Snowden Pulled Off NSA Document Heist—Using Oldest Trick in the Book?
November 8th, 2013Via: Reuters:
Former U.S. National Security Agency contractor Edward Snowden used login credentials and passwords provided unwittingly by colleagues at a spy base in Hawaii to access some of the classified material he leaked to the media, sources said.
A handful of agency employees who gave their login details to Snowden were identified, questioned and removed from their assignments, said a source close to several U.S. government investigations into the damage caused by the leaks.
Snowden may have persuaded between 20 and 25 fellow workers at the NSA regional operations center in Hawaii to give him their logins and passwords by telling them they were needed for him to do his job as a computer systems administrator, a second source said.
The revelation is the latest to indicate that inadequate security measures at the NSA played a significant role in the worst breach of classified data in the super-secret eavesdropping agency’s 61-year history.
Reuters reported last month that the NSA failed to install the most up-to-date, anti-leak software at the Hawaii site before Snowden went to work there and downloaded highly classified documents belonging to the agency and its British counterpart, Government Communication Headquarters.
Related: Social Engineering (as the term relates to computer security)
