NSA: Snowden was just doing his job

NSA: Snowden was just doing his job

Summary: More details emerge on how Edward Snowden was able to gain access to and copy so much secret information. His job provided the perfect cover for his illegal activities. In response, the NSA is making like the TSA and fighting the last war.


Interviews with two NSA officials by National Public Radio reveal a tragic irony of Edward Snowden's theft and leaking of classified documents: He was just doing his job.


One of the lessons learned from the investigations of the 9/11 Commission was that there was insufficient sharing of intelligence information. In order to facilitate such sharing, the NSA created a file sharing area on the Agency's intranet site. NSA officials told NPR that all of the documents Snowden has leaked came from that sharing area.

­ "Unfortunately for us," one official said, "if you had a top secret SCI [sensitive compartmented information] clearance, you got access to that."

Not only did Snowden have such access, but as a System Administrator it was part of his job to search through the shared area for documents which belonged in more restrictive areas and move them. From the NPR article:

"It's kind of brilliant, if you're him," an official said. "His job was to do what he did. He wasn't a ghost. He wasn't that clever. He did his job. He was observed [moving documents], but it was his job."

It's a little more complicated than Snowden literally doing his job, although the job was the perfect cover for his activities. The article also notes that the NSA was, at the time, allowing users access to USB ports on computers which had access to the sensitive data. They have, more recently, closed off access to those ports, which Snowden likely used to copy data from NSA systems to a USB thumb drive.

Incredibly, this is the same method used by Bradley Manning long ago, but the NSA didn't react to that news. Restricting access to USB ports has been a standard feature of Windows system management for many years and there are 3rd party products that do this as well.

The NSA has implemented other practices, including document tagging, to prevent what Snowden did. The tags will restrict access to the documents and track their usage.

It's all another example of fighting the last war. The NSA, in this way, is following the example of the TSA.

Topics: Security, Government US

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • good example of incompetency

    I was only told by a special services agent: there is only one way to not tell the enemy our secrets - you should simply not know them.

    All this "Windows restricting USB ports" and "tags to track distribution" is nonsense. There is nothing about security in this. It is all a show...

    Funny enough, the NSA buys enough hardware so they can order computers without USB ports and any removable storage.. Yet, this is not happening.

    Likewise with the tags. What good are tags with software that does not recognize or does not care about them? Content is still there...
  • whatever

    >>"They have, more recently, closed off access to those ports, which Snowden likely used to copy data from NSA systems to a USB "
    Somebody has to control that access and apparently, Snowden was such a person. Being and admin opens all those doors no matter how they are allegedly restricted now. At the same time, logging daemon could also be controlled or turned off completely. If we talk about Windows systems, I am not aware of any meaningful logging software there, unless rsyslog and others were ported from the *nix platform.

    As a conclusion for the NSA: be certain, no matter how you try to restrict your infrastructure, this won't protect your wrongdoings. There will be thoughtful individuals to tell the world about the dirty little secrets if any. So, behave and be competent.
    • Almost every action or event on a Windows system can be logged

      It is built into Windows. It just is not turned on unless an admin chooses to use these features.
      • it might well be

        While logging can be done in various ways. Say you can kill a system if your logger is too verbose. I remember Windows own logging system to be cryptic at best.
    • Epoxy works well on blocking USB ports

      Permanent and non-reversible.
      • I can just see the Govenment...

        ...ordering 15,000 new computers and paying some putz to epoxy the usb ports closed, then not having a way to plug in the mouse or keyboard.
  • Snowden is a hero

    Snowden is a hero who has revealed us the fascist behaviour of the USA and a non-critical state of the US gov
    • What are your comments regarding this?

  • not the same method

    Actually, with usb ports disabled, Manning copied files to cd-r to get them off the system.
    • you're right, i'm wrong

      Manning did use a CD-RW.
      I don't see anything about the USB being disabled, but it doesn't matter. If you leave a hole like CD-RW open then closing USB is meaningless.