Bruce Schneier: Sure, Russia & China Probably Have The Snowden Docs... But Not Because Of Snowden

from the because-espionage dept

Given all the fuss over the ridiculous article this past weekend -- which has since been confirmed as government stenography rather than actual reporting -- security maven Bruce Schneier has written up an article making a key point. It's quite likely that the underlying point in the article -- that Russian and Chinese intelligence agencies have access to the documents that Snowden originally handed over to reporters -- is absolutely true. But, much more importantly, he argues, the reason likely has almost nothing to do with Snowden.

First, he notes, it's quite likely that Snowden -- as he has said -- no longer has access to the documents. But other people do. And they're not as knowledgeable about encryption and spycraft as Snowden is.

First, the journalists working with the documents. I’ve handled some of the Snowden documents myself, and even though I’m a paranoid cryptographer, I know how difficult it is to maintain perfect security. It’s been open season on the computers of the journalists Snowden shared documents with since this story broke in July 2013. And while they have been taking extraordinary pains to secure those computers, it’s almost certainly not enough to keep out the world’s intelligence services.

There is a lot of evidence for this belief. We know from other top-secret NSA documents that as far back as 2008, the agency’s Tailored Access Operations group has extraordinary capabilities to hack into and “exfiltrate” data from specific computers, even if those computers are highly secured and not connected to the Internet.

These NSA capabilities are not unique, and it’s reasonable to assume both that other countries had similar capabilities in 2008 and that everyone has improved their attack techniques in the seven years since then.

But, the second point is an even bigger one, which is that it's highly likely that Russian and Chinese intelligence got these documents long before Snowden gave them to the press, because that's what spies do.

Which brings me to the second potential source of these documents to foreign intelligence agencies: the US and UK governments themselves. I believe that both China and Russia had access to all the files that Snowden took well before Snowden took them because they’ve penetrated the NSA networks where those files reside. After all, the NSA has been a prime target for decades.

Those government hacking examples above were against unclassified networks, but the nation-state techniques we’re seeing work against classified and unconnected networks as well. In general, it’s far easier to attack a network than it is to defend the same network. This isn’t a statement about willpower or budget; it’s how computer and network security work today. A former NSA deputy director recently said that if we were to score cyber the way we score soccer, the tally would be 462–456 twenty minutes into the game. In other words, it’s all offense and no defense.

In this kind of environment, we simply have to assume that even our classified networks have been penetrated. Remember that Snowden was able to wander through the NSA’s networks with impunity, and that the agency had so few controls in place that the only way they can guess what has been taken is to extrapolate based on what has been published. Does anyone believe that Snowden was the first to take advantage of that lax security? I don’t.

Remember, this is the same government that's now reeling from the Chinese hacking of OPM getting all the secrets of government employees, including those with security clearances. It was a hack so impressive that even Michael Hayden -- former CIA and NSA boss -- can't hide his appreciation of the work that was done. Hayden called it "honorable espionage work" by the Chinese and further notes that he "would not have thought twice" if he had the ability to get the same info from the Chinese.

These are the games that intelligence agencies play all the time. Schneier's piece has a lot more in it, but the idea that the Russians and Chinese learned anything particularly new or useful from the Snowden documents -- or that they even got them from Snowden's document dump -- seems quite dubious.

Filed Under: bruce schneier, china, encryption, espionage, michael hayden, russia, snowden documents

Reader Comments

Subscribe: RSS

View by: Time | Thread

  1. identicon
    GEMont, 18 Jun 2015 @ 1:37pm

    When a leak is not a leak....

    One other way that these documents could end up in the hands of the Chinese and others, was missed by the article.

    And a very common and familiar method it is.

    And that method is that the USG itself "leaked" most of the documents to foreign powers in order to discredit Snowden in the public forum and to give phony "substance" to their claims that Snowden "gave" these foreign governments access to the documents.

    Once they can get most of the US pub "behind the plan", through such subterfuge, they can Barrack O-bomber Drone Snowden's sanctuary and finally kill the man who bared their crimes to the public.

    Considering the lax attitude the USG has had in past with leaking very, very sensitive documents for exactly this sort of purpose, I would suspect this to be the most likely method used.


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here

Subscribe to the Techdirt Daily newsletter

Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Techdirt Gear
Show Now: Takedown
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories
Report this ad  |  Hide Techdirt ads


Email This

This feature is only available to registered users. Register or sign in to use it.