According to the Army’s digital forensic expert, accused WikiLeaker Bradley Manning obtained classified Guantanamo Bay detainee assessments from a SharePoint site, and subsequently leaked them to WikiLeaks. Wired magazine states that the forensic analyst discovered “scripts on Manning’s computer that pointed to a Microsoft SharePoint server holding the Gitmo documents. He ran the scripts to download the documents, then downloaded the ones that WikiLeaks had published and found they were the same” [1]
Unauthorized SharePoint access is a common security gap, in many organizations. We’ve seen numerous customers struggling with this, unable to get their arms around who has access to which SharePoint site, and what types of data (classification, risk level, and content) are thus accessible.
While most organizations don’t need to worry about employee access to classified information, rogue access to confidential corporate information can nonetheless be damaging and expensive – as clearly demonstrated by the RSA and Sony incidents this year.
I’m sure there will be additional Information Security-related aspects of the ongoing Manning hearing, and we’ll continue to cover them here.
