The National Security Agency’s new operations center on the Hawaiian island of Oahu sits on a high plateau between two volcanoes, 40 minutes from Waikiki Beach. The $358 million compound, which opened in 2012, supplements the electronics-stuffed underground bunker nearby that was the NSA’s first Hawaiian location. The facility is the primary U.S. outpost for spying on China and the rest of Asia—and was the workplace of ex-NSA contractor Edward Snowden.
Snowden, who leaked a PowerPoint deck on the NSA’s secret Prism spying program and a trove of other classified information that he stole from the agency, has depicted himself as a highly skilled mole who exposed the NSA’s deepest secrets to the world. News coverage of the leaks has helped promote this storyline. Yet current and former intelligence officials familiar with his role within the agency present a different picture—one of a 30-year-old outsider with a talent for self-promotion, whose junior position kept him at a distance from the NSA’s most sensitive spy operations. “I think he was overbilling by telling people he had access to the dark inner secrets,” says James Lewis, a fellow in cybersecurity at the Center for Strategic and International Studies. “He did what contractors do—he padded his résumé.”
Thanks to Snowden, Americans know that the NSA collects and stores millions of their phone records. He gets credit for reviving an important national argument—dormant since the initial public outrage over President George W. Bush’s warrantless wiretapping program—about civil liberties and the limits of government secrecy. Snowden also leaked documents about the involvement of Google (GOOG), Facebook (FB), and other big companies in giving the agency information about government targets, and he disclosed broad details about NSA spying on foreign nations. U.S. allies made an obligatory show of anger, yet there was nothing Snowden revealed that they didn’t already know, says a former senior official at the Department of Defense who, like other current and former intelligence employees cited in this article, asked not to be named talking about NSA operations. Allies and adversaries are well aware the U.S. bugs their offices and hacks their computers, just as they spy on the U.S.
The agency and its representatives have every motive to downplay the extent of Snowden’s access and the damage he’s caused. Still, every intelligence official interviewed for this story insisted the documents Snowden leaked weren’t among those the NSA guarded most closely. Many were available to employees across the agency. NSA’s director, General Keith Alexander, told reporters on June 18 that Snowden got access to his biggest bombshell, about the phone records, while he was still in training. Other information he leaked could be found on classified internal Web forums where employees learn about the agency’s rules. A former U.S. intelligence employee who was once shown the Prism PowerPoint during a briefing described it as a beginner’s guide and said the NSA presenter who delivered it was the equivalent of a secretary. Looked at one way, the easy availability of this secret information makes the leaks more embarrassing. Yet it also indicates the agency didn’t believe the documents Snowden stole were critical enough to national security to limit who within the agency could see them. NSA spokeswoman Vaneé Vines declined to comment.
The NSA is roughly divided into two parts: one gathers intelligence by targeting the computers and communications of foreign entities; the other protects the NSA’s own computers and communications and those of the U.S. military. Snowden worked on the important but dull defensive side of the agency, according to a person familiar with his job. Alexander has indicated Snowden was an analyst at what’s known as the NSA Threat Operations Center, or NTOC, which helps to identify network vulnerabilities and thwart cyberattacks.
His position gave him room to roam widely through the NSA’s primary computer network, a classified equivalent of a corporation’s internal network. He also may have had details on how the NSA is structured, in order to better defend it. A former senior intelligence official explains that unlike the CIA, where even network administrators’ access to information is compartmentalized, the NSA gives information technology employees like Snowden freedom to access hundreds, even thousands, of NSA computers and trusts them not to abuse it. The former intelligence official says investigators retracing Snowden’s steps were surprised to find how broadly he snooped and how much he was able to take.
Yet his job left him outside the far more secure rooms and computers used by NSA hackers infiltrating foreign governments and the dozens of teams who build, test, and use the tools of espionage. Even in an agency where everyone has a security clearance, most employees are walled off from these operations. The former intelligence official explains that the highest-value secrets sit in computers that have an “air gap” around them: A person must physically be in the room to access what’s on them. Other data require encryption keys to access. “It’s like knowing where the rooms are but not what’s inside,” says Lewis.
Career NSA employees, many of them ex-military, regard contractors like Snowden as outsiders and not members of the club, says a former NSA official. The most secretive of the NSA’s programs is Tailored Access Operations, or TAO, an elite group of 200 hackers who break into foreign computer networks. They train for two years to qualify for the program, and their work generates some of the U.S. government’s most valuable intelligence. Contractors don’t get those jobs, current and former intelligence officials say.
Snowden has hinted he has more damaging information in his possession that he hasn’t released. His leaks gave foreign governments an idea of the breadth of the NSA’s data sweeps but didn’t reveal which networks it has tapped. TAO’s activities were apparently among Snowden’s targets. He told the Guardian that he took the job in Hawaii so he could gain access to lists of computers the agency had hacked. There’s no indication he got near that information. A person familiar with the TAO unit in Hawaii says no one within the tight-knit group of hackers had met or even heard of Snowden—until they saw his face on the news.