SurveillanceSnowden stole co-worker’s password to gain access to secret databanks: NSA
One reason National Security Agency (NSA) former analyst Edward Snowden was able to gain such broad access to a wide variety of agency’s secret documents was that he copied a password from a co-worker who has since resigned. After Snowden was denied access to NSANet, the agency’s computer network which connects into many of the agency’s classified databases, he persuaded a co-worker, an NSA civilian employee, to use his – the co-worker’s — Public Key Infrastructure (PKI) certificate to gain access. The NSA told Congress Snowden used what the agency describes as “digital deception”: the civilian NSA employee entered his password on Snowden’s computer, not realizing that Snowden was able to capture the password, allowing him even greater access to classified information. Once he gained access to NSANet, Snowden released a “Web crawler” inside the system. The crawler automatically indexed the NSANet, and using the passwords Snowden held – one his, one or more those of co-workers – copied every document in its path.
Edward Snowden during interview // Source: baolaodongthudo.com.vn
One reason National Security Agency (NSA) former analyst Edward Snowden was able to gain such broad access to a wide variety of agency’s secret documents was that he copied a password from a co-worker who has since resigned.
The New York Times reports that in a letter Monday to the House Judiciary Committee, NSA legislative director Ethan Bauman wrote that the security clearance of the unnamed civilian employee who worked with Snowden, and whose password Snowden copied, was revoked last November, and that on 10 January, when given the option of resigning or being fired, he chose to resign.
Bauman told the committee that as part of the on-going investigation into the Snowden leaks, the access of a military employee and a private contractor to NSA data has been revoked last August.
Bauman’s letter offers some of the first details about what the NSA has found about how Snowden was able to access and copy so many classified documents before handing them over to news organizations.
The Times notes that Snowden has been adamant that he never stole computer passwords or in other ways got fellow workers to give him their passwords, but Bauman’s letter to the Judiciary Committee indicated that Snowden had been able to trick at least one co-worker into giving him his password, and then copied that password without the co-worker’s knowledge.
Bauman’s letter notes that the co-worker, a civilian NSA worker, told FBI investigators last June that he allowed Snowden to use an encrypted digital key known as a Public Key Infrastructure (PKI) certificate to gain access to classified information on NSANet, the agency’s computer network which connects into many of the agency’s classified databases.
Snowden used what Bauman describes as “digital deception” to obtain the password: the civilian NSA employee entered his password on Snowden’s computer, not realizing that “Mr. Snowden was able to capture the password, allowing him even greater access to classified information.”
Bauman writes that Snowden had previously been denied access to the network, and would not have been able to access it without the co-worker’s PKI certificate. After the co-worker entered his secure PKI password, Snowden “was able to capture the password, allowing him even greater access to classified information,” Bauman told lawmakers.
Bauman adds that the co-worker did not know Snowden intended to leak the classified information.
Earlier this week James Clapper, the director of National Intelligence, told senators that Snowden’s access to so many classified files has accelerated plans to tighten clearance procedures and monitoring on government computers.
Clapper, testifying before the Senate Armed Services Committee, said that the Snowden breach was a “perfect storm for him, since he was a systems administrator and a highly-skilled, technically skilled IT professional, and so he knew exactly what he was doing. And it was his job as assistant administrator to arrange across a lot of the databases. And he was pretty skilled at staying below the radar, so what he was doing wasn’t visible.”
The Times reported Sunday, and Clapper earlier this week confirmed to Congress, that Snowden, once he gained access into NSANet, released a “Web crawler” inside the system. The crawler automatically indexed the NSANet, and using the passwords Snowden held – one his, one or more those of co-workers – copied every document in its path.
The NSA civilian was identified after an audit of access to various databases showed his PKI credentials were used. On 18 June he admitted to FBI agents that he allowed Snowden to use his PKI key.
Bauman’s letter, first reported by NBC News, was in response to congressional queries about who, beyond Snowden himself, would be held accountable for the security lapses that led to his disclosures. The Times notes that the letter appears to suggest that no senior officials of the NSA or its oversight organization, the office of the director of national intelligence, will be disciplined or fired for what has been descried as the largest and most damaging disclosure of classified material in American history.