You'd Think NSA Employees Would Know Better Than To Hand Out Their Passwords, But Many Gave Them To Snowden
from the nsa-is-trustworthy? dept
In the latest bizarre news concerning the Snowden leaks, Reuters is reporting that Ed Snowden was able to convince a number of NSA employees to give him their login info, which helped him access a lot of the content. Of course, this differs from earlier reports, which had suggested that, as a sys admin, he’d simply been able to login as other employees.
A handful of agency employees who gave their login details to Snowden were identified, questioned and removed from their assignments, said a source close to several U.S. government investigations into the damage caused by the leaks.
Snowden may have persuaded between 20 and 25 fellow workers at the NSA regional operations center in Hawaii to give him their logins and passwords by telling them they were needed for him to do his job as a computer systems administrator, a second source said.
What fascinates me about this is the idea that if you were working for the NSA, wouldn’t you know to never give out your password to anyone, ever? It just seems like basic common sense (also: if you were one of those 20 to 25 people, I’d imagine that as soon as Snowden’s name came out, you were sweating bullets). You’d think that NSA employees wouldn’t do that sort of thing.
And, once again, what this brings us back around to is the simple fact that NSA employees are humans and sometimes they do the wrong thing. That is why the surveillance program is so worrisome. Keith Alexander and others can insist that there were only a small number of abuses, but all the data actually showed is that the NSA only caught a small number of abuses. It’s quite likely that many more have happened, and continue to happen. The fact that it’s apparently not that difficult to get NSA employees to cough up their login info shows that for all the talk of careful review, audits, limits and security — humans remain a very weak link, and there are all sorts of ways to get at information even if the NSA believes it’s locked down and carefully monitored.