Feature

Why it was easy for Edward Snowden to impersonate top NSA officials

Always keep an eye on the IT guy...

On Thursday, U.S. intelligence sources told NBC News that Edward Snowden used his position as a system administrator for the NSA to impersonate the electronic identities of top agency officials, which he used to gain access to 20,000 classified government documents.

"This is why you don't hire brilliant people for jobs like this," the official told NBC News. "You hire smart people. Brilliant people get you in trouble."

Snowden might be brilliant, but he also had another thing going for him: He was, as Slate's Farhad Manjoo once put it, "the IT guy."

As an employee hired by contractor Booz Allen Hamilton, Snowden only had "top secret" access, which left the most sensitive NSA documents out of reach. But Snowden reportedly solved that problem by creating and modifying profiles for employees who had more access than he did.

As New York's Kevin Roose noted earlier this summer, people shouldn't be surprised that Snowden used his position as a system administrator, or sysadmin, to bypass NSA security measures:

The sysadmin rarely draws attention — you probably don't know the name of your company's sysadmin — but he or she knows everything and sees everything. The sysadmin is in charge of setting account permissions, creating and deleting accounts, and routing information to the correct people and places. If a corporation is a giant organism, the sysadmin is the cerebrum — the part that allows the rest to move. [New York]

As anyone who has let a systems administrator remotely take over his computer knows, it's perfectly customary for Snowden types to don the identity of another user. As journalist Joshua Foust argued on Twitter:

Once Snowden had access to sensitive documents, his position as a system administrator allowed him to do what other NSA employees couldn't — download files onto an external hard drive, in Snowden's case multiple thumb drives that he then took to Hong Kong.

As ZDNet's Larry Seltzer notes, with only two levels of "security access, 'Top Secret' and 'Unfettered', it's surprising that a Snowden-like leak didn't happen long ago."

The intelligent way to manage such a system is to have a multi-level hierarchy of administration, limiting the access of the vast bulk of administrators to documents and systems for which they have a legitimate need. The higher up the hierarchy you go, the more access an administrator would have, and the more closely security personnel could scrutinize their moves. [ZDNet]

It also didn't help that the "NSA is stuck in 2003 technology," as an intelligence official told NBC News.

Now the NSA is trying to deal with the aftermath, which includes efforts to find out which officials Snowden impersonated and cutting 90 percent of its system administrators and replacing them with computers.

Recommended

Biden's silence on capital punishment tests fellow opponents
Joe Biden, Merrick Garland
Silent but potentially deadly

Biden's silence on capital punishment tests fellow opponents

10 things you need to know today: June 18, 2021
A sign
Daily briefing

10 things you need to know today: June 18, 2021

Jimmy Fallon and Stephen Colbert cheer Juneteenth
Juneteenth no votes
Last Night on Late Night

Jimmy Fallon and Stephen Colbert cheer Juneteenth

Teen buys repossessed storage units, then returns everything to original owners
Moving boxes.
it wasn't all bad

Teen buys repossessed storage units, then returns everything to original owners

Most Popular

7 toons about the Dems' Joe Manchin problem
Political Cartoon.
Feature

7 toons about the Dems' Joe Manchin problem

The Southern Baptist Convention is still cracking
Nashville.
Picture of Bonnie KristianBonnie Kristian

The Southern Baptist Convention is still cracking

Bernie Sanders wants to know if cannabis reporter is 'stoned' right now
Bernie Sanders.
Sounds dope

Bernie Sanders wants to know if cannabis reporter is 'stoned' right now