A place for all things security.

Snowden used Co-Worker’s Password to Leak NSA Information

Feb 13, 2014 // Andrew Stroup

In an exclusive article by NBC News, more details have been released about how Edward Snowden accessed, removed, and disseminated classified NSA documentation to the public.

Based on a NSA memo released by Ethan L Bauman (Director, Legislative Office) to the Congressional committees investigating the matter, three people were identified in aiding Snowden: a NSA civilian, active duty military member, and another contractor (contract company unidentified).

As a quick refresher, this all started on June 5th, 2013, when a series of exposés released information regarding internet surveillance programs and interception of US/EU metadata.

Here’s the timeline of events as it relates to the three people who aided Snowden’s effort, as identified by the NSA memo:

18 June, 2013: The NSA civilian admitted to logging into Snowen’s computer via their Public Key Infrastructure (PKI) certificate to access classified information, even though the civilian was aware Snowden had been denied access to said information. During the login process, Snowden was able to capture the password for later access of Top Secret – Specialized Compartmentalized Information (TS-SCI) that was ultimately distributed to news outlets.

August, 2013: The active duty military member and contractor were removed from NSA spaces and access to information.

20 November, 2013: The NSA civilian’s TS-SCI was completely revoked and notice of removal from government service was issued.

10 January, 2014: The NSA civilian resigned and the Department of Justice (DoJ) was notified.

Based on the series of events reported in the For Official Use Only (FOUO) memo by the NSA, there are multiple follow-on questions that have still yet to be answered, which is echoed by Congress and the general public.

Why is there such a strong disparity between the reported series of events by the media, Snowden, and the NSA? Perhaps we’ll never know the real story, but the singular thread that ties all of these together was poor practice of security protocols which led to vulnerabilities regardless of a high-scale implementation of physical and digital security solutions.

What has or will happen to the other two reported people who aided Snowden? It seems to be pretty clear the contractor will (should) lose his clearance and position at the contracting company and will likely be ineligible for a new clearance based on these series of events. And what about the military personnel? Corrective actions are much different when it comes to military personnel and the NSA memo seems to disregard any discussion on the topic, leading to more questions about NSA’s planned actions to take corrective and disciplinary measures.

Regardless, we now live in an age where digital and physical security solutions are simply not enough to protect a company from security vulnerabilities. True security is a solution that pairs these solutions with strong security practices by the company and workforce, both in the office and in their personal life.

What does this mean for your company? Based on the Symantec 2010 SMB Information protection Survey, an attack on your company costs on average $188,242. First and foremost, a strong security plan should be implemented, disseminated across your workforce, and regularly updated. The next level is pairing the security plan with security solutions that help your company operate smoothly leads to much more secure operations. Here at CommonKey, we enhance your company’s security by  protecting the keys to your company through secure and intuitive sharing of access to shared applications that help run your business.