recommended reading

Snowden Had Help

J. Scott Applewhite/AP

We finally know how Edward Snowden pulled off one of the greatest thefts of classified documents in government history. And he had some help.

The former National Security Agency contractor was aided by three agency "affiliates" in accessing and downloading what have come to be known as the Snowden files, according to a Feb. 10 agency memo first reported on by NBC News' Michael Isikoff.

One of the affiliates, described as a civilian NSA employee, allowed Snowden to use his personal passwords to access classified information on a server called NSANet. This employee first told the FBI on June 18--just two weeks after the leaks began--that he let Snowden use his log-in information and that he knew those credentials had been denied to the fugitive, who is currently living in Russia after being granted asylum there last year.

Snowden was then able to capture the employee's password, which granted him "even greater access to classified information." But the employee "was not aware that Snowden intended to unlawfully disclose" any of the documents, which have been revealed in major publications around the world and have exposed sweeping phone and Internet data collection techniques employed by the NSA and other countries.

Last month, Snowden participated in an online chat and was asked whether he stole password information from any of his colleagues. Snowden shot back that "I never stole any passwords, nor did I trick an army of coworkers." He also refuted a November Reuters report that said he used the credentials "unwittingly" provided by his colleagues when he worked for contractor Booz Allen Hamilton in Hawaii.

Additionally, the other two "affiliates," described as a member of the military and another NSA contractor, were barred from accessing agency information beginning in August 2013, according to the memo written by Ethan Bauman, NSA's director of legislative affairs. But "further accountability will be determined by their individual employer, not the NSA."

Earlier this week, James Clapper, director of national intelligence, testified before the Senate Armed Services Committee that Snowden had taken advantage of a "perfect storm" of security vulnerabilities and that he "was pretty skilled at staying below the radar, so what he was doing wasn't visible."

"Our whole system is based on personal trust," an exasperated Clapper said, adding that there were no "mousetraps" in place to guarantee there wouldn't be another Edward Snowden.

The NSA has enacted tighter restrictions on when and how agents can access classified documents since Snowden's heist, including a "two-man rule" requiring two administrators to work jointly when dealing with certain files.

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • It’s Time for the Federal Government to Embrace Wireless and Mobility

    The United States has turned a corner on the adoption of mobile phones, tablets and other smart devices, outpacing traditional desktop and laptop sales by a wide margin. This issue brief discusses the state of wireless and mobility in federal government and outlines why now is the time to embrace these technologies in government.

    Download
  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

    Download
  • A New Security Architecture for Federal Networks

    Federal government networks are under constant attack, and the number of those attacks is increasing. This issue brief discusses today's threats and a new model for the future.

    Download
  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

    Download
  • Software-Defined Networking

    So many demands are being placed on federal information technology networks, which must handle vast amounts of data, accommodate voice and video, and cope with a multitude of highly connected devices while keeping government information secure from cyber threats. This issue brief discusses the state of SDN in the federal government and the path forward.

    Download
  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.

    Download

When you download a report, your information may be shared with the underwriters of that document.