Edward Snowden

Russians and Chinese Got Snowden Documents the Old-Fashioned Way

By hacking the NSA computers. So says security analyst Bruce Schneier.

|

CrptographyBroken
zdnet

British surveillance functionaries placed a story over the weekend in the Sunday Times (London) claiming that the Russians and Chinese had gotten hold of the documents that Edward Snowden sneaked out of the NSA computers and had broken their encryption. As my colleague Scott Shackford points out the Sunday Times offered nothing more than the assertions of unnamed British spy agency sources as evidence. He noted that one of the Sunday Times' reporters actually admitted on CNN: "We just publish what we believe to be the position of the British government at the moment."

Over at Wired, cryptographer and Harvard Berkman Center fellow Bruce Schneier also dismisses the claims against Snowden made by British intelligence service disinformation specialists published in the Sunday Times. On the other hand, he does think that Russian and Chinese spies have in fact obtained most of the documents taken by Snowden, but not from Snowden. First, try as they might, journalists to whom Snowden delivered the documents will have great difficulty in preventing digital infiltration by national intelligence services.

Secondly, Russian and Chinese hackers (at the behest of their governments) have had great success in penetrating U.S. government networks. Consequently, they are very likely to have taken many of the Snowden documents directly from the NSA's own servers. Schneier explains:

I believe that both China and Russia had access to all the files that Snowden took well before Snowden took them because they've penetrated the NSA networks where those files reside. After all, the NSA has been a prime target for decades…

In general, it's far easier to attack a network than it is to defend the same network. This isn't a statement about willpower or budget; it's how computer and network security work today. A former NSA deputy director recently said that if we were to score cyber the way we score soccer, the tally would be 462–456 twenty minutes into the game. In other words, it's all offense and no defense.

In this kind of environment, we simply have to assume that even our classified networks have been penetrated. Remember that Snowden was able to wander through the NSA's networks with impunity, and that the agency had so few controls in place that the only way they can guess what has been taken is to extrapolate based on what has been published. Does anyone believe that Snowden was the first to take advantage of that lax security? I don't.

This is why I find allegations that Snowden was working for the Russians or the Chinese simply laughable. What makes you think those countries waited for Snowden? And why do you think someone working for the Russians or the Chinese would go public with their haul?

So Snowden becomes a cover-your-ass excuse for the failures of surveillance state fuctionaries.

Hat tip Richard Rohde.