How Manning Stole The Cables
[/B]
Many outside the military and diplomatic communities have wondered just how such a large amount of sensitive missives could have been taken. As a public service, Conflict Health is very pleased to publish a guest article from Captain Nick Dubaz, an Active Duty Army Civil Affairs Officer, explaining in full technical detail how it happened.
A number of commenters on the latest Wikileaks release have questioned how one junior enlisted Army intelligence analyst could possibly have collected and stolen such a massive number of documents unaided and undiscovered. Indeed, the very mention of “intelligence” evokes notions of secure, guarded, windowless facilities under constant surveillance employing the latest biometric technology to secure America’s secrets. This image may have once been partially true in the case of Top Secret and Compartmented information, but the distributed nature of our modern intelligence community and the proliferation of secret network access necessitated by our wars in Iraq and Afghanistan has fundamentally changed both protection of and access to classified information. The technical methods Private First Class Bradley Manning, the accused leaker, may have used to obtain and steal the material and transmit it to Wikileaks are simple and demonstrate the intelligence community’s vulnerability to an insider threat.
All mission traffic in Iraq and Afghanistan occurs on computer systems classified at the Secret-Releasable to NATO/ISAF level or above. Historically, mission traffic occurred at the Secret-NOFORN (Not Releasable to Foreign Nationals) level on the SIPR network (Secret Internet Protocol Router) and non-US elements operated on separate networks known as CENTRIX segregated by organizational membership (NATO, ISAF, etc). This caused significant information sharing problems and now lower level U.S. forces are transitioning many functions to CENTRIX to create a common mission network. Regardless, these information systems are now present at every Company-level headquarters and above, providing wide access to Secret-level intelligence and diplomatic information processed and disseminated on the network. Access to Top Secret (TS) and Sensitive Compartmented Information (SCI) information systems remains much more limited, but is still partially vulnerable to Bradley Manning-like insider threats.
The Wikileaks reports on Iraq and Afghanistan are from a system known as CIDNE (Combined Information/Data Network Exchange) which is the latest iteration of the database of record for all tactical reporting across the OIF and OEF theaters. The release is only a tiny percentage of the actual data contained in the database. Each record in the Wikileaks release is only the initial text report often transcribed from the radio or secret chat rooms. After the incident/action is completed, each record is typically updated with new information, pictures, videos, PowerPoints and other relevant documentation. To allow for transfer into incompatible systems and other software packages, CIDNE includes an “Export to Excel” feature that allows for the rapid filtering and transfer of records to other systems. Bradley Manning likely utilized this feature to export the comprehensive CIDNE database that he would later transmit to Wikileaks. Such an action could be completed in less than an hour depending on the bandwidth available and leaves no signature that would be readily noticed as unusual or alarming.
(cont...)
How Manning Stole The Cables ? Conflict Health
Julian Assange 
@JulianAssange
