The risk of the low-level, tech-savvy leaker

http://www.washingtonpost.com/world/national-security/edward-snowden-bradley-manning-and-the-risk-of-the-low-level-tech-savvy-leaker/2013/06/11/f5e3ad72-d2c7-11e2-a73e-826d299ff459_print.html

 

Edward Snowden, Bradley Manning and the risk of the low-level, tech-savvy leaker

By Greg Miller, Published: June 11

In the span of three years, the United States has developed two gaping holes in its national security hull, punctures caused by leakers who worked at the lowest levels of the nation's intelligence ranks but gained access to large caches of classified material.

The parallels between Edward Snowden, who has declared himself the source of leaks on National Security Agency surveillance programs, and Bradley Manning, a U.S. Army private on trial for sending hundreds of thousands of secret files to the WikiLeaks Web site, go beyond generational ties.

Both enlisted in the Army during the war in Iraq only to later say they were disillusioned by that conflict. Neither has a college degree or extensive academic training in computer science. And yet both were technically savvy, able to navigate sensitive computer networks and smuggle classified files.

The back-to-back breaches — seen by many as the most significant in decades — have forced U.S. intelligence officials to examine whether the cases are isolated in scope or part of a new category of exposure emerging at the edges of classified U.S. networks.

U.S. officials said counterintelligence teams are already looking beyond the details of the Snowden case at any vulnerabilities it has exposed.

"At this point, we're still looking at this as an anomaly," a senior U.S. intelligence official said. But he said a damage assessment ordered by Director of National Intelligence James R. Clapper Jr. is broad in scope, focused largely on the implications of a case in which highly sensitive materials were somehow within the grasp of a contractor who moved through a series of low-ranking jobs for the CIA and the NSA.

Snowden and Manning both took advantage of access to computer systems that expanded exponentially in the aftermath of the attacks of Sept. 11, 2001, partly in an effort to make critical information available across agencies.

Since the disclosures by Wiki­Leaks in 2010, the Pentagon has taken steps to better protect its classified networks. It has banned the use of thumb drives unless special permission is given, mandated that users have special smart cards that authenticate their identities and required analysts to review computer logs to identify suspicious behavior on the network.

Despite such measures, it remains impossible to guarantee security on any classified network. Since going public, Snow­den has attributed his extensive access to his role as an ordinary systems administrator for the NSA, although he offered few specific details about where he found or how he removed such sensitive files.

In an e-mail to a Washington Post reporter last month, he said he wanted "to embolden others to step forward," suggesting that he hoped his leak would trigger follow-up disclosures.

Among the files he obtained were a secret order issued by the Foreign Intelligence Surveillance Court and 41 briefing slides on a highly classified program, called PRISM, in which mainstream technology companies including Microsoft, Google and Facebook have given the NSA extensive access to e-mails, videos and other content.

The records released by Snow­den are fewer in number but more sensitive and of higher levels of classification than the U.S. diplomatic cables and military reports Manning sent to WikiLeaks after he downloaded them while serving in Iraq.

Snowden has praised Manning but also sought to differentiate himself from his predecessor. In particular, Snowden has indicated that he sought to be more responsible, withholding records he had that might put U.S. intelligence operatives in jeopardy, unlike Manning, who is accused of turning over thousands of pages, some of which contained the names of informants.

But their motivations and backgrounds have extensive overlaps. Both entered the military or government jobs during an era of massive hiring binges, controversial wars and repeated disclosures of alleged abuses by the U.S. military, the CIA and the NSA.

Both have said they wanted to call attention to abuses by the U.S. government, although critics have called them traitors who acted out of an exaggerated sense of self-importance.

Manning was gifted with computers and had begun learning the C++ programming language by the time he was 8. He never found a path to college and instead enlisted in the Army, where he was groomed for a career as an intelligence analyst.

Snowden's plans to pursue a Special Forces career were derailed, he said, by leg injuries he sustained during training that ended his military stint after just three months.

It is less clear how Snowden came by his computer skills. But, as with Manning, his technology savvy appears to have helped him obtain a string of jobs that enabled him to snoop on and eventually steal sensitive files.

Their actions and motivations bear little resemblance to high-profile security breaches of the 1980s and '90s. The best-known cases involved mid-career officials such as the CIA's Aldrich Ames and the FBI's Robert ­Hanssen, who were convicted of selling secrets to the Soviet and Russian governments for financial gain.

The closest parallel for Snow­den and Manning may be Daniel Ellsberg, who in 1971 was the New York Times' and The Washington Post's source for the Pentagon Papers, a secret assessment of the Vietnam War that eroded the credibility of U.S. government's more-optimistic public claims about the conflict. Ellsberg in recent days has praised Snowden and described the material Snowden disclosed as more significant than the documents he leaked four decades ago.

There are differences, however. Ellsberg was a senior military analyst working at the Pentagon who had a direct role in drafting the Pentagon Papers. The document was largely a record of U.S. decision-making rather than a blueprint of ongoing operations. Drafts were undoubtedly stored in safes, not on networks where they might be read by low-level employees at distant military or intelligence outposts.

A former senior NSA official recalled procedures in the 1970s that were archaic but secure. "When hot documents would go around they'd be in a double-sealed envelope, and some person would wait while you read it, re-
envelope it and leave," the former official said. "By contrast, now you bring it up on your computer screen."

Some U.S. officials question whether there is a generational gap in views on privacy and government transparency. Manning and Snowden, who are in their 20s, grew up with technology and the Internet as fixtures in their lives.

"We are recruiting Americans from a culture that has a deeper desire for absolute transparency than any previous cohort of people entering the service," said Michael V. Hayden, former CIA and NSA director. "They are coming from a culture in which, for many, transparency is an absolute good, and it appears that in these two cases it influenced these people."

Snowden appears to have left fewer online footprints than many of his generation, with no evidence of Facebook or Twitter accounts. In his comments to The Post, he indicated that was in part because of what he had learned.

The Internet "is a TV that watches you," he said, a technology "governments are abusing . . . to extend their powers beyond what is necessary and appropriate."