-in-ChiefandSpokespersonforWikiLeaks
CurrentLoca5on:South-westernUnitedKingdom-contactinforma6onallegedlygivento
theMetropolitanPoliceServiceinLondon
Nov18,2010ArrestwarrantissuedbyaStockholm
districtcourtonsuspicionofrape,sexualmolesta6on,
andunlawfulcoercion
Nov30,2010PlacedonINTERPOLRedNo9ceList
ofwantedpersonsforsexcrimes
Dec2,2010ArrestwarrantissuedbySweden,
followingarequestbyUKsSeriousandOrganised
CrimeAgency
A[orney-GeneralofAustraliaRobertMcClellandhas
notruledoutthepossibilityofAustralianauthori6es
cancelingAssange'spassport,andwarnedthathemay
facecharges,shouldhereturntoAustralia,duetothe
poten6alnumberofcriminallawsthatcouldhave
beenbreachedbythereleaseoftheUSDiploma6c
Cables].
MembercountriesofINTERPOLUsersoftheRedNo6ceListofWantedPersons
-
7/31/2019 WikiLeaks Response v6
4/24
TheWikiLeaksOrganiza6on
Objectsinredareemployees;Bluearevolunteers
Disgruntled
AmericanCi6zens
Volunteer
StatusUncertain
ConfirmedEmployee
Legend
Spokesman
RegisteredOwner
FounderHostof
Wikipedia.de
Journalist
Former
Volunteer
Former
Volunteer Volunteer
ITSpecialist
Former
Spokesman
Journalist Journalist
Journalist
-
7/31/2019 WikiLeaks Response v6
5/24
GlennGreenwald
Glennwascri6calintheAmazonto OVHtransi6on
Itisthislevelofsupportthatneedsto bedisrupted Theseareestablishedprofessionalsthat havealiberalbent,butul6matelymostofthemifpushedwill
chooseprofessionalpreserva6onovercause,suchisthementality
ofmostbusinessprofessionals.
WithoutthesupportofpeoplelikeGlennwikileakswouldfold.
-
7/31/2019 WikiLeaks Response v6
6/24
WikiLeaksOverview
WikiLeaks describes itself as an uncensorablesystem for untraceable mass document leaking.
They have used many hosting services in manydifferent countries, including PRQ (Sweden),
Amazon (US), and OVH (France).A few days ago, Amazon pulled the plug on their
WikiLeaks server
WikiLeaks has since turned to Swedish internethost Bahnhof AB, which is literally located in aCold War bomb shelter
-
7/31/2019 WikiLeaks Response v6
7/24
Infrastructure
CurrentlythemainsiteishostedbyOVHISPinParis,France(88.80.13.10)
DocumentsubmissionandrepositoryisinSwedenhostedonPRQHos6ng(88.80.2.32)
Wikileakscountrydomainsareownedbyseparateindividualsnotemployeesoftheorganiza6on.
Wikileaks.infoprovidesmastermirrorlist.HostedatImproWareAGSwitzerland(87.102.255.157)
-
7/31/2019 WikiLeaks Response v6
8/24
BahnhofABServers,
PionenWhiteMountains,Sweden
-
7/31/2019 WikiLeaks Response v6
9/24
WikiLeaksServers
Serversareconstantlymigra6ngthroughouttheglobe
-
7/31/2019 WikiLeaks Response v6
10/24
WikiLeaksServers
DetailedEuropeanservermigra6onanalysis
-
7/31/2019 WikiLeaks Response v6
11/24
FromtheWSJ(8/23/10)
Partofthestrategyinvolvesincorpora3ngandregistering
WikiLeaksindifferentcountriesunderdifferentauspices
thatprovidemaximumprotec3onunderthelawsofthese
countries:alibraryinAustralia,afounda3oninFrance,
andanewspaperinSweden,andtwono-nametax
exempt501cnon-profitsintheUnitedStatesaresome
examples.Manyofthereleasesofdocumentsforawhile
werebasedinIcelandwherelawsareextremely
protec3veofspeech.Allofthosemovesaresimplytoprotecttheorganiza3on.
-
7/31/2019 WikiLeaks Response v6
12/24
StrengthsandWeaknesses
Strengths Theirstrengthistheirglobalfollowingandvolunteerstaff.Thisallowsthemtohave
averylooseorganiza6on.Li[leifanydirec6onorcoordina6onisactuallypasseditis
justinferredaspartofthecause.
Julienpronouncesandtheminionsfollow.Largerinfrastructureisfairlypointlesstoa[ackbecausetheyhavesomanyotherpointsandorganiza6onsthatarewillingto
distributetheinforma6onandhelpthemgetnewhos6ngservices.
Weaknesses Financial:Theyareunderincreasingfinancialpressurebecauseauthori6esare
blockingtheirfundingsources.
Security:NeedtogettotheSwedishdocumentsubmissionserver.Needtocreatedoubtabouttheirsecurityandincreaseawarenessthatinterac6onwithWikiLeaks
willexposeyou.
Mission:ThereisafractureamongthefollowersbecauseofabeliefthatJulienisgoingastrayfromthecauseandhasselectedhisownmissionofa[ackingtheUS.
Despitethepublicity,WikiLeaksisNOTinahealthyposi6onrightnow.Theirweaknessarecausinggreatstressintheorganiza6onwhichcanbecapitalizedon.
-
7/31/2019 WikiLeaks Response v6
13/24
ResponseTac6cs
Speediscrucial! Thereisno6metodevelopaninfrastructuretosupportthis
inves6ga6on
Thethreatdemandsacomprehensiveanalysiscapabilitynow Comba6ngthisthreatrequiresadvancedsubjectma[er
exper6seincybersecurity,insiderthreats,countercyber-fraud,targe6nganalysis,socialmediaexploita6on
Palan6rTechnologies,HBGaryFederal,andBericoTechnologiesrepresentdeepdomainknowledgeineachof
theseareas Theycanbedeployedtomorrowagainstthisthreatasaunifiedandcohesiveinves6ga6veanalysiscell
-
7/31/2019 WikiLeaks Response v6
14/24
Poten6alProac6veTac6cs
Feedthefuelbetweenthefeudinggroups.Disinforma6on.Createmessagesaroundac6onstosabotageordiscredittheopposingorganiza6on.Submitfakedocumentsandthencallouttheerror.
Createconcernoverthesecurityoftheinfrastructure.Createexposurestories.Iftheprocessisbelievedtonotbesecuretheyaredone.
Cybera[acksagainsttheinfrastructuretogetdataondocumentsubmi[ers.Thiswouldkilltheproject.SincetheserversarenowinSwedenandFrancepungateamtogethertogetaccessismorestraighorward.
Mediacampaigntopushtheradicalandrecklessnatureofwikileaksac6vi6es.Sustainedpressure.Doesnothingforthefana6cs,butcreatesconcernand
doubtamongstmoderates.
Searchforleaks.Usesocialmediatoprofileandiden6fyriskybehaviorofemployees.
-
7/31/2019 WikiLeaks Response v6
15/24
Palan6rTechnologies
Palan6rTechnologiesprovidesacompleteanalysisinfrastructure
Coretechnologiesincludedataintegra6on,searchanddiscovery,knowledgemanagement,andsecure
collabora6on
Palan6risbroadlydeployedthroughouttheNa6onalintelligenceanddefensecommuni6es
Palan6risdeployedatFortune50companiesfocusedoncybersecurity,counter-fraudopera6ons,andinsiderthreatinves6ga6ons
-
7/31/2019 WikiLeaks Response v6
16/24
Seeh[ps://palan6r.com/government/conference:Inves9ga9ngFraudandCyberSecurityThreatsinLarge
CommercialEnterprises foravideodemonstra6onofPalan6r
Palan6rTechnologies
RapidAnalysis
UsingPalan6r,ananalystcandiscoverandinves6gatelatentthreatnetworksinminutesinsteadofhoursordays,divedeeperintodatathanpreviouslypossible,andforthefirst6mebeexposedtodatainaconceptual
environmentalongintui6veandhigh-leveldimensions,totallyunconstrainedbydatascaleandsilo.
AProvenTrackRecord
Thecorevalueassetsofanenterprisemustbeprotected,andwhenthoseassetstaketheformofideas,strategy,
andintellectualproperty,thechallengeofprotec6onissignificant.WithPalan6r,corporatesecurityandIP
protec6onunitswithintheprivatesectorcanleveragethesameall-sourceintelligenceplaormusedthroughout
theUSna6onalsecurityandlawenforcementcommuni6estoproac6velyiden6fyandinves6gateinternalthreats.
YourReadyMadeAnalysisInfrastructure
Criminalandfraudulentnetworksexploitinfrastructurethroughlarge-scalecompromiseofauthorizedaccountsand
distributeda[ackvectors.Analystsandinves6gatorssuccessfullydefendagainstthesethreatsusingPalan6rtofuse
cyber,transac6onal,andcontextualdatatobuildacomprehensivepictureoffraudulentac6vity.Palan6rpartners
withlargefinancialfirmstoprovideasophis6cated,flexibleplaormforuncoveringfraudulentbehaviorembedded
inaseaoflegi6mateac6vityseamlesslymergingterabytesofdatafromamul6tudeofdatasources.
-
7/31/2019 WikiLeaks Response v6
17/24
HBGaryFederal
AfocusonInforma6onOpera6ons(INFOOPS)Influenceopera6onsSocialmediaexploita6onNewmediadevelopment
Expertsinthreatintelligenceandopensourceanalysis Worldrenownedvulnerabilityresearchandexploit
development
Cri6calcyberincidentresponse Industryleadingmalwareanalysisandreverse
engineering
-
7/31/2019 WikiLeaks Response v6
18/24
BericoTechnologies
Comprisedofdecoratedtalentwithprovenanaly6calexper6sefromthroughouttheArmedForces. Consultantsareclassicallytrainedoncung-edgeintelligencedoctrine,to
includethemethodologiesof:fusion,targe6ng,andpredica6veanalysis.
Responsibleforbridgingthegapbetweenhardproblemsandanaly6c/technicalsolu6onsforcustomersacrossthe13intelligenceagencies.
DevelopedtheCer6fiedPalan6rTrainerCourse.Ourknowledgeofthesystemisessen6altodrivingrequirementsandmee6ngintelligence
deliverables.
Furthermore,wearetrustedadvisorsintheareasoftechnologyintegra6on,high-endconsul6ng,cyberspaceopera6ons,andintelligenceanalysisfor
specializedunitsandagenciesthroughouttheintelligencecommunity(IC).
-
7/31/2019 WikiLeaks Response v6
19/24
Conclusion
WikiLeaksisnotonepersonorevenoneorganiza6on;itisanetworkofpeopleandorganiza6onsac6nginconcertforthesolepurposeofuntraceablemassdocumentleaking.
Together,Palan6rTechnologies,HBGaryFederal,andBericoTechnologiesbringtheexper6seandapproachneededtocombat
theWikiLeaksthreateffec6vely. Inthenewageofmasssocialmedia,theinsiderthreatrepresents
anongoingandpersistentthreatevenifWikiLeaksisshutdown.
Tradi6onalresponseswillfail;wemustemploythebestinves6ga6veteam,currentlyemployedbythemostsensi6veof
na6onalsecurityagencies.
-
7/31/2019 WikiLeaks Response v6
20/24
BACKUPS
-
7/31/2019 WikiLeaks Response v6
21/24
RapidSearch,MassiveScale
-
7/31/2019 WikiLeaks Response v6
22/24
VisualizeNetworksandRela6onships
-
7/31/2019 WikiLeaks Response v6
23/24
DetailedA[ackVectorAnalysis
-
7/31/2019 WikiLeaks Response v6
24/24
Geospa6alAnalysis