In a 1,600-word editorial on its website, WikiLeaks accuses The Guardian, its former partner in publishing secret files, of releasing a password to an encrypted file containing the entire store of the sensitive material. Noting that the group had taken special care to withhold potentially dangerous information that might jeopardize lives, it continues, "Revolutions and reforms are in danger of being lost as the unpublished cables spread to intelligence contractors and governments before the public."
In a statement issued Thursday, however, the British newspaper says it "utterly rejects any suggestion that it is responsible for the release of the unedited cables.”
The reputation and ability of WikiLeaks to continue with its stated mission may be one of the first casualties of this security breach, says Mr. Grabowski.
“WikiLeaks needs the trust and cooperation of other organizations to be relevant,” he says, pointing to its relationship with The New York Times and Guardian. Both those newspapers worked hand in hand with WikiLeaks when the documents first surfaced last year.
But, he says, if the site’s mounting troubles continue, including the legal charges facing founder Julian Assange with whom the site is tightly identified, “WikiLeaks could become so radioactive as to become irrelevant.”
But security experts also see a broader caution in the story. “This is just one big wake-up call about the problems inherent in securing any data these days,” says cybersecurity expert Joseph Steinberg, CEO of Green Amor Solutions. "Here you have two organizations, with high levels of incentive to maintain tight security over its information, and yet somehow, relatively simply, those protections were circumvented.”
Human error is the most difficult to prevent, he says, but there are many elements of the security equation that this latest example highlights. The current case hinges on both access and password protection, he says, both of which can be tightened.