Born out of populist frustration with the secrecy around military operations and powerful, unaccountable corporations, the early WikiLeaks released millions of military files in 2010, exposing video of U.S. troops killing civilians in Iraq and diplomatic cables revealing candid assessments of unsavory U.S. allies.
By 2016, Assange’s goals had shifted. He published emails from top Democrats that had been hacked from Russia ahead of the U.S. election that year, spurring conspiracy theories about Hillary Clinton’s presidential campaign.
Some staffers and fans of the early WikiLeaks have gone on to work at other sites that follow the idealistic model, adapting to a new era of widespread hacking and serving as a partial stand-in for traditional media.
GET CAUGHT UP
Stories to keep you informed
The best-known successor is DDoSecrets, for Distributed Denial of Secrets, which has hosted documents spirited away from Myanmar, Iran and U.S. police departments and has prompted reforms in multiple countries.
The site verifies what it publishes, withholds files that would make innocent people vulnerable, and either declines to host documents that it suspects were hacked by a national government or else warns viewers of the likely source.
“We started DDoSecrets because at the moment there weren’t any good leak platforms that were publishing,” said founder Emma Best. “WikiLeaks was at the end of their publication cycle, and there had been a lot of concerns about source safety and the ethics of WikiLeaks.”
But WikiLeaks’ second, Russia-aligned act was even more successful than its first. It fueled countless stories about Democratic Party infighting and sneakiness, becoming a critical link between Russian intelligence operatives who would later be indicted and an eagerly participatory U.S. public and media.
It saved then-candidate Donald Trump from a withering news cycle devoted to his taped remarks on sexually assaulting women by publishing thousands of emails from the hacked account of Hillary Clinton adviser John Podesta. Pizzagate conspiracy promoters pored over those emails and found imaginary evidence of sex crimes against children, spreading the precursor to the QAnon movement.
That performance opened a new era of subterfuge that shows no signs of abating eight years later, said Thomas Rid, a professor at Johns Hopkins School of Advanced International Studies and author of a history of disinformation, “Active Measures.”
“Influence operations, which were obviously big in the Cold War, were in a hiatus in the 1990s and into the early 2000s. We had this golden period of optimism where the internet seemed unabashedly a good thing,” Rid said.
“But it’s obvious that a leak site, where the contributors are anonymous, is a dream come true for influence operators.”
As Assange hid from prosecutors in a London embassy, focused on winning back his freedom, influence operators turned to less visible sites and channels on social media.
“If you were a malicious operator, an intelligence agency or someone else, and you wanted to pass on something you have, you have to somehow seed it into the public domain,” said Rid.
State actors expanded from sites such as WikiLeaks using artificial social media accounts and partisan news outlets to generate attention.
“There has been no shortage of political hack and leaks after 2016, but many supposed leak sites are part of state influence operations,” said James Shires, co-director of the European Cyber Conflict Research Initiative.
Many military conflicts now include an information component that comprises hacking and influence operations that sometimes combine. The U.S. Central Intelligence Agency under the Trump administration secured a presidential finding allowing it to hack foreign entities and leak what it wants.
While Russia has paved the way in such ventures, it has also been subjected to a surprising number of hacks since invading Ukraine in 2022, some of which have been publicized by purported domestic activist groups. Russian and Chinese intelligence contractors have both been subject to major breaches that were alleged to be leaks.
Carving another path for government hacks, ransomware gangs have shifted to demanding money not to post hacked files on the internet.
In some cases, researchers say, that was the plan all along: Gangs are working with intelligence agencies that want the documents out, and they are using ransomware to throw off investigators.
“Cyberespionage operations disguised as ransomware activities provide an opportunity for adversarial countries to claim plausible deniability,” a team from security companies Recorded Future and SentinelOne wrote in a report released Wednesday. The companies suspect that Chinese espionage groups were behind what appeared to be 2022 ransomware attacks on the office of the Brazilian president and on the All India Institute of Medical Sciences.
The added distance from intelligence agencies could also help ward off the sort of Espionage Act charges that felled Assange, despite his defense that he acted as a journalist.
The evolutions in hacking and leaking make it unlikely that they will become a less significant factor in global and domestic politics for the foreseeable future, according to Best, who argues that the best fix would be more openness.
“People as individuals and as a society aren’t doing the things necessary to reduce the number of leaks, on the security front and on the transparency front,” Best said. “Because that has always been a major driver for leaks that aren’t financially driven.”