WASHINGTON (Reuters) – The U.S. National Security Agency failed to install the most up-to-date anti-leak software at a site in Hawaii before contractor Edward Snowden went to work there and downloaded tens of thousands of highly classified documents, current and former U.S. officials told Reuters.
Well before Snowden joined Booz Allen Hamilton last spring and was assigned to the NSA site as a systems administrator, other U.S. government facilities had begun to install software designed to spot attempts by unauthorized people to access or download data.
The purpose of the software, which in the NSA’s case is made by a division of Raytheon Co, is to block so-called “insider threats” – a response to an order by President Barack Obama to tighten up access controls for classified information in the wake of the leak of hundreds of thousands of Pentagon and State Department documents by an Army private to WikiLeaks website in 2010.
The main reason the software had not been installed at the NSA’s Hawaii facility by the time Snowden took up his assignment there was that it had insufficient bandwidth to comfortably install it and ensure its effective operation, according to one of the officials.
Due to the bandwidth issue, intelligence agencies in general moved more slowly than non-spy government units, including the Defense Department, to install anti-leak software, officials said.
NBC News reported earlier this year that Snowden, who has been charged with espionage but was granted asylum in Russia, took advantage of antiquated security systems to rummage through the NSA’s computer systems but details of the lapses in Hawaii have not previously been reported.
A spokeswoman for the NSA declined to discuss details of the agency’s schedule for installing anti-leak software in Hawaii. She said the agency has had to speed up its efforts to tighten security in the wake of Snowden’s disclosures.
“We open our facilities only after we have met all of the necessary regulatory, statutory, and infrastructure requirements,” the spokeswoman said. “NSA has a very large, diverse and complex IT infrastructure across our global enterprise, and many features of that infrastructure evolve over time as new capabilities are developed, refined, and deployed.”
She added: “NSA and the Intelligence Community at large have been moving forward with IT efficiency initiatives for several years. … The unauthorized disclosures have naturally compelled NSA and the rest of the IC to accelerate the timeline.”
Raytheon had no immediate comment.
INSIDER THREAT
In December 2010, the White House created a task force, headed by a former senior intelligence officer, to develop plans and systems to tighten access controls for classified information.
One of the specific initiatives announced by the White House for spy agencies was the installation of a program described as “Enhanced Automated, On-Line Audit Capability: Systems will monitor user activity on all IC classified computer systems to detect unusual behavior.”
The NSA Hawaii facility, known as a Remote Operations Center, opened in January 2012, replacing an older site located in a nearby World War II-era facility. The facility is focused on intercepting communications from Asia, and the Washington Post has reported that it also is involved in operations in cyberspace such as mapping adversaries’ computer networks and implanting electronic beacons.
Snowden was assigned by Booz Allen Hamilton to the Hawaii facility in late March or early April 2013, after first attending training sessions near NSA’s Maryland headquarters.
He was only there for a few weeks before he told his employers that he needed time off because of health problems. Snowden then disappeared and turned up several weeks later in Hong Kong. There, he gave a TV interview and a trove of secrets from the NSA and its British counterpart, Government Communications Headquarters, to writer Glenn Greenwald, filmmaker Laura Poitras, and journalists from Britain’s Guardian newspaper.
Reuters reported in August that Snowden began downloading documents describing the U.S. government’s electronic spying on an earlier job working for Dell Inc in April 2012.
One official said Congressional oversight committees had repeatedly expressed concerns to the administration that agencies across the government, including spy units, had moved too slowly to install updated security software.
Another official said that U.S. agencies were still not positive they knew the details of all the material which Snowden had downloaded and turned over to journalists.
(Editing by Tiffany Wu and Grant McCool)
Fri, Oct 18 2013
By Mark Hosenball and Warren Strobel
Find this story at 18 October 2013
© Thomson Reuters 2011.