Speculative Scenarios on How Snowden Acquired Access to 24 NSA Vault Passwords

120 sure, scenario-building differs from that of a conventional forensic investigation aimed at finding pieces of evidence that can be used to persuade a jury ina courtroom. Unlike a judicial investigation concerned with guilt and innocence, scenario-building looks building looks to develop a story that is, concurrently: intrinsically consistent, humanly plausible and symbolically memorable; and in the process, it also identifies and explores the possible holes in the case. Such scenarios must aim at constituting a limited set of alternatives that are mutually exclusive The point is to assure that any alternative that fits the relevant facts, no matter how implausible it initially may seem to be, is not neglected. One of the most vexing problems that had to be explained by these scenarios is how Snowden got the passwords to up to 24 of these vaults. He could not have obtained these passwords during his previous employment at Dell because Dell technicians did not have access to the Level 3 documents stored in these compartments. Nor, as was discussed earlier, was he given access to them when he transferred to Booz Allen because he had not completed the requisite training. Snowden had also, it will be recalled, relinquished his privileges as a system administrator when he transferred to Booz Allen, so he did not have the privilege to override password protection. In short, his new position as an infrastructure analyst did not give him the ability to enter compartments which he had not yet been read into. There are two possible ways he could have gotten these passwords: Either he had assistance from a party who had access to them or he found flaws in the NSA’s security procedures that left the supposedly-closed vaults effectively unlocked. The Unwitting Accomplice Possibility As for the first alternative, it is possible whatever assistance that Snowden received was entirely unwitting. For example, he could have simply asked other analysts at the Center who had been “read into” compartments for their passwords. But such an approach would be extremely risky for him. Ifan analyst gave him his password, and it was discovered, that analyst could lose his job. Moreover, any analyst was supposed to report any request for a password to a security officer. Nor was Snowden, who had been working at the Threat Operations Center for just a few weeks as a trainee, well known to other analysts. So asking them to break the rules was fairly risky for Snowden. “It is inconceivable to me that his co-workers would divulge their passwords to him,” a former Booz Allen executive, who had also worked at the Defense Intelligence Agency, told me. “If he was a system administrator he might trick a threat analyst into entering his password into his computer under the pretext that he needed it to deal with an urgent hardware issue.” But Snowden was not a system administrator at the Center. Snowden therefore “had no plausible reason for requesting passwords to compartment he had not been read into,” the former executive said. I asked him what the chance was of him obtaining some 24 passwords in 5 weeks. “In my opinion, near zero,” he said. I next asked him whether it was possible that Snowden could have used a device for intercepting another computer’s electronic signals, called by hackers a “key logger.” Such a device, which was obtainable over the Internet, could be used to steal passwords of the analysts who had been “read into” the compartments. My source said that while it was HOUSE_OVERSIGHT_020272