For An Intelligence Agency, The NSA Doesn't Seem To Have Much Idea What's Going On Inside Its Own Walls
from the inside-of-a-panopticon-is-the-least-secure-area dept
Better late than never, the NSA seems like it's finally getting around to fixing the problems on the inside of the agency.
So sharp is the fear of threats from within that last year the NSA planned to launch at least 4,000 probes of potentially suspicious or abnormal staff activity after scrutinizing trillions of employee keystrokes at work. The anomalous behavior that sent up red flags could include staffers downloading multiple documents or accessing classified databases they do not normally use for their work, said two people familiar with the software used to monitor employee activity.Somebody's putting in some overtime! In addition to sifting through the vast amount of data collected in its many quasi-legal (and some completely illegal) programs, the agency has also had to wade through "trillions" of logged employee keystrokes. (The haystacks are coming from inside the house!)
This investigation has chewed up a lot of money with very little in the way of results, suffering from "critical delays" and (go figure) a lack of cohesive implementation. Meanwhile, a sysadmin headed to Hong Kong with an NSA-to-go kit. Not that a more expeditious rollout of the investigations would have mattered.
Contractors like Snowden, an NSA spokeswoman said, were not included in the plans to reinvestigate 4,000 security clearances.The agency claims these investigations aren't in place to root out offenders (although it's certainly welcome to do so), but to "reduce the potential" of an insider compromise.
“Periodic re-investigations are conducted as one due-diligence component of our multifaceted insider threat program.”Well, whatever's been put into place so far has failed dramatically, and what's being pursued doesn't look very promising. The agency claims the first rollout was stunted by resources being diverted towards mitigating the fallout from Bradley Manning's leaks. Now, as the agency tries to reignite the investigative process, Snowden (and several media entities) are standing behind it, periodically blowing out the flame.
The NSA still seems to have no idea what exactly Snowden took and that lack of knowledge has forced it to play nothing but defense since the leaks began. The internal vetting process seems to be about as "efficient" as the external process, albeit for very different reasons. An agency that can't search its own email doesn't have a chance against an individual with access and determination.
And then there's this aspect of the whole debacle, as pointed out by Bruce Schneier:
I am completely croggled by the fact that the NSA apparently had absolutely no contingency plans for this sort of thing.It doesn't, and that's a very worrying issue for a NATIONAL SECURITY AGENCY. At this point, the NSA can't close the barn doors fast enough and every assertion it makes about the limits, oversight or "trustworthiness" of its programs is usually undermined within a few days by yet another leak. Something aimed at nothing more than a "reduction" in leaky insiders just isn't going to be good enough. On the other hand, the public is benefiting from the NSA's pain -- it's now more informed about the agency's activities than it's been for the previous half-decade -- and the cumulative effects of the leak-and-denial cycle have forced the NSA to actually participate in a national discussion and make tentative steps towards transparency.