Congress passed act in 2011 to detect, prevent ‘insider threats’

Intelligence officials delayed implementation

Question of the Day

Is it still considered bad form to talk politics during a social gathering?

View results

Members of Congress tried years ago to raise the alarm about the danger U.S. intelligence agencies faced from “insider threats” like National Security Agency leaker Edward Snowden, but officials dragged their feet in implementing mandatory security measures that might have stopped him.

The Intelligence Authorization Act for 2011, an annual policy law that enables Congress to set priorities for the nation’s spy agencies, ordered Director of National Intelligence James R. Clapper to set up “an effective automated insider threat detection program” for intelligence agencies to prevent people with access to classified systems from abusing it.

Mr. Clapper was given a deadline of Oct. 1, 2012, for the system to be installed and Oct. 1, 2013, for it to be fully operational. But in last year’s act, those deadlines were extended to October 2013 for an initial capacity and October 2014 for full operating capacity.

Mr. Snowden’s ability to download an unknown number of top-secret documents to a banned thumb drive and then flee to China is the result of that delay, according to one congressional aide who asked for anonymity to discuss intelligence matters.

“We extended the deadline so the government wouldn’t be in violation,” the aide said.

“Clearly they’re still not there yet,” the aide added, referring to the automated detection program.

Such software — designed to sniff out unauthorized access attempts or odd patterns of behavior by authorized users of a restricted computer system — is commercially available, but apparently was not installed on the computer systems to which Mr. Snowden had access.

A senior U.S. intelligence official told The Washington Times that intelligence agencies were “working toward full operating capacity” for the automated insider threat detection program “in compliance with” the amended deadlines set in the 2013 act. The official declined to give further details.

NSA Director Gen. Keith B. Alexander said last week that Mr. Snowden worked as a systems administrator — a technician with high-level access to computers networks. Such people are compared by intelligence veterans to the cipher clerks of old, who would decrypt encoded messages. They have a great deal of access for relatively junior or short-time personnel.

But even taking into account the technical role, “Snowden’s access was so broad and diverse that it seems far from the norm and completely untethered from any ‘need to know,’” said Steven Aftergood, a secrecy scholar at the Federation for American Scientists.

Mr. Snowden has leaked documents from several different top-secret programs, including one that collects records from nearly every telephone call made in the United States. Activities as highly classified as that are typically “compartmented,” meaning only people with a demonstrable “need to know” would be allowed to learn about them.

“Part of the explanation lies in his function as systems administrator, which apparently gave him cross-cutting access to multiple compartments,” said Mr. Aftergood. “And part of the explanation is that he deliberately sought out information for purposes of disclosure.”

Mr. Snowden told the South China Morning Post, in an interview published this week, that he sought work with U.S. intelligence contractor Booz Allen Hamilton at the NSA’s Hawaii Threat Operations Center to be in a position to steal data that would prove the extent of the agency’s offensive cyberspying operations.

“My position with Booz Allen Hamilton granted me access to lists of machines all over the world the NSA hacked,” he told the newspaper. “That is why I accepted that position.”

Given that Mr. Snowden appeared to have sought to thwart the agency’s security measures and steal classified material, former officials defended the agency. They also expressed skepticism about the congressional fix of an automated detection system.

Story Continues →

View Entire Story

© Copyright 2014 The Washington Times, LLC. Click here for reprint permission.

About the Author
Shaun Waterman

Shaun Waterman

Shaun Waterman is an award-winning reporter for The Washington Times, covering foreign affairs, defense and cybersecurity. He was a senior editor and correspondent for United Press International for nearly a decade, and has covered the Department of Homeland Security since 2003. His reporting on the Sept. 11 Commission and the tortuous process by which some of its recommendations finally became ...

Latest Stories

Latest Blog Entries

Comments
blog comments powered by Disqus
TWT Video Picks