http://investigations.nbcnews.com/_news/2013/08/26/20197183-how-snowden-did-it
By Richard Esposito and Matthew Cole
NBC News
August 26, 2013
When Edward Snowden stole the crown jewels of the National Security
Agency, he didn't need to use any sophisticated devices or software or go
around any computer firewall.
All he needed, said multiple intelligence community sources, was a few
thumb drives and the willingness to exploit a gaping hole in an antiquated
security system to rummage at will through the NSA's servers and take
20,000 documents without leaving a trace.
"It's 2013 and the NSA is stuck in 2003 technology," said an intelligence
official.
Jason Healey, a former cyber-security official in the Bush Administration,
said the Defense Department and the NSA have "frittered away years" trying
to catch up to the security technology and practices used in private
industry. "The DoD and especially NSA are known for awesome cyber
security, but this seems somewhat misplaced," said Healey, now a cyber
expert at the Atlantic Council. "They are great at some sophisticated
tasks but oddly bad at many of the simplest."
As a Honolulu-based employee of Booz Allen Hamilton doing contract work
for the NSA, Snowden had access to the NSA servers via "thin client"
computer. The outdated set-up meant that he had direct access to the NSA
servers at headquarters in Ft. Meade, Md., 5,000 miles away.
[...]
--
Find the best InfoSec talent without breaking your
recruiting budget! Post a Job, $99 for 31 days.
Hot InfoSec Jobs - http://www.hotinfosecjobs.com/
