Spy Chief Says Snowden Took Advantage of 'Perfect Storm' of Security Lapses

[InfoSec News <alerts () infosecnews org>]

http://www.nytimes.com/2014/02/12/us/politics/spy-chief-says-snowden-took-advantage-of-perfect-storm-of-security-lapses.html

By DAVID E. SANGER and ERIC SCHMITT
The New York Times
FEB. 11, 2014

WASHINGTON -- The director of national intelligence acknowledged Tuesday 
that nearly a year after the contractor Edward J. Snowden "scraped" highly 
classified documents from the National Security Agency’s networks, the 
technology was not yet fully in place to prevent another insider from 
stealing top-secret data on a similarly large scale.

The director, James R. Clapper Jr., testifying before the Senate Armed 
Services Committee, said Mr. Snowden had taken advantage of a “perfect 
storm” of security lapses. He also suggested that as a highly trained 
systems administrator working for Booz Allen Hamilton, which provides 
computer services to the agency, Mr. Snowden knew how to evade the 
protections in place.

"He knew exactly what he was doing," Mr. Clapper said. "And he was pretty 
skilled at staying below the radar, so what he was doing wasn’t visible."

But Mr. Clapper confirmed the outlines of a New York Times report that the 
former N.S.A. contractor had used a web crawler, a commonly available 
piece of software, to sweep up a huge trove of documents.

Mr. Clapper also said, for the first time, that some of the information 
Mr. Snowden is believed to possess could expose the identities of 
undercover American operatives as well as foreigners who have been 
recruited by United States spy agencies. The information Mr. Snowden has 
released so far through several newspapers and a new digital news 
organization that began publishing on Monday has not revealed the names of 
agents or operatives, and it is unclear how much of that information he 
took with him when he fled the United States. He is now in Russia.

[...]

--
Subscribe to InfoSec News
http://www.infosecnews.org/subscribe-to-infosec-news/