Does It Matter Whether WikiLeaks is an Active or Passive Publicizer of Other People’s Sensitive Information?
Network World reports that Tiversa has found sensitive data on peer to peer networks that later on shows up on WikiLeaks. WikiLeaks denies any active role, says all the data it publishes comes from “sources” who send the information to WikiLeaks.
This is mostly one of those “inside baseball” kinda things – to the enterprise whose data is exposed, the damage is done either way. However, the decision on how to fix the problem might be different depending on how WikiLeaks actually obtained the information:
- A malicious or disgruntled insider provided the information to WikiLeaks
- Corporate PCs were compromised with p2p clients (either by users installing music stealing apps or by a botnet compromise) causing random corporate data to show up on BitTorrent and the like.
A defense in depth strategy says fix both – budget realities may not support that. A realistic viewpoint says trying to limit what authorized users do invariably hits political obstacles, while protecting against malware attacks can lead to some near term successes.
View Free, Relevant Gartner Research
Gartner's research helps you cut through the complexity and deliver the knowledge you need to make the right decisions quickly, and with confidence.Read Free Gartner Research
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.