We Now Know A Lot More About Edward Snowden's Epic Heist — And It's Troubling
- AUG. 17, 2014, 9:32 AM
- 53,039
- 106
Courtesy of Edward Snowden via Wired
Snowden with Former CIA and NSA chief General Michael Hayden at a gala in 2011.
Edward Snowden's in-depth interview with James Bamford of Wired offers details about his last job as a contractor for the NSA in Honolulu, which raise disconcerting questions about the motives of the former systems administrator.
While working at two consecutive jobs in Hawaii from March 2012 to May 2013, the 31-year-old allegedly stole about 200,000 "tier 1 and 2" documents, which mostly detailed the NSA's global surveillance apparatus and were given to American journalists Glenn Greenwald and Laura Poitras in June 2013. The government believes Snowden also took up to 1.5 million "tier 3" documents potentially detailing U.S. capabilities and NSA offensive cyber operations, the whereabouts of which are unknown.
We now know more about the larger and more sensitive cache of classified documents. Furthermore, a close reading of relevant reporting and of statements made by Snowden suggests that much of what the rogue NSA employee intentionally took involved operational information unrelated to civil liberties.
While the tier 3 material appears to have not been shared with American journalists, some of it was shown to a Chinese newspaper. And 14 months later, given the uncertain fate of the documents, it is not unreasonable to ask whether they could have fallen into the hands of an adversarial foreign intelligence service.
'The Time Had Come To Act'
Snowden had worked as an NSA contractor for Dell since 2009, and in March 2012 he began working as a systems administrator for the NSA's information-sharing office at the Kunia Regional Security Operations Center (known as "the Tunnel") on the main island of Oahu. Over time, he became increasingly alarmed by what he viewed as serious U.S. governmental violations of Americans' constitutional liberties, as well as general disregard for privacy rights of foreign citizens.
American officals told Reuters that Snowden began making illegal downloads about U.S. and U.K. eavesdropping programs in April 2012. (The NSA later told Vanity Fair that the downloading began in the summer of 2012.)
Wired
By early 2013, "Snowden believed he had no choice but to take his thumb drives and tell the world what he knew," Bamford writes in Wired. "The only question was when."
Snowden says that moment came on March 13, 2013, when he read about Director of National Intelligence James Clapper's appearance before a Senate committee, during which he testified that intelligence officials did not "wittingly" collect data on Americans.
Clapper's statement and the subsequent lack of concern among his NSA colleagues at the Tunnel "convinced him that the time had come to act," Bamford writes.
Snowden quit Dell on March 15, according to reporting by Edward Jay Epstein of The Wall Street Journal, and landed a job with Booz Allen as an infrastructure analyst at the National Threat Operations Center in Honolulu.
So two days after Clapper's testimony, and three months after he began working with Poitras, Snowden set his sights on what Bamford describes as "that last cache of secrets."
New Job, More Secrets
Snowden transferred to Booz Allen to gather information on "the NSA’s aggressive cyberwarfare activity around the world," Bamford writes, adding that the talented technician "became immersed in the highly secret world of planting malware into systems around the world and stealing gigabytes of foreign secrets."
That kind of hacking — employing the most sensitive of clandestine NSA cyberspying techniques — is carried out by the NSA's Office of Tailored Access Operations (TAO). Current and former intelligence officials told investigative reporter Matthew Aid that "TAO has been enormously successful over the past 12 years in covertly inserting highly sophisticated spyware into the hard drives of over 80,000 computer systems around the world, although this number could be much higher."
Snowden's new position gave him deep access into the NSA's emerging cyber-espionage capabilities.
"Infrastructure analysts like Mr. Snowden, in other words, are not just looking for electronic back doors into Chinese computers or Iranian mobile networks to steal secrets," Scott Shane and David Sanger of The New York Times reported in June 2013. "They have a new double purpose: building a target list in case American leaders in a future conflict want to wipe out the computers’ hard drives or shut down the phone system."
Basically, Snowden gained the opportunity he sought.
"My position with Booz Allen Hamilton granted me access to lists of machines all over the world the NSA hacked," he told the South China Morning Post (SCMP) on June 12, 2013. "That is why I accepted that position about three months ago."
For example, Snowden told NYT in October he had "access to every target, every active operation" mounted by the NSA against the Chinese. "Full lists of them."
Tier 1 and 2 vs. Tier 3
screenshot/Powerline
Edward Jay Epstein of the Wall Street Journal traveled to Hong Kong and stayed in the Mira Hotel, where Snowden stayed from June 1 to June 10 of 2013.
"He is a whistleblower in the case of some documents, and not a whistleblower in the case of other documents," Epstein of WSJ said in a recent interview with Scott Johnson of Powerline.
Epstein reported that Snowden's job with Dell in Hawaii "gave him access to the NSA Net, from which he pilfered most of the documents he later gave to journalists, including the ones about NSA domestic operations that have preoccupied the world's media."
These documents, which comprise tier 1 and tier 2 of the intelligence community's damage assessment, "can be called whistleblowing, whistleblowing [documents] that say he's a man of conscience and he revealed what he thought ... the public should know," Epstein explained to Powerline. "But these constituted only a small portion because then he transferred to Booz Allen on March 15, 2013."
Epstein wrote that Snowden went to Booz Allen to "get access to the crown jewels, the lists of computers in four adversary nations — Russia, China, North Korea and Iran — that the agency had penetrated."
These proverbial keys to the kingdom are considered the most sensitive of the potentially massive cache of tier 3 documents that Snowden may have obtained but did not give to American journalists.
Epstein also reported that some documents "were taken from at least 24 supersecret compartments that stored them on computers, each of which required a password that a perpetrator had to steal or borrow, or forge an encryption key to bypass."
Snowden denies scamming passwords, but former colleagues have admitted to inadvertently providing Snowden a password to access information he was not authorized to see.
Epstein told Powerline that the theft at Booz was "basically a work of espionage: Taking documents that reveal sources and methods. He's never given these documents, with one exception, to any journalist, and no one knows where these documents are.
"So in the case of his work [for Booz Allen] at the National Threat Operations Center, he is not in my book under any theory a whistleblower," Epstein concluded. "At Dell, he could be a whistleblower. These are two different jobs and two different phases."
What Happened To The Tier 3 Documents?
After he flew to Hong Kong on May 20, Snowden gave an estimated 200,000 documents to Greenwald and Poitras. Significantly, from what has been reported, that portion of the information Snowden took does not seem to include "lists of machines all over the world the NSA hacked."
Two days after parting ways with the Americans on June 10, however, Snowden showed Lana Lam of the SCMP documents detailing which computers the NSA had targeted in Hong Kong and mainland China since 2009.
"I did not release them earlier because I don't want to simply dump huge amounts of documents without regard to their content," Snowden told the Hong Kong paper in a June 12 interview. "I have to screen everything before releasing it to journalists."
Greenwald subsequently told the Daily Beast that he would not have "disclosed the specific IP addresses in China and Hong Kong the NSA is hacking."