WASHINGTON - U.S. intelligence and law-enforcement investigators have concluded that they likely will never know the entirety of what former National Security Agency contractor Edward Snowden extracted from classified government computers, according to senior government officials.
RELATED ARTICLE
http://www.arkansas…">France broadens tracking power
Investigators remain in the dark about the extent of the data breach partly because the agency facility in Hawaii where Snowden worked -unlike other agency facilities - was not equipped with up-to-date software that allows the security agency to monitor which corners of its vast computer landscape its employees are navigating at any given time.
Six months after the investigation began, officials said Snowden had further covered his tracks by logging into classified systems using the passwords of other security agency employees, as well as by hacking firewalls installed to limit access to certain parts of the system.
“They’ve spent hundreds and hundreds of man-hours trying to reconstruct everything he has gotten, and they still don’t know all of what he took,” a senior administration official said. “I know that seems crazy, but everything with this is crazy.”
That Snowden was so expertly able to exploit blind spots in the systems of America’s most secretive security agency illustrates how far computer security still lagged years after President Barack Obama ordered standards tightened after the WikiLeaks revelations of 2010.
Snowden’s disclosures set off a national debate about the expansion of the agency’s powers to spy both at home and abroad, and have left the Obama administration trying to mend relations with allies after revelations about U.S. eavesdropping on foreign leaders.
A presidential advisory committee that has been examining the security agency’s operations submitted its report to Obama on Friday. The White House said the report would not be made public until next month, when Obama announces which of the recommendations he has embraced and which he has rejected.
Snowden gave his cache of documents to a small group of journalists, and some from that group have shared information with several news organizations - leading to a flurry of exposures about spying on friendly governments. In an interview with The New York Times in October, Snowden said he had given all the documents he downloaded to journalists and kept no additional copies.
In recent days, a senior National Security Agency official has told reporters that he believed Snowden still had access to documents not yet disclosed. The official, Rick Ledgett, who is heading the agency’s task force examining Snowden’s leak, said he would consider recommending amnesty for Snowden in exchange for those documents.
“So, my personal view is, yes, it’s worth having a conversation about,” Ledgett told CBS News. “I would need assurances that the remainder of the data could be secured, and my bar for those assurances would be very high. It would be more than just an assertion on his part.”
Snowden is living and working in Russia under a one-year asylum. The Russian government has refused to extradite Snowden, who was charged by the Justice Department in June on counts of espionage and stealing government property, to the U.S.
Snowden has said he would return to the U.S. if he were offered amnesty, but it is unclear whether Obama - who would most likely have to make such a decision -would offer amnesty, given the damage the administration has claimed Snowden’s leaks have done to national security.
Because the security agency is still uncertain about exactly what Snowden took, government officials sometimes learn about specific documents from reporters preparing articles for publication - leaving the State Department with little time to notify foreign leaders about disclosures.
With the security agency trying to revamp its computer network in the aftermath of what could turn out to be the largest breach of classified information in U.S. history, the Justice Department has continued its investigation of Snowden.
According to senior government officials, FBI agents from the bureau’s Washington field office, who are leading the investigation, believe that Snowden methodically downloaded the files over several months while working as a government contractor at the Hawaii facility. They also believe he worked alone, the officials said.
But for all of Snowden’s technical expertise, some U.S. officials also place blame on the security agency for being slow to install software that can detect unusual computer activity carried out by the agency’s workforce - which, at approximately 35,000 employees, is the largest of any intelligence agency.
A National Security Agency spokesman declined to comment.
After a similar episode in 2010 - when an Army private, Chelsea Manning, gave hundreds of thousands of military chat logs and diplomatic cables to the anti-secrecy group WikiLeaks - the Obama administration took steps intended to prevent another government employee from downloading and disseminating large volumes of classified material.
In October 2011, Obama signed an executive order establishing a task force responsible for “deterring, detecting and mitigating insider threats, including the safeguarding of classified information from exploitation, compromise, or other unauthorized disclosure.” The task force, led by the attorney general and the director of national intelligence, has the responsibility of developing policies and new technologies to protect classified information.
But one of the changes, updating computer systems to track the digital meanderings of the employees of intelligence agencies, occurred slowly.
“We weren’t able to flip a switch and have all of those changes made instantly,” said one intelligence official.
Lonny Anderson, the National Security Agency’s chief technology officer, said that much of what Snowden took had come from parts of the computer system open to anyone with high-level clearance. And part of Snowden’s job was to move large amounts of data between different parts of the system.
But, Anderson said, Snowden’s activities were not closely monitored and did not set off warning signals.
“So the lesson learned for us is that you’ve got to remove anonymity” for those with access to classified systems, Anderson said.
Officials said Snowden, who had an intimate understanding of the agency’s computer architecture, would have known that the Hawaii facility was behind other agency outposts in installing monitoring software.
According to a former government official who spoke recently with Gen. Keith Alexander, the agency’s director, the general said that at the time Snowden was downloading the documents, the agency was several months away from having systems in place to catch the activity.
As investigations by the FBI and the National Security Agency grind on, the State Department and the White House have absorbed the effect of Snowden’s disclosures on America’s diplomatic relations with other countries.
“There are ongoing and continuing efforts by the State Department still to reach out to countries and to tell them things about what he took,” said one senior administration official. The official said the State Department often described the spying to foreign leaders as “business as usual” between nations.
Front Section, Pages 1 on 12/15/2013