Edward Snowden could have been thwarted from leaking classified U.S. documents if the National Security Agency encrypted the information to make it unreadable, two former senior cybersecurity officials said.
Snowden would have needed a digital key to decipher the secrets after gaining access to them if the data was scrambled, Ira “Gus” Hunt, former chief technology officer for the Central Intelligence Agency, and Howard Schmidt, a former U.S. cybersecurity coordinator, said in interviews yesterday at a conference in San Francisco.
Snowden, a systems administrator working for NSA contractor Booz Allen Hamilton Holding Corp., probably would have been exposed if he’d tried to get decryption keys, they said.
“We have to get to the point where the data itself, independent from the systems, is appropriately protected everywhere all the time,” said Hunt, who left the CIA in October and is on the advisory board at eSentire Inc., a Cambridge, Ontario-based security software company.
“My goal would be that all data is encrypted everywhere all the time. The only way data can move in the system, at rest or in transit, is in an encrypted form.”
The documents Snowden obtained and leaked to the Washington Post and the U.K.’s Guardian newspaper exposed secret NSA programs, including the collection of billions of bulk phone records from Verizon Communications Inc. and other carriers and the hacking of fiber-optic cables abroad to steal e-mail and Internet data from Google Inc. and Yahoo! Inc. U.S. prosecutors last year filed theft and espionage charges against Snowden, who has since been living in Russia under temporary asylum.
Google, Yahoo and Facebook Inc., among other companies, have since strengthened encryption on data flowing through their networks and made their digital keys more complex. Encryption uses a mathematical code to scramble data.
Vanee Vines, an NSA spokeswoman, declined to comment. Outgoing NSA Director Keith Alexander, in testimony yesterday to the U.S. Senate’s armed services committee, said the agency has made 40 changes in its systems, developed better insider-threat detection capability and conducted more random security checks.
A NSA civilian employee allowed Snowden to use his encrypted digital certificate to access classified information, according to a Feb. 10 letter the NSA sent to the House Judiciary Committee. The employee resigned, according to the letter.
Snowden encrypted the data after he stole it. The documents he exposed revealed the NSA has tried to weaken common encryption standards and is developing a computer capable of breaking encrypted data.
“When I hear about a data breach, whether it’s the government or private sector, one of the first questions I’ve asked for years is was the data encrypted,” said Schmidt, who served as President Barack Obama’s top cybersecurity adviser from 2009 to 2012.
“If we can’t stop them from getting on our networks and stealing the information, we should be in a position where they can’t do anything with it,” he said.
Using encryption also could have prevented Army private Bradley Manning from downloading and stealing classified documents from computers in Iraq in 2010, Schmidt and Hunt said. Manning, who gave documents to the online nonprofit WikiLeaks, is serving a 35-year prison sentence.
One challenge in using encryption is not making it difficult for employees to do their jobs, said Martin Roesch, founder of Sourcefire Inc., based in Columbia, Maryland. Sourcefire, whose intrusion-detection technology is used by most Fortune 100 companies as well as government agencies, was acquired by Cisco Systems Inc. in October in a deal valued at about $2.2 billion.
“Complexity is the enemy of security,” Roesch said in an interview at the conference. “Whenever you do security you’re making a balanced trade-off between usability and capability. It’s a delicate balance to strike.”
Agencies were encouraged to make it easier to share information with each other after the Sept. 11, 2001, terrorist attacks, Schmidt said. Snowden’s ability to walk away with NSA secrets has caused agencies to reconsider their approach to information sharing and lock down data, he said.
Guarding encryption keys must be a top priority for the NSA and other intelligence agencies, Hunt said. Agencies must define employees’ roles and what kind of data they can access, he said.
Systems administrators don’t need access to unencrypted data for most of their responsibilities, Hunt said. If they occasionally need access to unencrypted data, agencies should have a system to provide access for a set length of time and monitor how the data is used, Hunt said.
“A trusted insider by their very definition has access and they can abuse it,” he said. “That’s probably the single most difficult thing to defend and protect against that anybody’s going to face.”