Latest news

Clueless in Washington: NSA had no data on number of employees with access to download top secret data prior to Snowden leak

When you’re the nation’s foremost foreign intelligence agency and you have no idea how many people have access to your most sensitive information, that’s a big, fat red flag

(National SentinelEspionage: As technologically advanced as our intelligence community is, a new report has found that our preeminent foreign surveillance wing had no data on how many of its employees and contractors had sufficient clearance to download our nation’s most sensitive secrets prior to the biggest compromise of data in recent history

As reported by the Washington Free Beacon, before former National Security Agency contractor Edward Snowden’s historic breach, a recent declassified August report from the Department of Defense’s Office of Inspector General also found that the NSA was unable to meaningfully slash the number of officials with “privileged” access its most sensitive databases.

The report, which was heavily redacted, was obtained via a Freedom of Information Act lawsuit by The New York Times.

The Free Beacon noted further:

The agency struggled to achieve the mandated reductions because it had no idea how many employees or contractors were designated data transfer agents or privileged access users prior to the leaks.

NSA officials told the inspector general they lost a “manually kept spreadsheet” that tracked the number of privileged users after receiving multiple requests from the inspector general to provide documents identifying the initial number. The lapse made it impossible for the agency to determine its baseline of privileged users from which reductions would be made.

The report said the NSA then “arbitrarily removed” privileged access from users, who were told to reapply for the authorization. While this enabled the agency to determine how many personnel were granted special access, the NSA still had no way of measuring how many privileged users had lost the clearance.

The inspector general said the NSA should have used this new baseline as a “starting point” to reduce privileged users instead of using the number to declare a reduction in those personnel.

In the case of data transfer agents, the NSA’s “manually kept list” tracking the number of officials authorized to use removable devices, such as thumb drives, to transfer data to and from the agency’s servers was “corrupted” in the months leading up to the Snowden leaks, the report said.

Without a baseline to measure potential reductions, the NSA then mandated data transfer agents to reapply for the authorization. Again, though this allowed the agency to determine how many personnel were given the authority, the NSA still had no way of gauging how many reductions were made, if any.

This isn’t the first government report that puts the NSA in a negative light over Snowden and access to sensitive files. In December, NationalSecurity.news reported that both the NSA and the Central Intelligence Agency. Citing a declassified congressional study, the report further noted that Snowden’s theft and disclosure of some 1.5 million documents most definitely harmed U.S. national security.

What all of this shows more than anything is that the intelligence community has grown so large and so autonomous that neither internal or external oversight (the latter via Congress) is sufficient enough to check and prevent the loss of huge amounts of highly sensitive data.

When you’re the nation’s foremost foreign intelligence agency and you have no idea how many people have access to your most sensitive information, that’s a big, fat red flag warning that data loss will happen again.

You know, like it did just recently with Reality Leigh Winner’s breach.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: