Archive for the ‘NSA’ Category

NSA Can Access More Phone Data Than Ever – ABC News

One of the reforms designed to rein in the surveillance authorities of the National Security Agency has perhaps inadvertently solved a technical problem for the spy outfit and granted it potential access to much more data than before, a former top official told ABC News.

Before the signing of the USA Freedom Act in June 2015, one of the NSA's most controversial programs was the mass collection of telephonic metadata from millions of Americans the information about calls, including the telephone numbers involved, the time and the duration but not the calls' content under a broad interpretation of the Patriot Act's Section 215. From this large "haystack," as officials have called it, NSA analysts could get approval to run queries on specific numbers purportedly linked to international terrorism investigations.

The problem for the NSA was that the haystack was only about 30 percent as big as it should've been; the NSA database was missing a lot of data. As The Washington Post reported in 2014, the agency was not getting information from all wireless carriers and it also couldn't handle the deluge of data that was coming in.

On the technical side, Chris Inglis, who served as the NSA's deputy director until January 2014, recently told ABC News that when major telecommunications companies previously handed over customer records, the NSA "just didn't ingest all of it."

"[NSA officials] were trying to make sure they were doing it exactly right," he said, meaning making sure that the data was being pulled in according to existing privacy policies. The metadata also came in various forms from the different companies, so the NSA had to reformat much of it before loading it into a searchable database.

Both hurdles meant that the NSA couldn't keep up, and of all the metadata the agency wanted to be available for specific searches internally, only about a third of it actually was.

But then the USA Freedom Act was signed into law, and now Inglis said, all that is "somebody else's problem."

The USA Freedom Act ended the NSA's bulk collection of metadata but charged the telecommunications companies with keeping the data on hand. The NSA and other U.S. government agencies now must request information about specific phone numbers or other identifying elements from the telecommunications companies after going through the Foreign Intelligence Surveillance Act (FISA) court and arguing that there is a "reasonable, articulable suspicion" that the number is associated with international terrorism.

As a result, the NSA no longer has to worry about keeping up its own database and, according to Inglis, the percentage of available records has shot up from 30 percent to virtually 100. Rather than one internal, incomplete database, the NSA can now query any of several complete ones.

The new system "guarantees that the NSA can have access to all of it," Inglis said.

NSA general counsel Glenn Gerstell made a brief reference to the increased capacity in a post for the Lawfare blog in January after terrorist attacks at home and abroad.

"Largely overlooked in the debate that has ensued in the wake of recent attacks is the fact that under the new arrangement, our national security professionals will have access to a greater volume of call records subject to query in a way that is consistent with our regard for civil liberties," he wrote.

Mark Rumold, a senior staff attorney at the Electronic Frontier Foundation, told ABC News he doesn't have much of a problem with the NSA's wider access to telephone data, since now the agency has to go through a "legitimate" system with "procedural protections" before jumping into the databases.

"Their ability to obtain records has broadened, but by all accounts, they're collecting a far narrower pool of data than they were initially," he said, referring to returns on specific searches. "They can use a type of legal process with a broader spectrum of providers than earlier. To me, that isn't like a strike against it. That's almost something in favor of it, because we've gone through this public process, we've had this debate, and this is where we settled on the scope of the authority we were going to give them."

Rumold said he's still concerned about the NSA's ability to get information on phone numbers linked to a number in question up to two "hops" away but he said the USA Freedom Act "remains a step in the right direction."

The trade-off of the new system, according to Inglis, is in the efficiency of the searches. Whereas in the past the NSA could instantaneously run approved searches of its database, now the agency must approach each telecommunications company to ask about a number and then wait for a response.

In his January post Gerstell acknowledged concerns that the new approach could be "too cumbersome to be effective" and said the NSA will report to Congress on how the arrangement is working. A representative for the NSA declined to tell ABC News if any problems have been encountered so far, and Rumold noted there has been no public evidence of any issues.

Inglis said he isn't terribly concerned if the searches are a little slower. It's a small price to pay, he said, for what he called an "additional safeguard" that could increase the public's confidence in what the NSA is and how it operates.

Go here to see the original:
NSA Can Access More Phone Data Than Ever - ABC News

NSA Leak Mystery Not Solved With Arrest of Hal Martin – NBC News

The National Security Agency (NSA) headquarters in Fort Meade, Maryland. Handout / Getty Images

Nearly all NSA hacking tools are on the internet, the official said, if you know where to look. "We hide in the noise," he said. The theory, he added, is that a government hacker left his tools in a place where others could find them -- for example, on a non-NSA server.

The current and former officials say the leaks in question include a suite of NSA hacking tools put up for sale in August by a group identifying itself as the Shadow Brokers. Snowden himself tweeted in August that Russia may have had a hand in that disclosure.

The investigation into the leaks led the FBI to Martin, who had been taking home classified documents for many years, officials say. His motives have not been established.

Whether or not he distributed the material he allegedly took, the Martin case raises enormous questions--and is provoking internal soul searching--about security at the nation's digital spy agency, current and former officials say.

The former senior official told NBC News there were debates at NSA over the years about how far to go in monitoring employees and contractors, and the decision often went in the direction of respecting the privacy of employees.

For example, the former official said, officials opted not to track every time an employee entered and left the building to determine whereabouts.

"You can't have too much Big Brother," a current intelligence official said, without noting the irony that he was speaking about an agency criticized for snooping on innocent Americans.

In hindsight, the former official said, the NSA should have done more on security and counterintelligence. At the same time, the current official said, there is broad recognition that the likelihood of leaks and unauthorized disclosures has risen significantly in a world where trust in institutions is plummeting.

Many new security procedures were implemented after the Snowden leaks, but those procedures somehow didn't immediately snare Martin. One official cautioned, however, that he may have taken most of the classified material home before the Snowden affair.

Not every keystroke by every NSA employee is monitored, officials said, and nor is every person searched every day when leaving the facility. Thumb drives and other portable devices are largely prohibited but there are many exceptions for many reasons. Employees who are deployed can take classified laptops with them.

View original post here:
NSA Leak Mystery Not Solved With Arrest of Hal Martin - NBC News

NSA Contractor Who Allegedly Stole Top Secret Info ‘More …

The National Security Agency contractor who federal authorities say took top secret information from the NSA is being described as "more weirdo than whistleblower," senior officials told ABC News.

Harold Martin, 51, was arrested in late August in what neighbors described as a dramatic FBI raid, but it was not until Wednesday that his curious case was revealed in a criminal complaint. In court documents, the FBI says Martin took home physical documents and information stored on digital devices, some of which was sensitive compartmented information (SCI), the highest level of classification.

It was information that the FBI said, if made public, would "reasonably be expected to to cause exceptionally grave damage to the national security of the United States." In all, the Department of Justice said investigators seized "thousands of pages of documents and dozens of computer or other digital storage devices and media" that held "many terabytes of information."

Although Martin worked at Booz Allen Hamilton, the same contractor for whom Edward Snowden worked, and was apparently able to slip through the NSA's security with highly sensitive information, as Snowden did in 2013, officials said overnight that that appears to be where the similarities between the two end.

It is unclear why Martin, a Navy veteran, allegedly removed so much sensitive information from his workplace and allegedly stored it in his home, nearby woodsheds or his vehicle, but he has not been charged with espionage indicating to some former officials that this case may not be as serious as Snowden's. The Department of Justice said Tuesday that if convicted, Martin could face up to 11 years in prison one year for unauthorized removal of classified material and 10 years for theft of government property. Snowden, however, could face a far harsher prison sentence, should he return to the U.S. from Moscow; the U.S. government has said the death penalty will not be sought.

"It's not a repeat of Snowden, but it is another insider," Chris Inglis, a former NSA deputy director, told ABC News Wednesday. "It could be quite harmful, but [so far] it's not as malicious or nefarious."

Jim Wyda, a public defender assigned to Martin, said there is "no evidence Hal Martin intended to betray his country."

"What we do know is that Hal Martin loves his family and his country. He served our nation honorably in the United States Navy, and he has devoted his entire career to serving and protecting America. We look forward to defending Hal Martin in court," Wyda said.

Regardless of Martin's intentions, the incident is another embarrassment for the NSA, coming three years after Snowden made off with a cache of data that exposed dozens of NSA surveillance programs. It is unclear whether Martin purportedly absconded with his data before or after post-Snowden security reforms were put in place.

"When you download this kind of top secret information off the NSA network into your own computer or into a thumb drive, alarms should go off. Apparently they didn't," said former White House cybersecurity adviser and current ABC News consultant Richard Clarke.

Martin's former employer, Booz Allen, released a statement Wednesday saying the company fired one of its employees, without identifying Martin, after learning of his arrest and that the firm continues to work with law enforcement.

The federal complaint complaint says Martin was interviewed by federal agents in late August and, when "confronted with specific documents, admitted he took documents and digital files from his work assignment to his residence and vehicle that he knew were classified." He allegedly said he knew what he had done was wrong.

Go here to see the original:
NSA Contractor Who Allegedly Stole Top Secret Info 'More ...

NSA Contractor Harold Martin Busted in Alleged Theft of …

The National Security Agency (NSA) headquarters in Fort Meade, Maryland. Handout / Getty Images

A federal criminal complaint unsealed Wednesday said a search of Martin's home and car turned up a trove of documents and digital files a "large percentage" of them with highly classified information, some labeled Top Secret of Sensitive Compartmented Information.

"We take that type of conduct very seriously," Assistant Attorney General John Carlin said at the CNBC Cambridge Cyber Summit, declining to discuss any motive for the theft.

"When you are a government employee you swear an oath to protect the information, knowing the damage revealing sources and methods can do to our ability to protect ourselves against foreign threats."

The criminal complaint said that among the classified material found in Martin's home and car, six documents were obtained from sensitive intelligence and appear to date to 2014 six months after the NSA was rocked by Snowden's leaks.

"These documents were produced through sensitive government sources, methods and capabilities, which are critical to a wide variety of national security issues," the complaint said. "The disclosure of the documents would reveal those sensitive sources, methods and capabilities."

Martin submitted to an interview after the materials were seized at first denying he took the documents and files and later admitting it when confronted with specific documents, the complaint said.

"Martin states that he knew what he had done was wrong and that he should not have done it because he knew it was unauthorized," the complaint said.

Martin's attorneys, Jim Wyda and Deborah Boardman, said in a statement that there is no evidence their client is a traitor.

"What we do know is that Hal Martin loves his family and his country. He served his nation honorably in the U.S. Navy as a lieutenant and he has devoted his entire career to protecting his country," they said.

A neighbor of Martin said he was shocked when teams of law-enforcement officials in camouflage and wielding rifles descended on the working-class Baltimore suburb in August and hauled away garbage bags full of material.

"I thought World War III had started," the neighbor, Murray Bennett, said.

He said Martin, who is divorced, had lived next door for more than a decade. He drove an old Chevy and "was a decent sort or seemed like it."

"We would pass out Halloween candy together," Bennett said. "Now Halloween is coming out and I guess I won't have anyone to hand out candy with."

The U.S. Navy confirmed that Martin served from 1987 to 2000, achieving the rank of lieutenant. Booz Allen did not say how long Martin had worked there but said he was fired after the arrest and that it is cooperating with authorities.

Martin was arrested for Driving Under the Influence in Maryland in 2006. He was put on probation and ordered to pay a fine.

He and his wife divorced in 2010, according to court records. She now lives out of state.

The complaint did not spell out how investigators came to suspect Martin. After the Snowden affair, the NSA installed a host of new tools designed to monitor employee behavior on its networks, but it's unclear if those played a role in this case.

At the Cyber Summit, Carlin declined to say how long investigators believe the theft had been going on.

"I don't think we can ever be satisfied with [our security measures]," he said. "We need to learn from each experience about how we can best protect [our systems]."

One former senior U.S. cybersecurity officials said he had heard talk of an urgent investigation into the theft of NSA documents.

"We'd heard for weeks that there was another insider at the NSA, a Snowden-like character,'' said the former official, who spoke on the condition of anonymity because of his ongoing security contracting work.

"I don't think anyone has any idea yet how much damage has been done. They will do a complete evaluation of what he had access to," said the former official.

Original post:
NSA Contractor Harold Martin Busted in Alleged Theft of ...

Congressional report slams NSA leaker Edward Snowden

WASHINGTON A House intelligence committee report issued Thursday condemned Edward Snowden, saying the National Security Agency leaker is not a whistleblower and that the vast majority of the documents he stole were defense secrets that had nothing to do with privacy.

The Republican-led committee released a three-page unclassified summary of its two-year bipartisan examination of howSnowdenwas able to remove more than 1.5 million classified documents from secure NSA networks, what the documents contained and the damage their removal caused to U.S. national security.

Snowdenwas an NSA contract employee when he took the documents and leaked them to journalists who revealed massive domestic surveillance programs begun in the aftermath of the 9/11 attacks. The programs collected the telephone metadata records of millions of Americans and examined emails from overseas.Snowdenfled to Hong Kong, then Russia, to avoid prosecution and now wants a presidential pardon as a whistleblower.

Rep. Devin Nunes, R-Calif., chairman of the committee, saidSnowdenbetrayed his colleagues and his country.

"He put our service members and the American people at risk after perceived slights by his superiors," Nunes said in a statement. "In light of his long list of exaggerations and outright fabrications detailed in this report, no one should take him at his word. I look forward to his eventual return to the United States, where he will face justice for his damaging crimes."

Snowdeninsists he has not shared the full cache of 1.5 million classified documents with anyone. However, the report notes that in June, the deputy chairman of the Russian parliament's defense and security committee publicly conceded that "Snowdendid share intelligence" with his government.

Ben Wizner,Snowden'sattorney at the American Civil Liberties Union, blasted the report, saying it was an attempt to discredit a "genuine American hero."

"After years of investigation, the committee still can't point to any remotely credible evidence that Snowden'sdisclosures caused harm," Wizner said. "In a more candid moment, the NSA's former deputy director, who was directly involved in the government's investigation, explicitly said he didn't believe Snowdenhad cooperated with either China or Russia."

Snowden'srevelations about the agency's bulk collection of millions of Americans' phone records set off a fierce debate that pit civil libertarians concerned about privacy against more hawkish lawmakers fearful about losing tools to combat terrorism. Democrats and libertarian-leaning Republicans pushed through a reauthorization of the USA Patriot Act last year that ended the program.

There was little evidence that the phone records or other surveillance programsSnowdenrevealed ever thwarted an attack.

Snowdenis seeking a presidential pardon because he says he helped his country by revealing secret domestic surveillance programs. Separately, all members of the committee sent a bipartisan letter to President Barack Obama urging him not to pardonSnowden.

"The vast majority of what he took has nothing to do with American privacy," said Rep. Adam Schiff of California, the ranking Democrat on the House intelligence committee.

"The majority of what he took has to do with military secrets and defense secrets," Schiff said in an interview Thursday for C-SPAN's "Newsmakers." ''I think that's very much at odds with the narrative that he wants to tell that he is a whistleblower."

The Obama administration has urgedSnowdento return to the U.S. and face trial. Justice Department spokesman Marc Raimondi has said "there is no question his actions have inflicted serious harms on our national security."

The committee report says that he was a "disgruntled employee who had frequent conflicts with his managers."

Publicly revealing classified information does not qualify someone as a whistleblower, the report said. The committee "found no evidence thatSnowdentook any official effort to express concerns about U.S. intelligence activities to any oversight officials within the U.S. government, despite numerous avenues for him to do so."

According to the committee,Snowdenbegan mass downloads of classified material two weeks after he was reprimanded for engaging in a spat with NSA managers. The committee also describedSnowdenas a "serial exaggerator and fabricator."

"A close review ofSnowden'sofficial employment records and submissions reveals a pattern of intentional lying," the report said. "He claimed to have left Army basic training because of broken legs when in fact he washed out because of shin splints. He claimed to have obtained a high school degree equivalent when in fact he never did. "

The report saidSnowdenclaimed to have worked for the CIA as a senior adviser, when he was a computer technician.

"He also doctored his performance evaluations and obtained new positions at NSA by exaggerating his resume and stealing the answers to an employment test," the report said.

Speaking by video link from Moscow,Snowdensaid Wednesday that whistleblowing "is democracy's safeguard of last resort, the one on which we rely when all other checks and balances have failed and the public has no idea what's going on behind closed doors."

The 33-year-old addressed a New York City news conference where advocates from the American Civil Liberties Union, Human Rights Watch and Amnesty International announced an online petition drive to urge Obama to pardonSnowdenbefore he leaves office. The supporters calledSnowdena hero for exposing the extent of government surveillance by giving thousands of classified documents to journalists.

The report was released one day ahead of Friday's opening of director Oliver Stone's film "Snowden."

Read the original post:
Congressional report slams NSA leaker Edward Snowden