1he WlklLeaks 1hreaL

An Cvervlew by alanur 1echnologles, P8Cary

lederal, and 8erlco 1echnologles
WlklLeaks Cvervlew
WikiLeaks was launched in 2006 by self-described
Chinese dissidents and interested parties from five
continents
- Within a year of its launch, WikiLeaks claimed to
possess over 1.2 million documents from thirteen
countries
As of January 2010, the WikiLeaks team consisted of
five full-time employees and about 800 volunteers
- The employees and volunteers are spread across
the world, with their identities largely unknown
!ullan Assange
!"#$: !uly 3, 1971 ln Cueensland, AusLralla
%&#'(&) +(&(,-: ulvorced
./')0#1$! uanlel Assange, age 20
233,4&5"$: LdlLor-ln-Chlef and Spokesperson
for WlklLeaks
.,##1$( 6"3&5"$: SouLh-wesLern unlLed
klngdom - conLacL lnformauon allegedly glven Lo
Lhe MeLropollLan ollce Servlce ln London
nov 18, 2010 - ArresL warranL lssued by a SLockholm
dlsLrlcL courL on susplclon of rape, sexual molesLauon,
and unlawful coerclon
#$% &'( )'*' + ,-./01 $2 3#456,78 601 #$9/0 8:;<
$= >.2<01 ?0@;$2; =$@ A;0B /@:C0;D
uec 2, 2010 - ArresL warranL lssued by Sweden,
followlng a requesL by uk's Serlous and Crganlsed
Crlme Agency
Auorney-Ceneral of AusLralla 8oberL McClelland has
noL ruled ouL Lhe posslblllLy of AusLrallan auLhorlues
cancellng Assange's passporL, and warned LhaL he may
face charges, should he reLurn Lo AusLralla, due Lo Lhe
poLenual number of crlmlnal laws LhaL could have
been breached by Lhe release of Lhe [uS ulplomauc
Cables]."
Member counLrles of ln1L8CL
users of Lhe 8ed nouce LlsL of WanLed ersons
1he WlklLeaks Crganlzauon
Cb[ecLs ln red are employees, 8lue are volunLeers
ulsgrunLled
Amerlcan Cluzens
volunLeer
SLaLus uncerLaln
Conrmed Lmployee
80E021
Spokesman
8eglsLered Cwner
lounder
PosL of
Wlklpedla.de
!ournallsL
lormer
volunLeer
lormer
volunLeer
volunLeer
l1 SpeclallsL
lormer
Spokesman
!ournallsL
!ournallsL
!ournallsL
Clenn Creenwald
Clenn was crlucal ln Lhe Amazon Lo
CvP Lransluon
lL ls Lhls level of supporL LhaL needs Lo
be dlsrupLed
1hese are esLabllshed professlonals LhaL
have a llberal benL, buL ulumaLely mosL of Lhem lf pushed wlll
choose professlonal preservauon over cause, such ls Lhe menLallLy
of mosL buslness professlonals.
WlLhouL Lhe supporL of people llke Clenn wlklleaks would fold.
WlklLeaks Cvervlew
WikiLeaks describes itself as an uncensorable
system for untraceable mass document leaking.
They have used many hosting services in many
different countries, including PRQ (Sweden),
Amazon (US), and OVH (France).
A few days ago, Amazon pulled the plug on their
WikiLeaks server
WikiLeaks has since turned to Swedish internet
host Bahnhof AB, which is literally located in a
Cold War bomb shelter
lnfrasLrucLure
CurrenLly Lhe maln slLe ls hosLed by CvP lS ln arls,
lrance (88.80.13.160)
uocumenL submlsslon and reposlLory ls ln Sweden
hosLed on 8C Posung (88.80.2.32)
Wlklleaks counLry domalns are owned by separaLe
lndlvlduals noL employees of Lhe organlzauon.
Wlklleaks.lnfo provldes masLer mlrror llsL. PosLed aL
lmproWare AC SwlLzerland (87.102.233.137)
8ahnhof A8 Servers,
lonen WhlLe MounLalns, Sweden
WlklLeaks Servers
Servers are consLanLly mlgraung LhroughouL Lhe globe
WlklLeaks Servers
ueLalled Luropean server mlgrauon analysls
lrom Lhe WS! (8/23/10)
!"#$ &' $() *$#"$)+, -./&0/)* -.1&#2&#"3.+ ".4 #)+-*$)#-.+
5-6-7)"6* -. 4-8)#).$ 1&9.$#-)* 9.4)# 4-8)#).$ "9*2-1)*
$("$ 2#&/-4) :";-:9: 2#&$)13&. 9.4)# $() 0"<* &' $()*)
1&9.$#-)*= " 0->#"#, -. ?9*$#"0-"@ " '&9.4"3&. -. A#".1)@
".4 " .)<*2"2)# -. B<)4).@ ".4 $<& .&C.":) $";
);):2$ DEF1G .&.C2#&H$* -. $() I.-$)4 B$"$)* "#) *&:)
);":20)*J K"., &' $() #)0)"*)* &' 4&19:).$* '&# " <(-0)
<)#) >"*)4 -. L1)0".4 <()#) 0"<* "#) );$#):)0,
2#&$)13/) &' *2))1(J ?00 &' $(&*) :&/)* "#) *-:20, $&
2#&$)1$ $() &#+".-M"3&.J
SLrengLhs and Weaknesses
SLrengLhs
1helr sLrengLh ls Lhelr global followlng and volunLeer sLa. 1hls allows Lhem Lo have
a very loose organlzauon. Llule lf any dlrecuon or coordlnauon ls acLually passed lL ls
[usL lnferred as parL of Lhe cause.
!ullen pronounces and Lhe mlnlons follow. Larger lnfrasLrucLure ls falrly polnLless Lo
auack because Lhey have so many oLher polnLs and organlzauons LhaL are wllllng Lo
dlsLrlbuLe Lhe lnformauon and help Lhem geL new hosung servlces.
Weaknesses
llnanclal: 1hey are under lncreaslng nanclal pressure because auLhorlues are
blocklng Lhelr fundlng sources.
SecurlLy: need Lo geL Lo Lhe Swedlsh documenL submlsslon server. need Lo creaLe
doubL abouL Lhelr securlLy and lncrease awareness LhaL lnLeracuon wlLh WlklLeaks
wlll expose you.
Mlsslon: 1here ls a fracLure among Lhe followers because of a bellef LhaL !ullen ls
golng asLray from Lhe cause and has selecLed hls own mlsslon of auacklng Lhe uS.
uesplLe Lhe publlclLy, WlklLeaks ls nC1 ln a healLhy posluon rlghL now. 1helr weakness
are causlng greaL sLress ln Lhe organlzauon whlch can be caplLallzed on.
8esponse 1acucs
Speed ls cruclal!
1here ls no ume Lo develop an lnfrasLrucLure Lo supporL Lhls
lnvesugauon
1he LhreaL demands a comprehenslve analysls capablllLy now
Combaung Lhls LhreaL requlres advanced sub[ecL mauer
experuse ln cybersecurlLy, lnslder LhreaLs, counLer cyber-
fraud, Largeung analysls, soclal medla explolLauon
alanur 1echnologles, P8Cary lederal, and 8erlco
1echnologles represenL deep domaln knowledge ln each of
Lhese areas
1hey can be deployed <$C$@@$> agalnsL Lhls LhreaL as a unled
and coheslve lnvesugauve analysls cell
oLenual roacuve 1acucs
leed Lhe fuel beLween Lhe feudlng groups. ulslnformauon. CreaLe messages
around acuons Lo saboLage or dlscredlL Lhe opposlng organlzauon. SubmlL
fake documenLs and Lhen call ouL Lhe error.
CreaLe concern over Lhe securlLy of Lhe lnfrasLrucLure. CreaLe exposure
sLorles. lf Lhe process ls belleved Lo noL be secure Lhey are done.
Cyber auacks agalnsL Lhe lnfrasLrucLure Lo geL daLa on documenL submluers.
1hls would klll Lhe pro[ecL. Slnce Lhe servers are now ln Sweden and lrance
pumng a Leam LogeLher Lo geL access ls more sLralghuorward.
Medla campalgn Lo push Lhe radlcal and reckless naLure of wlklleaks acuvlues.
SusLalned pressure. uoes noLhlng for Lhe fanaucs, buL creaLes concern and
doubL amongsL moderaLes.
Search for leaks. use soclal medla Lo prole and ldenufy rlsky behavlor of
employees.
alanur 1echnologles
alanur 1echnologles provldes a compleLe analysls
lnfrasLrucLure
Core Lechnologles lnclude daLa lnLegrauon, search
and dlscovery, knowledge managemenL, and secure
collaborauon
alanur ls broadly deployed LhroughouL Lhe
nauonal lnLelllgence and defense communlues
alanur ls deployed aL lorLune 30 companles
focused on cybersecurlLy, counLer-fraud operauons,
and lnslder LhreaL lnvesugauons
See hups://palanur.com/governmenL/conference: 32%0;9E.92E F@.G1 .21 HIJ0@ K0/G@:<I 4L@0.<; :2 8.@E0
H$CC0@/:.- 52<0@?@:;0; for a vldeo demonsLrauon of alanur
alanur 1echnologles
6.?:1 M2.-I;:;
uslng alanur, an analysL can dlscover and lnvesugaLe laLenL LhreaL neLworks ln mlnuLes lnsLead of hours or days,
dlve deeper lnLo daLa Lhan prevlously posslble, and for Lhe rsL ume be exposed Lo daLa ln a concepLual
envlronmenL along lnLuluve and hlgh-level dlmenslons, LoLally unconsLralned by daLa scale and sllo.
M ,@$%02 4@./N 60/$@1
1he core value asseLs of an enLerprlse musL be proLecLed, and when Lhose asseLs Lake Lhe form of ldeas, sLraLegy,
and lnLellecLual properLy, Lhe challenge of proLecuon ls slgnlcanL. WlLh alanur, corporaLe securlLy and l
proLecuon unlLs wlLhln Lhe prlvaLe secLor can leverage Lhe same all-source lnLelllgence plauorm used LhroughouL
Lhe uS nauonal securlLy and law enforcemenL communlues Lo proacuvely ldenufy and lnvesugaLe lnLernal LhreaLs.
O$G@ 60.1I P.10 M2.-I;:; 32=@.;<@G/<G@0
Crlmlnal and fraudulenL neLworks explolL lnfrasLrucLure Lhrough large-scale compromlse of auLhorlzed accounLs and
dlsLrlbuLed auack vecLors. AnalysLs and lnvesugaLors successfully defend agalnsL Lhese LhreaLs uslng alanur Lo fuse
cyber, Lransacuonal, and conLexLual daLa Lo bulld a comprehenslve plcLure of fraudulenL acuvlLy. alanur parLners
wlLh large nanclal rms Lo provlde a sophlsucaLed, exlble plauorm for uncoverlng fraudulenL behavlor embedded
ln a sea of leglumaLe acuvlLy - seamlessly merglng LerabyLes of daLa from a muluLude of daLa sources.
P8Cary lederal
A focus on lnformauon Cperauons (lnlCCS)
lnuence operauons
Soclal medla explolLauon
new medla developmenL
LxperLs ln LhreaL lnLelllgence and open source analysls
World renowned vulnerablllLy research and explolL
developmenL
Crlucal cyber lncldenL response
lndusLry leadlng malware analysls and reverse
englneerlng
8erlco 1echnologles
Comprlsed of decoraLed LalenL wlLh proven analyucal experuse from
LhroughouL Lhe Armed lorces.
ConsulLanLs are classlcally Lralned on cumng-edge lnLelllgence docLrlne, Lo
lnclude Lhe meLhodologles of: fuslon, Largeung, and predlcauve analysls.
8esponslble for brldglng Lhe gap beLween hard problems and analyuc/
Lechnlcal soluuons for cusLomers across Lhe 13 lnLelllgence agencles.
ueveloped Lhe Cerued alanur 1ralner Course. Cur knowledge of Lhe
sysLem ls essenual Lo drlvlng requlremenLs and meeung lnLelllgence
dellverables.
lurLhermore, we are LrusLed advlsors ln Lhe areas of Lechnology lnLegrauon,
hlgh-end consulung, cyberspace operauons, and lnLelllgence analysls for
speclallzed unlLs and agencles LhroughouL Lhe lnLelllgence communlLy (lC).
Concluslon
WlklLeaks ls noL one person or even one organlzauon, lL ls a
neLwork of people and organlzauons acung ln concerL for Lhe sole
purpose of unLraceable mass documenL leaklng."
1ogeLher, alanur 1echnologles, P8Cary lederal, and 8erlco
1echnologles brlng Lhe experuse and approach needed Lo combaL
Lhe WlklLeaks LhreaL eecuvely.
ln Lhe new age of mass soclal medla, Lhe lnslder LhreaL represenLs
an ongolng and perslsLenL LhreaL even lf WlklLeaks ls shuL down.
1radluonal responses wlll fall, we musL employ Lhe besL
lnvesugauve Leam, currenLly employed by Lhe mosL sensluve of
nauonal securlLy agencles.
8ACkuS
8apld Search, Masslve Scale
vlsuallze neLworks and 8elauonshlps
ueLalled Auack vecLor Analysls
Ceospaual Analysls