WASHINGTON — Former National Security Agency (NSA) contract worker Edward Snowden gained access to at least some classified documents he later disclosed by copying a password from a co-worker who has since resigned, the NSA reported to Congress. Snowden has previously said he did not steal any passwords.
The unnamed civilian employee resigned last month after the government revoked his security clearance, according to a letter that NSA legislative director Ethan Bauman sent this week to the House Judiciary Committee. A military employee and a private contractor also lost their access to NSA data as part of the continuing investigation, Bauman said.
Bauman’s memo, dated Monday, provides some of the first details about what authorities said they have learned about how Snowden retrieved so many classified documents before passing them to news organizations. Top U.S. national-security officials have acknowledged they do not know how many files Snowden took before he fled the United States, eventually seeking refuge in Russia.
Snowden, a systems analyst, has denied that he stole computer passwords or tricked co-workers into giving him their passwords. The NSA letter suggested Snowden tricked at least one co-worker and copied the employee’s password without his knowledge.
- Richard Sherman asks for Tyler Lockett-Mario Kart mashup, the internet answers
- Seahawks trade Kevin Norwood, make other moves to get roster to 75
- The latest on Seahawks safety Kam Chancellor's holdout
- Seattle restaurant manager killed hiking in Alaska
- The Californians keep coming, but King County gives back
Most Read Stories
The civilian NSA worker — reported to be Snowden’s supervisor, although that has not been confirmed — told FBI investigators in June that he allowed Snowden to use an encrypted digital key known as a Public Key Infrastructure (PKI) certificate to gain access to classified information on NSANet, the agency’s computer network. The system connects into many of the NSA’s classified databanks. The memo said that previously Snowden had been denied access to the network.
After the co-worker entered his secure PKI password, Snowden “was able to capture the password, allowing him even greater access to classified information,” Bauman’s letter said. He said the civilian NSA employee was not aware that Snowden intended to reveal any classified information. It was not clear from the memo how much classified information Snowden had collected before using the co-worker’s password.
Last month, Snowden, 30, denied either stealing or using trickery to gaining access to the NSA’s network. “I never stole any passwords, nor did I trick an army of co-workers,” Snowden said during a public question-and-answer session on the “Free Snowden” website.
The NSA suspended the co-worker’s access to secure data and in November, revoked his security clearance. The NSA informed the employee it planned to fire him and he resigned instead in January, Bauman said.
A U.S. military employee and a private contractor also lost their access to classified data, but Bauman’s letter did not disclose what lapses they might have committed.
The head of U.S. spying programs, Director of National Intelligence James Clapper, told senators this week that Snowden’s access to so many classified files has accelerated plans to tighten clearance procedures and monitoring on government computers.
Clapper told the Senate Armed Services Committee that the Snowden breach was a “perfect storm for him, since he was a systems administrator and a highly skilled, technically skilled IT professional, and so he knew exactly what he was doing.”
Clapper also acknowledged that the Hawaii NSA station where Snowden worked did not have the same level of security that exists at the agency’s Fort Meade, Md., headquarters.
The New York Times reported Sunday, and Clapper confirmed to Congress, that Snowden released a “Web crawler” inside the NSA’s computer systems once he had gained access. That crawler, which automatically indexes the NSANet and could copy any documents in its path, would essentially use the passwords that Snowden held, legitimately or illegitimately. He later copied files delivered by the crawler to an external storage device, such as a thumb drive or hard disk drive, before leaving his NSA job in April and heading to Hong Kong. He has been granted temporary asylum in Russia.
Material from The New York Times is included in this report.