http://www.nextgov.com/cybersecurity/2013/06/nsa-networks-might-have-been-missing-anti-leak-technology/65708/
By Aliya Sternstein
Nextgov.com
June 27, 2013
This story has been updated with a statement from NSA.
A National Security Agency information security official who left the agency in
the summer of 2012, said that at that time, there was no anti-leak technology
on networks to help prevent the disclosure of sensitive information. Such
technology alerts managers to anomalies in how insiders are accessing protected
data.
This spring, Edward Snowden, a former NSA contractor, could have taken
advantage of such a loophole. He allegedly downloaded onto a thumb drive top
secret files detailing the agency's controversial surveillance of millions of
Americans' call records and foreigners' online communications. Snowden, since
being fired from his job as a system administrator for NSA contractor Booz
Allen Hamilton, is reportedly in Moscow seeking asylum in South America while
U.S. officials seek his extradition on charges of espionage.
Defense Department officials have said a Host Based Security System, which,
among other things, monitors removable data devices such as CDs and thumb
drives, was activated departmentwide to track unauthorized network activities.
NSA is a Defense agency.
"When I left, HBSS was not installed at NSA," the former cybersecurity official
said, adding the agency doesn’t always follow Pentagon advice.
[...]
--
Visit the new and improved InfoSec News website
http://www.infosecnews.org/
