Snowden picked up hacking skills in India

Snowden picked up hacking skills in India

Summary: NSA whistleblower Edward Snowden spent a week in New Delhi, training in advanced ethical hacking, where he earned his certification as an EC-Council Certified Security Analyst.

TOPICS: Security, India

Special Feature

IT Security in the Snowden Era

IT Security in the Snowden Era

The Edward Snowden revelations have rocked governments, global businesses, and the technology world. When we look back a decade from now, we expect this to be the biggest story of 2013. Here is our perspective on the still-unfolding implications along with IT security and risk management best practices.

He may currently be hiding out in Russia, but NSA whistleblower Edward Snowden had once spent a week in India picking up hacking skills at a local training institution. 

The former NSA systems analyst flew to New Delhi in September 2010, spending a week at IT training and certification institution, Koenig Solutions, where he attended a four-day course in core Java programming and advanced ethical hacking. According to a report by The Economic Times, he was eventually certified an EC-Council Certified Security Analyst (ECSA).

The certification encompasses advanced ethical hacking skills, networking penetration techniques and testing, analysis of outcomes using hacking tools and technologies, and how to mitigate security risks. 

Snowden paid over US$2,000 for the training fees and lodging at the Koenig Inn, said Rohit Aggarwal, founder and CEO of Koenig, in the report. With five centers in India and one in Dubai, the IT school is an authorized training partner for various certification courses including those from Microsoft, Cisco Systems, Oracle, and VMware. 

"Snowden was a certified ethical hacker and hence he chose a fast-track course," said Sisir Pandey, technical manager in information security at Koenig, who trained Snowden. "It didn't take him much time to figure out how to create exploit-attacks and hack wireless networks. He was able to interpret vulnerabilities and outcomes in security testing."

According to Koenig, the former NSA technician had sent the Indian institution an e-mail the previous year asking for details about EC-Council's hacking forensic investigator and ethical hacker certification courses. The e-mail exchanges revealed Snowden already had multiple IT security certifications including Microsoft Certified Solutions Experts, EC-Council Certified Ethical Hacker, Computer Technology Industry Association's (CompTIA) Project Management Professional and Security+ certifications. 

Topics: Security, India


Eileen Yu began covering the IT industry when Asynchronous Transfer Mode was still hip and e-commerce was the new buzzword. Currently a freelance blogger and content specialist based in Singapore, she has over 16 years of industry experience with various publications including ZDNet, IDG, and Singapore Press Holdings.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Fake News

    This is so called publicity stunt nothing else. India offers fine courses at low prices thats ahy he got training theri and whatever he knew about that news,he just leaked it . Its totaly impossible to become hacking expert in 6 days training.
    free software for social networking
    Nancy koyal
    • It is possible to get such a rating in 6 days...

      But only if you already know the subject.

      I suspect he did.
  • Outside the box

    What he knew matters less than his ability to think outside the box. Clearly, he could do that better than the entire US intelligence team.

    Here's just one example: if a certain guy can access vast amounts of mission critical info, or he can ask other people who can for their passwords, yet he only needs to do that rarely... why shouldn't he be required to get "super admin" privileges each time? Why not require that another admin be watching his screen while he is doing it? I was stunned when I read that the mighty NSA did not require that of a normal admin, much less a contractor. Haven't these people been told about the "seduction and compromise" techniques used by our enemies all the time??

    [shakes head]

    I guess we can only hope that other countries "top secret" teams are as easily compromised as ours was.
  • Certification encompasses

    His lack of any real certification is laughable! Really all those certificates amount to generalized knowledge and the ability to read a book.

    ClearCreek - Need to know or your eyes only! It doesn't take a hacker when your behind the firewall. He could simply use a USB stick and keylogger and record the password.

    Eileen Yu - Bigger question remains what was he taught in the military as far as radio jamming, surveillance and communications?