How Did Snowden Steal Millions of Documents? He Had Help

Eraldo Peres/AP

AA Font size + Print

We finally know how Edward Snowden pulled off one of the greatest thefts of classified documents in government history. By Dustin Volz

We finally know how Edward Snowden pulled off one of the greatest thefts of classified documents in government history. And he had some help.

The former National Security Agency contractor was aided by three agency “affiliates” in accessing and downloading what have come to be known as the Snowden files, according to a Feb. 10 agency memo first reported on by NBC News’ Michael Isikoff.

One of the affiliates, described as a civilian NSA employee, allowed Snowden to use his personal passwords to access classified information on a server called NSANet. This employee first told the FBI on June 18—just two weeks after the leaks began—that he let Snowden use his log-in information and that he knew those credentials had been denied to the fugitive, who is currently living in Russia after being granted asylum there last year.

Snowden was then able to capture the employee’s password, which granted him “even greater access to classified information.” But the employee “was not aware that Snowden intended to unlawfully disclose” any of the documents, which have been revealed in major publications around the world and have exposed sweeping phone and Internet data collection techniques employed by the NSA and other countries.

Last month, Snowden participated in an online chat and was asked whether he stole password information from any of his colleagues. Snowden shot back that “I never stole any passwords, nor did I trick an army of coworkers.” He also refuted a November Reuters report that said he used the credentials “unwittingly” provided by his colleagues when he worked for contractor Booz Allen Hamilton in Hawaii.

Additionally, the other two “affiliates,” described as a member of the military and another NSA contractor, were barred from accessing agency information beginning in August 2013, according to the memo written by Ethan Bauman, NSA’s director of legislative affairs. But “further accountability will be determined by their individual employer, not the NSA.”

Earlier this week, James Clapper, director of national intelligence, testified before the Senate Armed Services Committee that Snowden had taken advantage of a “perfect storm” of security vulnerabilities and that he “was pretty skilled at staying below the radar, so what he was doing wasn’t visible.”

Our whole system is based on personal trust,” an exasperated Clapper said, adding that there were no “mousetraps” in place to guarantee there wouldn’t be another Edward Snowden.

The NSA has enacted tighter restrictions on when and how agents can access classified documents since Snowden’s heist, including a “two-man rule” requiring two administrators to work jointly when dealing with certain files.

Close [ x ] More from DefenseOne
 
 

Thank you for subscribing to newsletters from DefenseOne.com.
We think these reports might interest you:

  • Software-Defined Networking

    So many demands are being placed on federal information technology networks, which must handle vast amounts of data, accommodate voice and video, and cope with a multitude of highly connected devices while keeping government information secure from cyber threats. This issue brief discusses the state of SDN in the federal government and the path forward.

    Download
  • Military Readiness: Ensuring Readiness with Analytic Insight

    To determine military readiness, decision makers in defense organizations must develop an understanding of complex inter-relationships among readiness variables. For example, how will an anticipated change in a readiness input really impact readiness at the unit level and, equally important, how will it impact readiness outside of the unit? Learn how to form a more sophisticated and accurate understanding of readiness and make decisions in a timely and cost-effective manner.

    Download
  • Cyber Risk Report: Cybercrime Trends from 2016

    In our first half 2016 cyber trends report, SurfWatch Labs threat intelligence analysts noted one key theme – the interconnected nature of cybercrime – and the second half of the year saw organizations continuing to struggle with that reality. The number of potential cyber threats, the pool of already compromised information, and the ease of finding increasingly sophisticated cybercriminal tools continued to snowball throughout the year.

    Download
  • A New Security Architecture for Federal Networks

    Federal government networks are under constant attack, and the number of those attacks is increasing. This issue brief discusses today's threats and a new model for the future.

    Download
  • Information Operations: Retaking the High Ground

    Today's threats are fluent in rapidly evolving areas of the Internet, especially social media. Learn how military organizations can secure an advantage in this developing arena.

    Download

When you download a report, your information may be shared with the underwriters of that document.