WikiLeaks Accused of Scavenging P2P Networks for Sensitive Docs

A security firm says it has evidence to suggest that whistleblower site WikiLeaks has searched for and obtained sensitive documents from P2P networks.

Robert Boback, the CEO of Tiversa, a Pennsylvania-based company specializing in peer-to-peer intelligence services, told Bloomberg that "WikiLeaks is doing searches themselves on file-sharing networks."

His claim is partially based on an incident that happened on February 7, 2009, when Tiversa’s P2P sensors detected four computers from Sweden issuing 413 search queries to locate Excel files and other types of shared documents.

One of the files downloaded by one of the computers was a PDF containing sensitive information from the U.S. Navy Space and Naval Warfare Systems Center. It was obtained from a computer in Hawaii.

WikiLeaks published the document two months later saying it "was first publicly revealed by WikiLeaks working with our source."

The supposed link between those P2P searches and WikiLeaks seems to be the fact that the organization had servers in Sweden at the time.

Boback thinks it's "highly unlikely" someone else from that country could have searched for and downloaded the exact information later published by the whistleblower site.

It's not entirely certain why it would be unlikely for someone not officially affiliated with WikiLeaks, but sympathizing with their goals, to find the file and submit it to them.

In fact, Sweden, home of The Pirate Bay and the original Pirate Party, is a country who's young population strongly believes in the freedom of information. It's fair to assume that exposing confidential data would appeal to many there.

Nevertheless, Tiversa also has several other examples of documents first spotted on P2P networks and later published by WikiLeaks.

This include a list of locations in Fresno County that might pose attractive targets for terrorists. WikiLeaks published it in late 2009, but Tiversa says the file was accidentally leaked via a file sharing program by a California state employee in August 2008.

Another document published by WikiLeaks in 2009, revealing Army intell on the movement of Taliban leaders, had allegedly been indexed on P2P networks eight month earlier.

Of course, all of this might seem suspicious, but so far Tiversa has not provided any definitive proof that WikiLeaks didn't receive the files from people and obtained them itself.

WikiLeaks’ London-based attorney, Mark Stephens, told Bloomberg described Tiversa's and Boback's claims as "completely false in every regard."