- The Washington Times - Friday, June 14, 2013

Questions were raised Friday about security procedures at the ultra-secret National Security Agency, after it emerged that Edward Snowden, the contract employee who leaked details of the agency’s broad-scale data gathering on Americans, exceeded his authorized access to computer systems and smuggled out Top Secret documents on a USB drive — a thumb-sized data storage device banned from use on secret military networks.

“He should not have been able to do either of those things” without setting off alarm bells, said one private sector IT security specialist who has worked on U.S. government classified networks. He spoke on condition of anonymity because of the sensitivities of his current employer.

NSA officials “were laying down on their job if they didn’t disable the USB port,” the specialist said, referring to the small socket on the side of a computer where thumb drives are plugged in.


SEE ALSO: Congress grills intel officials on data-gathering practices; sharp words exchanged


The NSA, which is still trying to ascertain the full extent of the breach, did not respond to a request for comment.

The Los Angeles Times first reported that Mr. Snowden used a USB thumb drive to smuggle electronic copies of an unknown number of classified documents out of the NSA facility in Hawaii where he worked. A U.S. official confirmed to The Washington Times “that’s one avenue” investigators are following.

The use of thumb drives on classified military systems — including those at NSA — has been effectively banned since malicious software, thought to be of Russian origin, infected the secret computer networks of U.S. Central Command five years ago.


SEE ALSO: U.K. to airlines: Don’t bring NSA leaker Edward Snowden here


A number of commercially available programs can switch off the USB port of every computer on the network.

“There is easily available software to do that,” said the security specialist, noting that there were also low-tech, more permanent means available.

“I have seen places where they used a hot glue gun to block it,” he said of the USB port.

Lawmakers briefed by NSA Director Gen. Keith Alexander have not commented on the thumb-drive, but have said that Snowden was able to do something else he should not have been able to — exceed his authorized access to the NSA’s computer systems.

“It’s clear that he attempted to go places that he was not authorized to go, which should raise questions for everyone,” said House Permanent Select Committee on Intelligence Chairman Michael Rogers, Michigan Republican, on Thursday.

He said investigators were trying to “determine exactly what information [Mr. Snowden] may have gotten” from the NSA, following claims by Glen Greenwald, the Guardian journalist who first broke the story, that he had “dozens” more documents from the self-proclaimed whistleblower.

“Candidly, nobody really knows” how much he might have gotten away with, added Mr. Rogers. “I think we will know the answer to that shortly.”

The specialist said Mr. Snowden’s ability to access highly classified documents he should not have been able to was unsurprising, depending on his clearance level.

He noted that admitted Wikileaks leaker Pfc. Bradley Manning, even though a low level intelligence analyst had “very broad access,” to the Secret-level classified US network called SIPRNet.

Historically, the U.S. intelligence community operated on a “need to know” basis — even personnel with a security clearance were only allowed to see intelligence they had a need to know.

After U.S. agencies failed to share intelligence about some of the Sept. 11 suicide hijackers; and with the huge leaps in computer network technologies and the growth of the World Wide Web as an indispensable communications tool, need to know is being edged out by “need to share.”

“SIPRNet is basically a parallel Internet at the Secret level,” said the specialist. “The different agencies have Web sites, FBI, DEA … Even at the Top Secret level [it’s] the same …You can surf around … there are lots of Top Secret documents routinely posted there without any additional access controls” beyond the fact that are on a highly classified network to which only cleared personnel have access.

“Its beginning to look like the NSA may have had the same kind of issues,” he concluded.