Very often, it is the leaked documents that betray those responsible for these leaks.
It took less than a week to shut him down. On April 7, the New York Times reveals a scoop: classified American intelligence documents are shared on social networks. Barely six days later, a new twist: American justice announces the arrest of a suspect, Jack Teixeira. This will not have dragged on, a sign that the investigations went quickly. Very quickly.
On the other hand, the detection upstream of the compromise failed. The Massachusetts Air National Guard’s 102nd Intelligence Wing soldier had been trying to impress members of his Discord group with top-secret information for months — maybe even more than a year. An audience of around thirty Internet users sharing their tastes for firearms, video games and racist memes.
“Their anonymity does not last long”
This story reminds us that the authors of this kind of confidential leaks, once they are revealed to the public, are quickly identified. “We don’t hide for long when we have released such sensitive informationpoints out to Numerama Alexandre Papaemmanuel, the author of the book Les Espions de l’Elysée. And even if they took precautions, their anonymity does not last. »
In the case of this young 21-year-old soldier, the track was followed up at full speed by the FBI after the first press articles. On April 10, the Federal Bureau of Investigation questions one of the members of the Discord group. The latter explains that the administrator would be a certain “Jack” working for the Air Force and living in Massachusetts. Two days later, the Discord platform sends investigators the name and address of the suspect, confused by an old invoice.
Beyond the classic espionage cases, this kind of data leak is one of the fears of the intelligence services. Admittedly, they reveal the underside of the cards to the public. But at the same time they endanger personnel or operations. Let be an illustration of the existing tension “between what democratic states need to keep secret and what individuals think they can share », Sometimes “ in the name of an ethic of transparency”summarizes Alexandre Papaemmanuel.
Authorization and classification
In France, it is the Defense Intelligence and Security Directorate (DRSD) which is responsible for protecting these secrets, while the General Directorate for Internal Security (DGSI) has judicial jurisdiction. As General Philippe Susnjara, the head of the DRSD, recently explained to deputies, the fight against data leaks begins with protective measures.
First there is authorization, a way of controlling who has access to information that could harm France if it were shared. Then there is the classification of this information, ” Secret “ Or “Top Secret” In France. This makes it possible to control their distribution “with authorized persons who need to know”, details Numerama Antoine Creux. The latter was the head until 2012 of the protection and defense security directorate, the former name of the DRSD.
Betrayed by her printer
So many mechanisms that should allow you to move quickly when sensitive information is revealed. If the document at the origin of the leak is identified, it will then be possible to know which people, or which computers, had access to this information.
Six years ago, Reality Winner was betrayed by her printer. This former US Air Force cryptologist was arrested by the FBI just hours after The Intercept published a scoop on a top-secret report from the NSA, the power US intelligence agency. of electromagnetic origin.
Wanting to verify the information, the media had shared a copy of the document transmitted by its source. Noting that the pages seemed crumpled, the NSA had deduced that the document had been printed before being scanned. However, according to an internal audit, only six people had printed this report, including the suspect. A search of her computer then showed that the young woman was in contact with the investigative media. So many elements that had led to his arrest.
Surveys not so easy to conduct
Spies also have other tricks to protect their secrets. “When I was a director, we printed the documents with a personalized watermarkexplains Antoine Creux. If a copy leaked, we could have known which copy was copied. Digital allows the same kind of traceability. »
But if on paper these surveys may look simple, in practice they are not, he warns. “You have to be methodical, pursues the former number two of the Air Force. We start from the document and cross-check: who had access to what, who was present on which day. But the more the document has been shared, for example with a thousand recipients, the more the sources of compromise are numerous. »
An example ? Vault 7, this gigantic leak from the cyber arsenal of the CIA, one of the American intelligence agencies. The FBI had early suspicions against an irascible former employee, Joshua Schulte. But justice did not formally prosecute this denier until a year later.
Another difficulty: to sneak out documents, authors of sensitive data leaks can bypass the protections put in place to detect suspicious exfiltrations, such as copying or sending a large number of files. For example, by taking pictures of reports with their phone. Or simply by noting their content by hand. A way to pass under the radar of the security services.
Denunciations and betrayals
The latter therefore sometimes need a pipe. It is a denunciation which is thus at the origin of the arrest of one of the most famous whistleblowers in the world, Chelsea Manning, released in 2020. The young American intelligence analyst had transmitted in 2010 to WikiLeaks hundreds of thousands of documents.
As Wired pointed out, she judged, a posteriori rightly, that the security of her unit was bad. She used rewritable CD-Roms labeled with the names of pop music stars. Before then burning the secret documents, copies that went unnoticed.
But Chelsea Manning had made the mistake of bragging about it. She had told a former hacker to be the source of the leak. Information that had finally been passed on to the FBI. Cruel reminder that the investigation services have several strings to their bow in their hunt for the perpetrators of sensitive data leaks. Including that of betting on the betrayal of individuals among themselves.
Irony of history: Chelsea Manning’s publisher had introduced a watermark in copies of her autobiography, Readme.txt, intended for the press, noted The Guardian, a way to prevent its wild distribution.
Do you want to know everything about the mobility of tomorrow, from electric cars to pedelecs? Subscribe now to our Watt Else newsletter!