The Complex

NSA is Locking Server Room Doors to Prevent Another Snowden Affair

ASPEN, CO. -- NSA chief Gen. Keith Alexander today said that his agency is piloting the Defense Department's security reforms aimed at preventing systems administrators from stealing large volumes of classified data. What's that involve? In addition to requiring systems administrators to operate in pairs when accessing highly classified information, NSA will limit the number of people who can download classified data onto removable disc drives and will lock server rooms.

"Instead of allowing all systems administrators [to write data to thumb drives], drop it down to a few and use a two person rule," said Alexander during a talk at the Aspen Security Forum in Colorado this evening. "We'll close and lock server rooms so it takes two people to get in there."

"Since this happened in our place, on our watch, we're piloting that for DOD and for the IC [Intelligence Community], we will fix this on our stuff and we have a responsibility to do that," said Alexander.

The Army four-star general was expanding on Deputy Defense Secretary Ashton Carter's comments earlier today about the security measures DOD is putting in place in the wake of NSA leaker Edward Snowden's disclosure of secret U.S. electronic intelligence efforts.

Still, Alexander the Snowden affair can't be allowed to put a freeze on the rapid sharing of actionable intelligence between intelligence agencies that has emerged in the post 9/11 era.

"We also have to ensure that we make sure that people who need information to do their job have access to information," said Alexander. "We've got to figure out how to balance this."

Doing this means NSA and other DOD agencies will need to look at limiting systems administrators' access to classified information while ensuring that analysts have rapid access to the intelligence they need, according to Alexander.

"After 9/11 we had this need to share, I think there's goodness in sharing, we've got to make sure we do it right," said Alexander.

Earlier today, Carter said that part of the reason that Snowden was successful was that too many people had access to top secret information, alluding to the culture of information sharing that has cropped up in the Intelligence Community since 9/11.

Alexander is also open to allowing tech companies to reveal the number of requests by the government to access their customer information for intelligence and law enforcement investigations.

"I think there's some logic in doing that," said Alexander. "The FBI and we are trying to figure out how to do that without hurting any of the ongoing investigations."

Alexander also said that he has seen adversaries of the U.S. changing tactics to evade NSA's intelligence-gathering techinques that were revealed by Snowden.

His comments come the same day that a number of tech companies including Google, Apple and Facebook wrote a letter to the White House asking to release more information about the number of times law enforcement or intelligence agencies ask for customer information.



National Security

Snowden's Revenge: Pentagon May Stop Sharing Info To Block The Leaks

ASPEN, CO. — The Defense Department has begun requiring its geeks to operate in pairs when accessing highly classified information in order to stop the next massive leak. The next step might be restricting those systems administrators from seeing some sensitive data. The step after that? Possibly rolling back at least some of the military and intelligence community's measures to swap information -- a reversal of one of the national security state's key reforms after 9/11.

The damage control procedures are being put in place anywhere in DOD where there are "systems administrators with elevated access" to highly classified intelligence, Deputy Defense Secretary Ashton Carter said Thursday. These two-person rules along with procedures calling for increased compartmentalization of sensitive intelligence will be put in place at the "huge repositories where we have all this stuff," added Carter, referring to massive amounts of classified intelligence materials being stored on DOD servers.

Carter described NSA leaker Edward Snowden's theft of top secret documents as a failure of what he called DOD's primary mission in cyberspace: defending its own networks from cyber threats.

"Job one for us has to be defending our own networks and this is a failure to defend our networks," said the Pentagon's number two official during a speech at the Aspen Security Forum in Colorado this morning.  The NSA failed to protect itself from "an insider, and everybody who has networks knows that the insider threat is an enormous one."

The DOD is now working to restrict access to highly classified information to only people who work on programs involving that information as well as requiring a buddy system for anyone accessing extremely sensitive information on DOD networks.

Carter compared this to efforts taken to keep U.S. nuclear weapons safe from sabotage or theft.

"Nobody ever touches a nuclear weapon all by him or herself, there are always two people rated in the same specialty so that everybody can see and understand exactly what is being done with that weapon," said Carter.

With Snowden, "we had a case where a single person at one installation in the Intelligence Community could have access to, and moreover, move that much information -- both of those pieces are mistaken and have to be corrected," said Carter.

Carter put the blame for Snowden's access to highly classified NSA intelligence programs partially on the intelligence community's push to share intelligence between teams and agencies in the fight against terrorism. That failure to "connect the dots" on the 9/11 plot was largely blamed on these agencies' reluctance to swap sensitive data.

"In an effort for those in the intelligence community to be able to share information with one another there was an enormous amount of information concentrated in one place," said Carter. "That's a mistake."

This information Snowden accessed wasn't compartmentalized enough, according to Carter. Data on classified projects was accessible to people who weren't working on those efforts. Traditionally, intelligence agencies restricted access to highly classified information, even within their own organization, to only those who needed to know about it.

"We normally compartmentalize information for [a] very good reason; so that one person can't compromise a lot," he added, noting that the risks posed by parking enormous amounts of intelligence in one place didn't come as a "surprise."

The other key enabler for Snowden was that "you had an individual who had very substantial authority to access that information and move that information; that oughtn't be the case, either," said Carter. "We're acting to reverse both of those things. It's quite clear that those are the two root causes."