Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

Snowden Used Password From NSA Co-worker: Report

WASHINGTON – A civilian employee at the National Security Agency has been disciplined after admitting he gave intelligence leaker Edward Snowden his personal encryption details, NBC News reported Thursday.

WASHINGTON – A civilian employee at the National Security Agency has been disciplined after admitting he gave intelligence leaker Edward Snowden his personal encryption details, NBC News reported Thursday.

The employee was among three workers at the NSA who have been sanctioned after being “implicated” in the unprecedented security breach that allowed Snowden to leak a trove of classified documents, according to a memo to lawmakers cited by NBC.

The civilian employee told FBI agents that he provided Snowden with his personal encryption information but was “not aware” the IT contractor planned to divulge secret files to the media, according the the NSA memorandum.

The civilian, who was not named, has been stripped of his security clearance and recently resigned, it said.

The spy agency memo says that the civilian employee shared with Snowden his “public key infrastructure certificate” details, part of an elaborate security system designed to safeguard intelligence computer networks.

In addition, Snowden then asked the civilian to type in his password on his computer terminal, the memo said.

“Unbeknownst to the civilian, Mr. Snowden was able to capture the password, allowing him even greater access to classified information,” the memo states.

The account suggests Snowden employed a degree of deception to get his hands on sensitive information, an allegation raised in previous media reports.

But in a public Google chat in January, Snowden denied media reports that he stole or deceived fellow employees to get their log-in information.

“I never stole any passwords, nor did I trick an army of co-workers,” Snowden said.

In addition to the civilian worker, an active duty member of the military and a contractor were banned from NSA buildings in August as they are tied to actions that may have helped Snowden carry out his bombshell leaks, according to the memorandum.

“Further accountability will be determined by their individual employer, not NSA,” the memo said, without providing further details.

The February 10 letter to the House Judiciary and Intelligence committees was described as an “update” on an internal investigation into who was responsible for the massive security breach that permitted Snowden to expose the NSA’s far-reaching electronic spying.

Some lawmakers have sharply criticized the spy agency over its handling of the security breach and demanded to know why no senior figure has been sacked or held accountable over the Snowden affair.

When contacted by AFP, the NSA declined to comment on the memorandum. 

Written By

AFP 2023

Click to comment

Expert Insights

Related Content

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Cybersecurity Funding

Forward Networks, a company that provides network security and reliability solutions, has raised $50 million from several investors.

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Network Security

Cisco patched a high-severity SQL injection vulnerability in Unified Communications Manager (CM) and Unified Communications Manager Session Management Edition (CM SME).

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Network Security

Vulnerabilities identified in TP-Link and NetComm router models could be exploited to achieve remote code execution (RCE).