NSA Networks Might Have Been Missing Anti-Leak Technology

[InfoSec News <alerts () infosecnews org>]

http://www.nextgov.com/cybersecurity/2013/06/nsa-networks-might-have-been-missing-anti-leak-technology/65708/

By Aliya Sternstein
Nextgov.com
June 27, 2013

This story has been updated with a statement from NSA.

A National Security Agency information security official who left the agency in 
the summer of 2012, said that at that time, there was no anti-leak technology 
on networks to help prevent the disclosure of sensitive information. Such 
technology alerts managers to anomalies in how insiders are accessing protected 
data.

This spring, Edward Snowden, a former NSA contractor, could have taken 
advantage of such a loophole. He allegedly downloaded onto a thumb drive top 
secret files detailing the agency's controversial surveillance of millions of 
Americans' call records and foreigners' online communications. Snowden, since 
being fired from his job as a system administrator for NSA contractor Booz 
Allen Hamilton, is reportedly in Moscow seeking asylum in South America while 
U.S. officials seek his extradition on charges of espionage.

Defense Department officials have said a Host Based Security System, which, 
among other things, monitors removable data devices such as CDs and thumb 
drives, was activated departmentwide to track unauthorized network activities. 
NSA is a Defense agency.

"When I left, HBSS was not installed at NSA," the former cybersecurity official 
said, adding the agency doesn’t always follow Pentagon advice.

[...]

--
Visit the new and improved InfoSec News website
http://www.infosecnews.org/