NSA worker who let Snowden skirt safeguards resigns, memo says
A National Security Agency employee has resigned from his job since admitting to FBI investigators that he allowed Edward Snowden, then an NSA contractor, to use his personal computer credentials to gain access to classified information, according to an agency memo.
The unidentified employee was not aware that Snowden intended to obtain classified material for the purposes of disclosure, said the memo, which was reported by NBC News.
The employee is one of three people who have been under investigation for their unwitting involvement in Snowden's effort to remove the material in what may be the largest breach of classified information in history.
None was accused of collusion, said a senior U.S. official familiar with the investigation. “It's a violation of procedures . . . but no ‘Hey, let's conspire with him to steal information,' ” said the official, who spoke on condition of anonymity because the investigation is ongoing.
The security clearance of the employee who resigned, a civilian, was revoked in November, and he was notified of a proposal to fire him. He resigned Jan. 10, said the memo, which was addressed to the staff directors of the House Judiciary Committee.
The two other people, a military member and a contractor, had their access to NSA facilities and material revoked in August, the memo said. All worked at a regional NSA facility in Hawaii, where Snowden was a contract employee for Dell and later Booz Allen Hamilton, officials said.
The resignation appears to be the first personnel action to result from the breach. Snowden, who has been granted temporary asylum in Russia, shared large amounts of intelligence with several journalists. Their stories began appearing in June and have stirred national and international debate about the proper scope of NSA surveillance.
According to the memo, written by Ethan Bauman, the NSA's legislative affairs director, the civilian allowed Snowden to use his public key infrastructure (PKI) certificate to gain access to classified information on NSANet, the agency's intranet, “access that he knew had been denied to Mr. Snowden.” PKI is a system of identity credentials designed to prevent unauthorized access to sensitive computer networks.
The memo stated: “Further, at Mr. Snowden's request, the civilian entered his PKI password at Mr. Snowden's computer terminal. Unbeknownst to the civilian, Mr. Snowden was able to capture the password, allowing him even greater access to classified information.”
Lawmakers expressed concern on Thursday about the security lapses at the agency. “It is unacceptable that the NSA's security protocols and breaches were so easily circumvented,” said Senate Judiciary Committee Chairman Patrick Leahy, D-Vt. “This is the same NSA that asks us to trust that it will keep safe massive amounts of data on innocent Americans, and that we should have faith in its internal policies and procedures.”
He said that “for months, I have been asking who is being held accountable, and while the NSA director has testified that they have taken a number of steps as a result of the leaks, it is clear that more needs to be done to protect our national security and our privacy.”