07 June 2010

Alleged Wikileaks' "Collateral Murder" source arrested

Specialist Bradley Manning, of the 2nd Brigade Combat Team/10th Mountain Division, has been arrested in connection with the release of classified gun camera footage. The gun camera footage, featured in Wikileaks' "Collateral Murder" video, features a pair of US Army AH-64 Apaches engaged in a firefight near Baghdad, which resulted in the deaths of two Reuters journalists.

According to Wired.com: (H/T Themistocles' Shade)

Federal officials have arrested an Army intelligence analyst who boasted of giving classified U.S. combat video and hundreds of thousands of classified State Department records to whistleblower site Wikileaks, Wired.com has learned.

SPC Bradley Manning, 22, of Potomac, Maryland, was stationed at Forward Operating Base Hammer, 40 miles east of Baghdad, where he was arrested nearly two weeks ago by the Army’s Criminal Investigation Division. A family member says he’s being held in custody in Kuwait, and has not been formally charged.

Manning was turned in late last month by a former computer hacker with whom he spoke online. In the course of their chats, Manning took credit for leaking a headline-making video of a helicopter attack that Wikileaks posted online in April. The video showed a deadly 2007 U.S. helicopter air strike in Baghdad that claimed the lives of several innocent civilians.

He said he also leaked three other items to Wikileaks: a separate video showing the notorious 2009 Garani air strike in Afghanistan that Wikileaks has previously acknowledged is in its possession; a classified Army document evaluating Wikileaks as a security threat, which the site posted in March; and a previously unreported breach consisting of 260,000 classified U.S. diplomatic cables that Manning described as exposing “almost criminal political back dealings.”

So how did this criminal mastermind get caught? By opening up his mouth and bragging about it like a James Bond villian...

Manning came to the attention of the FBI and Army investigators after he contacted former hacker Adrian Lamo late last month over instant messenger and e-mail. Lamo had just been the subject of a Wired.com article. Very quickly in his exchange with the ex-hacker, Manning claimed to be the Wikileaks video leaker.

“If you had unprecedented access to classified networks 14 hours a day 7 days a week for 8+ months, what would you do?” Manning asked.

From the chat logs provided by Lamo, and examined by Wired.com, it appears Manning sensed a kindred spirit in the ex-hacker. He discussed personal issues that got him into trouble with his superiors and left him socially isolated, and said he had been demoted and was headed for an early discharge from the Army.

When Manning told Lamo that he leaked a quarter-million classified embassy cables, Lamo contacted the Army, and then met with Army CID investigators and the FBI at a Starbucks near his house in Carmichael, California, where he passed the agents a copy of the chat logs. At their second meeting with Lamo on May 27, FBI agents from the Oakland Field Office told the hacker that Manning had been arrested the day before in Iraq by Army CID investigators.

Lamo has contributed funds to Wikileaks in the past, and says he agonized over the decision to expose Manning — he says he’s frequently contacted by hackers who want to talk about their adventures, and he has never considered reporting anyone before. The supposed diplomatic cable leak, however, made him believe Manning’s actions were genuinely dangerous to U.S. national security.

“I wouldn’t have done this if lives weren’t in danger,” says Lamo, who discussed the details with Wired.com following Manning’s arrest. “He was in a war zone and basically trying to vacuum up as much classified information as he could, and just throwing it up into the air.”

Unfortunately, the article doesn't give high marks to security on the SIPRnet--the classified Internet, where these secret documents were stored.

Manning had already been sifting through the classified networks for months when he discovered the Iraq video in late 2009, he said. The video, later released by Wikileaks under the title “Collateral Murder,” shows a 2007 Army helicopter attack on a group of men, some of whom were armed, that the soldiers believed were insurgents. The attack killed two Reuters employees and an unarmed Baghdad man who stumbled on the scene afterward and tried to rescue one of the wounded by pulling him into his van. The man’s two children were in the van and suffered serious injuries in the hail of gunfire.

“At first glance it was just a bunch of guys getting shot up by a helicopter,” Manning wrote of the video. “No big deal … about two dozen more where that came from, right? But something struck me as odd with the van thing,
and also the fact it was being stored in a JAG officer’s directory. So I looked into it.”

In January, while on leave in the United States, Manning visited a close friend in Boston and confessed he’d gotten his hands on unspecified sensitive information, and was weighing leaking it, according to the friend. “He wanted to do the right thing,” says 20-year-old Tyler Watkins. “That was something I think he was struggling with.”...

...As described by Manning in his chats with Lamo, his purported leaking was made possible by lax security online and off.

Manning had access to two classified networks from two separate secured laptops: SIPRNET, the Secret-level network used by the Department of Defense and the State Department, and the Joint Worldwide Intelligence Communications System which serves both agencies at the Top Secret/SCI level.

The networks, he said, were both “air gapped” from unclassified networks, but the environment at the base made it easy to smuggle data out.

Attention: 1st Cavalry Combat Aviation Brigade--looks like that was where you saved that "lost video". Guess this answers that nagging question in the back of my mind about who actually leaked this thing in the first place. Still, there is something even more disturbing about all of this. Something...elsewhere. Elusive...
“I would come in with music on a CD-RW labeled with something like ‘Lady Gaga,’ erase the music then write a compressed split file,” he wrote. “No one suspected a thing and, odds are, they never will.”

[I] listened and lip-synced to Lady Gaga’s ‘Telephone’ while exfiltrating possibly the largest data spillage in American history,” he added later. ”Weak servers, weak logging, weak physical security, weak counter-intelligence, inattentive signal analysis … a perfect storm.”
Lady Gaga, what are you doing to our troops?!

1 comment:

karakapend said...

Perhaps the milbloggers should get together and write her an open letter! Like several of them did for DADT!

(I jest.)