NSA Prism Relies Heavily On IT Contractors

  /     /     /  
Publicated : 22/11/2024   Category : security


NSA Prism Relies Heavily On IT Contractors


NSA whistleblower Snowden likely enjoyed access to Prism program details as a contracted NSA IT administrator. Systems administrators remain an important link in your security chain.



How did a Booz Allen contractor get his hands on top secret details about National Security Agency (NSA) intelligence operations?
Edward J. Snowden, 29,
leaked confidential information
to Britains
Guardian
about the so-called NSA Prism program that conducts surveillance of online communications to and from foreigners, and leaked data to
The Washington Post
about the NSAs access to U.S. phone call metadata. According to Glenn Greenwald, a Brazil-based American who reports on civil liberties issues for the
Guardian
, Snowden has provided him with thousands of documents, of which dozens are newsworthy.
The leaks have highlighted how the NSA relies on an army on consultants to help it sift through the
massive quantities of data
it collects. According to information released this year by the Office of the Director of National Intelligence, 1.2 million Americans hold top-secret clearances, and 38% of those clearances are held by private contractors.
As that suggests, a substantial amount of U.S. intelligence work is now handled by private contractors. Naval War College professor John Schindler, a former NSA counterintelligence officer, said that the-post Sept. 11 launch of massive data-gathering operations -- for counterterrorism purposes -- required a commensurate increase in the number of people tasked with keeping those classified-data systems running.
[ Learn what Prism shows about cloud security. Read
NSA Dragnet Debacle: What It Means To IT
. ]
Its hard to think of a single thing the intelligence community can do on its own anymore without a contractor being involved in some way, from the most mundane of data crunching to the pointy end of the black ops side, Peter Singer, director of the Center for 21st Century Security and Intelligence at the Brookings Institution, told
The Wall Street Journal
.
But how did Snowden access the confidential information in the first place, which includes a top secret Foreign Intelligence Surveillance Court order? A former senior NSA official told the
Post
that only 30 or 40 people in the world would have had access to that data.
Government investigators are working with the NSA and others around the intelligence community to understand exactly what information this individual had access to, and how that individual was able to take that information outside the community, a senior U.S. intelligence official told the
Post
.
The NSA would have determined which specific systems Snowden would have been able to access, according to contractors interviewed by the
Journal
.
Given Snowdens biography and job description -- serving as an infrastructure analyst employed by Booz Allen, but working at an NSA satellite office in Hawaii -- many security experts believe that he didnt just have top secret clearance, but served as an information security or IT administrator tasked with keeping confidential systems running.
That might explain Snowdens
remarks to the
Guardian
that he had full access to the rosters of everyone working at the NSA, the entire intelligence community and undercover assets all around the world, the locations of every station we have, what their missions are and so forth.
A former senior official at the NSA told the
Post
, however, that Snowdens access claims are overblown. When he said he had access to every CIA station around the world, hes lying, he said.
Then again, someone had to be maintaining the computer networks and related systems for those stations; what if it was Snowden?
The data leak situation further suggests that NSA officials might not have known the extent to which either private contractors or IT administrators were privy to highly confidential information.
Of course, no system is 100% secure, because a
rogue or malicious insider
can always decide to leak stored data. To put that another way, the security of any IT system -- no matter how clandestine -- hinges on
trusting ones system administrator
.
They can be a critical security gap because they see everything, Naval War College professor Schindler
told the
Times
. Theyre like code clerks were in the 20th century. If a smart systems administrator went rogue, youd be in trouble.

Last News

▸ Travel agency fined £150,000 for breaking Data Protection Act. ◂
Discovered: 23/12/2024
Category: security

▸ 7 arrested, 3 more charged in StubHub cyber fraud ring. ◂
Discovered: 23/12/2024
Category: security

▸ Nigerian scammers now turning into mediocre malware pushers. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
NSA Prism Relies Heavily On IT Contractors