Criminal Justice & the Rule of Law Executive Branch Intelligence

Weaponized Wikileaks: Nick Reads Wikileaks So You Don't Have To

Nicholas Weaver
Thursday, September 24, 2015, 7:44 AM

One of the most powerful ways to damage an institution is what Bruce Schneier calls “organizational doxing”, obtain the target’s secrets and spread them to the world.

Published by The Lawfare Institute
in Cooperation With

One of the most powerful ways to damage an institution is what Bruce Schneier calls “organizational doxing”, obtain the target’s secrets and spread them to the world. Whether Sony Pictures, a company providing spyware to repressive regimes like Hacking Team or an apparently fraudulent “dating” site like Ashley Madison, such exposure can have devastating effects. And if your target is a government, Wikileaks is more than happy to distribute stolen information for you.

This first became clear with the bulk release of the Saudi Foreign Ministry cables, information most likely stolen by Iran. Not being a fan of the Saudi government, I can’t help but enjoy some schadenfreude, even if that use of Wikileaks as a seeming tool of Iranian intelligence should disturb me more.

Now someone else is using Wikileaks as a weapon against the NSA and US diplomatic relationships. As far as I can tell, there has been little public discussion of these explicitly weaponized leaks.

Beginning in late June, Wikileaks published purported Executive SIGINT highlights and telephone tasking information from NSA activity targeting the governments of France, Germany, Brazil, and Japan. Now these documents could be faked with sufficient skill, although the faker would have to understand considerable obscure diplomatic details. And even if fake, if they are believed they are equally damaging. But let us assume they are real.

The leaked content is remarkably banal: it is the NSA doing its job and doing it well. Intelligence against our “allies”, especially when our interests don’t align, is every bit as critical as intelligence against our adversaries. Every phone number in the tasking lists are legitimate intelligence targets, and the actual summaries involve intercepting the deliberations of high level foreign officials, providing actionable information for our diplomats. The NSA can take pride in their remarkable ability to penetrate French, German, and Japanese government discussions.

Even the seemingly “silly” details, such as whether Sarkozy was going to discuss the Havana Club trademark dispute when visiting President Obama or the internal Japanese discussion of cherry trade, is highly relevant for US negotiators both for preventing surprise and protecting US interests.

The leaked summaries present the picture of a highly capable and disciplined NSA doing its job. Those worried about civil liberties have little to fear from the NSA presented in these leaks. Indeed, the “unconventional” nature of most of the summaries suggest that the NSA obtained this intelligence through hacking or other targeted attacks.

We spy on our allies, and they spy on us (except the Germans, who seem distinctly embarrassed when their spies actually do their job), but airing such surveillance out in the open seems to be deliberately designed to damage US relationships.

So where is the public discussion? This may be ignorance on my part, but these weaponized leaks worry me. Wikileaks doesn’t seem to care that they are being used as a weapon by unknown parties, instead calling themselves a “library of mass education”. But the rest of us should.

Of all the NSA-related leakers (the scorecard already has at least three others: Edward Snowden, whoever leaked ANT catalog of NSA tools, and the individual who leaked New Zealand's WTO surveillance rules), this Wikileaks leaker represents something different. No matter what you think of Edward Snowden, it appears he believes he’s a patriot, and he certainly didn’t trust Wikileaks with raw documents after Wikileaks bungled the Manning documents.

This leaker appears different, a saboteur not a whistleblower, since the leaks themselves do not reveal any significant NSA abuse. Someone gained access to (or can credibly fake) Top Secret information, and seems to be using it specifically to damage US diplomatic relations. The last release occurred at the end of July, with subsequent silence, although we don’t know why the releases occurred when they did.

But what other secrets might this saboteur have, and when might they see the light of day? Do we really believe that someone seemingly intent on damaging US diplomacy only had a little more than a dozen summaries to release?

Nicholas Weaver is a senior staff researcher focusing on computer security at the International Computer Science Institute in Berkeley, California, and Chief Mad Scientist/CEO/Janitor of Skerry Technologies, a developer of low cost autonomous drones. All opinions are his own.

Subscribe to Lawfare