How a single IT tech could spy on the world
Inside the NSA's secret, separate internet
One of NSA contractor Edward Snowden's more stunning claims is that a single individual has the ability to eavesdrop on anyone in the world, and that he could access and download information about all of the C.I.A's station chiefs and undercover case officers.
If true, it means that the system the NSA has built to connect analysts with the data it collects and distributes is both extremely powerful, well beyond what is publicly known, and also, at the same quite, brittle, if it can truly be subject to single-point failures.
I don't know if Snowden's claim is accurate. As a systems administrator, he certainly is entitled to the benefit of the doubt when it comes to an assessment of the NSA's internal information security.
Subscribe to The Week
Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.
Sign up for The Week's Free Newsletters
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
The NSA has, in fact, built a separate, secret internet for signals intelligence, one that relies on fiber and satellite channels that are segregated almost completely from the plain old telephone system. Called NSANet, it allows analysts deployed almost anywhere to access virtually everything the NSA's extremely vast databanks contain. It has its own bridges, routers, systems, and gateways.
According to several current and former officials who've worked on NSANet, every keystroke is logged and subject to random audits. "Screengrabs" are prohibited. Documents can be printed with special facilities but that, too, leaves a record. As a mission support specialist, Snowden would have had access as part of his jobs to the physical servers and hard drives that contain material.
If he did not want to leave an audit trail, he might have disconnected a hard drive containing temporarily cached documents, brought them into an area that included desktops and hardware not cleared for such access, connected them, and then printed documents out. It is also possible that he disabled, under the guise of fixing something, access privileges for auditors. He could have temporarily escalated his own access privileges, although this would have raised flags among his superiors.
In theory, this would have alerted NISIRT, the NSA's Information Systems Incident Response Team, which maintains a 24/7 watch over the backend of NSANet. Operational branches, including Special Source Operations (domestic and compartmented collection programs), Global Access Operations (satellites and other international SIGINT platforms), and Tailored Access Operations (cyber) have their own NISIRT team.
Sign up for Today's Best Articles in your inbox
A free daily email with the biggest news stories of the day – and the best features from TheWeek.com
The NSA wants to figure out how Snowden subverted the systems he was paid to administer. The agency's counter-intelligence squad, known as Q Force, has an insider threat Task Force that uses predictive analytics and audit sampling to try and discover analysts and (I presume) support personnel who might be on the verge of a breaking point.
On some technical matters, Snowden's proficiency can't be questioned. But some of his assertions about the intelligence community are difficult to square with reality.
Can/would the CIA actually render him clandestinely?
John Schindler, a former technical director for one of the NSA's largest foreign intelligence programs and also a counter-intelligence expert who is now a professor at the Naval War College, tweeted a response: "Lemme put this out there. If [the intelligence community] were really assassinating [its] own personnel, do you realize how many spooks would go Greenwald?"
Could he access the identities of every CIA case officer and chief of station?
Perhaps as a contractor for the CIA's Office of Security. The Chiefs of Stations are generally well-known within the CIA; case officer identities aren't, even though both jobs are undercover. And identifying actual spies -- the sources for case officers -- were not included by Snowden in the set of powers he says he had at his disposals.
Can he access anyone's email or bring down the entire U.S. SIGINT system in a day?
Intelligence community sources say no. But let's give Snowden the benefit of the doubt. It's hard to see how one person could introduce a virus into NSANet and wouldn't be detected. And again, if he were at the right computer at the right time, he could change his permissions to give himself a super-user status and make an email search query (assuming he knew the email and assuming the email was part of the collected dataset), but again, the probabilities of someone being able to do this without being detected are slim and designed to be vanishingly so.
Marc Ambinder is TheWeek.com's editor-at-large. He is the author, with D.B. Grady, of The Command and Deep State: Inside the Government Secrecy Industry. Marc is also a contributing editor for The Atlantic and GQ. Formerly, he served as White House correspondent for National Journal, chief political consultant for CBS News, and politics editor at The Atlantic. Marc is a 2001 graduate of Harvard. He is married to Michael Park, a corporate strategy consultant, and lives in Los Angeles.
-
Puppet shows, pagodas and pho: a guide to Hanoi
The Week Recommends Vietnam's capital city blends the ancient with the new
By Catherine Garcia, The Week US Published
-
'There are benefits, but not acknowledging them would tell only half of the story'
Instant Opinion Opinion, comment and editorials of the day
By Justin Klawans, The Week US Published
-
What Trump's win could mean for Big Tech
Talking Points The tech industry is bracing itself for Trump's second administration
By Theara Coleman, The Week US Published
-
How do you solve a problem like Facebook?
The Explainer The social media giant is under intense scrutiny. But can it be reined in?
By Peter Weber Published
-
Microsoft's big bid for Gen Z
The Explainer Why the software giant wants to buy TikTok
By Amrita Khalid Published
-
Apple is about to start making laptops a lot more like phones
The Explainer A whole new era in the world of Mac
By Navneet Alang Published
-
Why are calendar apps so awful?
The Explainer Honestly it's a wonder we manage to schedule anything at all
By Navneet Alang Published
-
Tesla's stock price has skyrocketed. Is there a catch?
The Explainer The oddball story behind the electric car company's rapid turnaround
By Jeff Spross Published
-
How robocalls became America's most prevalent crime
The Explainer Today, half of all phone calls are automated scams. Here's everything you need to know.
By The Week Staff Published
-
Google's uncertain future
The Explainer As Larry Page and Sergey Brin officially step down, the company is at a crossroads
By Navneet Alang Published
-
Can Apple make VR mainstream?
The Explainer What to think of the company's foray into augmented reality
By Navneet Alang Published