Snowden didn't seem to have to work very hard to grab top secret classified government info.
Posted on 06/14/2013 11:49:16 AM PDT by null and void
The NSA leaker reportedly just walked out of work with some of America's big secrets on a thumb drive in his pocket
Snowden didn't seem to have to work very hard to grab top secret classified government info.
A week after Edward Snowden's leaks about National Security Agency surveillance and data-gathering were first reported, and four days after he revealed himself as the leaker, the news media is figuring out how the 29-year-old IT systems administrator managed his potentially huge data heist.
If you're concerned about national security, the new revelations will probably dismay you; if you appreciate leaking of government secrets, Snowden's technique is likely encouraging: Theft by thumb drive.
The NSA and other spy and military agencies have long known the dangers of the innocent-seeming portable USB flash drive. In October 2008, the NSA discovered that a thumb drive loaded with malware had infected the military's secure internal network. The Pentagon then (at least temporarily) banned the use of thumb drives — NSA commanders even reportedly ordered USB ports filled in with liquid cement.
But "of course, there are always exceptions," especially for system administrators, a former NSA official tells the Los Angeles Times. "There are people who need to use a thumb drive and they have special permission. But when you use one, people always look at you funny."
That doesn't appear to have fazed Snowden. Not only do investigators know he pilfered the top secret files on a thumb drive, they "know how many documents he downloaded and what server he took them from," a U.S. official tells the Los Angeles Times. They don't know how he accessed those files, but as a system administrator, Snowden had broad access to key parts of the NSA network — and, says Ken Dilanian at the Los Angeles Times, "presumably a keen understanding of how those networks are monitored for unauthorized downloads."
In any case, Dilanian says, "confirmation of a thumb drive solved one of the central mysteries in the case: How Snowden, who worked for contracting giant Booz Allen Hamilton, physically removed classified material from a spy agency famous for strict security and ultra-secrecy."
Didn't Snowden's behavior, or his decision to take unpaid leave just a month after starting his job in Hawaii, arouse any suspicions? Sort of, says Mark Hosenball at Reuters. According to Hosenball's sources, Snowden's prolonged absence "prompted a hunt for the contractor, first by his employer Booz Allen Hamilton and then by the U.S. government." Hosenball continues:
Government agents spent several days in the field trying to find Snowden, according to the source, but they were unable to do so before the first news story based on Snowden's revelations appeared in The Guardian and then in The Washington Post. The government did not know Snowden was the source for the stories until he admitted it on Sunday, the sources said. [Reuters][Snowden] was only on the job for around four weeks when he told his employers he was ill and requested leave without pay, the sources said. When Booz Allen checked in with him, Snowden said he was suffering from epilepsy and needed more time off. When he failed to return after a longer period, and the company could not find him, it notified intelligence officials because of Snowden's high-level security clearance, one of the sources said.
Some people believe Snowden is exaggerating his skill level and knowledge, as he apparently inflated his salary and spying capabilities, but in interviews with colleagues, Snowden comes out looking pretty smart. He had a reputation as a very gifted "geek," a source tells Reuters. "This guy's really good with his fingers on the keyboard. He's really good."
His prowess with computer networks isn't a surprise, says John Herrman at BuzzFeed, now that we've discovered he's "a member of a growing and increasingly powerful alumni group: The internet people." For a few years, and more than 800 posts, Snowden was a frequent contributor to Ars Technica forums — the successor to Usenet and precursor of Reddit — making him "a part of the internet's relatively small but powerful creative nucleus."
Once he opened his mouth, Snowden outed himself not just as the leaker but as an internet person, says Herman, and his forum persona "is instantly recognizable to anyone who spent time in a major forum in the early to mid-2000s."
He's a bit of a know-it-all, a bit of a troll, opinionated about both subjects he knows well and ones he doesn't. He unsubtly references his sex life, his security clearance, and his mysterious work. He was not shy about giving advice, which is probably the defining trait of the forum power user....A whole group of people out there are just like Snowden, says BuzzFeed's Herman, and that should make the NSA, and any organization with secrets, a little nervous. Because when you move from how to why, the answer is a little unsettling, Herman says: "This isn't about 'hacktivism' or some kind of unified cause. This is about the children of the internet coming of age."Most of the people he used to interact with are long gone — like Snowden, they grew up, and receded back into the real world. But he took with him the set of values he either learned or became comfortable expressing online: A keen interest in rights and speech, particularly where they concern the internet and privacy, suspicion of government and authority, a belief in both free markets and free-flowing information, and a set of cultural and aesthetic values that both set him apart from the mainstream and endear him to his people — the internet people. [BuzzFeed]
That computer is infrastructure. Somebody needed to load that computer with OS and applications and make sure it was connected to the network properly with proper privileges, etc. That somebody would have been an infrastructure specialist, like Ed Snowden.
The FBI and NSA agents looking for him should have noted him on a flight out of Hawaii real quick. If he flew direct to HK then it should have been even easier.
I’m surprised that NSA does not have a alert when any employee is traveling outside the US. I know people who have worked such jobs and they all had to notify their agency that they were planning a trip outside the US.
Very, but I’m just a beanie. The IT Administrator types have special rules because THEY ARE SO TRUSTWORTHY.
Snowden did not work directly for the NSA - he worked for a security contractor hired by the NSA.
IMHO, in this age of networked systems and the ease of file transfer and movement between PCs with a CAC there should be no need to use any external drive. Ever.
Quis custodiet ipsos custodes?
It doesn't have to be "either-or". The thumb drive is just the way he stored the data and removed it from the facility. How he accessed the data is another question - did he have that level of access as part of his job duties, or was he able to elevate his permissions to access data he should not have able to access? If so, that would rightly qualify as hacking.
Is the sarcasm tag really needed???
Yep. My dad had a job like that for awhile. Had to notify them any time he was going to leave the country. Even Canada.
Do a search for ‘BOFH’. There is some truth to most of his tales.
I ran across one of my coworkers reading /var/spool/mail/execdoofus1’s mail. No remorse either. Just more upset I’d walked in just then.
I never read user mail. For the same reason I don’t watch reality TV.
While SDHC cards are good for carrying data (you usually find them in digital cameras), not too many servers and workstations have ports for the cards built in - you usually need either a USB card reader, or have a laptop with the card reader built in.
On the other hand, every computer built in the last 10-15 years has USB ports for a thumb drive.
Cube chuckle. Thanks.
LOL
You can order them w/o ports, or you can disable or monitor the ports. I worked for a private financial firm and our USB drives were disabled.
What annoyed me most was he wasn’t even clever about it. I came back from lunch early and he nonchalently moved his monitor out of my view. Which wasn’t so suspicious I guess. what tipped me off was sitting down at the mail server (which was my responsibility) and doing a ‘w’.
And lo and behold:
Adminluser1 blah blah blah blah more /var/spool/mail/execdoofus1
Dude, if you’re going to be evil, at least be clever about it.
His excuse? He needed to find out if he was going to be fired.
I implemented change control on that machine that afternoon.
ARRRGGGHHH! I improperly used “it’s” instead of “its” and now the grammar nazis are going to put me in time out.
Lesson: keep emails boring and relevant to work.
I'm aware that you can disable the USB ports, etc - I have been a computer security professional for the past 7 years. I was just commenting on the fact that SDHC slots are relatively rare on business-class workstations, while USB ports are ubiquitous. So the suggestion made that Snowden should have used SDHC cards rather than thumb drives in nonsensical.
Most "enterprise" computers don't have card readers, while they all have USB ports.
Of course I guess you could just get a USB card reader, buy why bother when you've got 64GB or 128GB USB "thumb" drives?
Remember 5 1/4 inch floppies? The floppies at work I used were 8 inchers!
You trying to "start a war here" for the "oldest tech?" ;-)
Mark
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.