It's Easier to Steal State Secrets if You Take Your Co-Worker's High-Access Password

The Citizen's Guide to the Future
Feb. 13 2014 1:38 PM

It's Easier to Steal State Secrets if You Take Your Co-Worker's High-Access Password

184211606-frame-grab-made-from-afptv-footage-reportedly-taken-on
Some of the information Edward Snowden aquired came from classified documents he accessed using stolen login credentials from a co-worker.

Photo by AFPTV/AFP/Getty Images

We've all been there. Your security clearance isn't high enough to get all the information you want to steal for your high-profile whistle-blowing campaign. What to do? Trick a co-worker with higher clearance into typing his or her credentials on your computer. Then you capture the keystrokes and exploit that password until you have everything you want. Petty office politcs, amirite?

This is apparently how Edward Snowden filled in some of the gaps during his data dump days at the NSA. A memo filed earlier this week by Ethan Bauman, the NSA’s director of legislative affairs, shows that a civilian employee Snowden duped has resigned following the revocation of his or her security clearance. The memo, an unclassified document “for official use only” that was obtained by NBC, says, “Unbeknownst to the civilian, Mr. Snowden was able to capture the password, allowing him even greater access to classified information.” Similar evidence emerged in Novemeber that Snowden had tricked 20-25 employees into giving him their passwords. The NSA questioned a number of them, and they lost their assignments.

Advertisement

This most recent memo describes the employee typing his or her “public key infrastructure” certificate into Snowden's computer, thus giving Snowden access to a broader swath of the NSA's internal network. And though the employee didn't know  Snowden's intent, he or she  “failed to comply with security obligations,” according to the memo.

An active duty military member and a contractor have apparently also been “implicated” and have lost their security clearances. So far the NSA's action plan for responding to the security breach hasn't been clear, but this memo is one of the first major, public signs of movement on that front. The takeaway here for NSA employees and just everyone is don't give your passwords out. Just don't. Come on, people.

Future Tense is a partnership of SlateNew America, and Arizona State University.

Lily Hay Newman is lead blogger for Future Tense.

TODAY IN SLATE

History

The Self-Made Man

The story of America’s most pliable, pernicious, irrepressible myth.

Michigan’s Tradition of Football “Toughness” Needs to Go—Starting With Coach Hoke

Does Your Child Have “Sluggish Cognitive Tempo”? Or Is That Just a Disorder Made Up to Scare You?

The First Case of Ebola in America Has Been Diagnosed in Dallas

Windows 8 Was So Bad That Microsoft Will Skip Straight to Windows 10

Politics

Mad About Modi


Why the controversial Indian prime minister drew 19,000 cheering fans to Madison Square Garden.


Building a Better Workplace

You Deserve a Pre-cation

The smartest job perk you’ve never heard of.

Don’t Panic! The U.S. Already Stops Ebola and Similar Diseases From Spreading. Here’s How.

Parents, Get Your Teenage Daughters the IUD

The XX Factor
Sept. 30 2014 12:34 PM Parents, Get Your Teenage Daughters the IUD
  News & Politics
Politics
Sept. 30 2014 6:59 PM The Democrats’ War at Home Can the president’s party defend itself from the president’s foreign policy blunders?
  Business
Moneybox
Sept. 30 2014 7:02 PM At Long Last, eBay Sets PayPal Free
  Life
Gaming
Sept. 30 2014 7:35 PM Who Owns Scrabble’s Word List? Hasbro says the list of playable words belongs to the company. Players beg to differ.
  Double X
The XX Factor
Sept. 30 2014 12:34 PM Parents, Get Your Teenage Daughters the IUD
  Slate Plus
Behind the Scenes
Sept. 30 2014 3:21 PM Meet Jordan Weissmann Five questions with Slate’s senior business and economics correspondent.
  Arts
Brow Beat
Sept. 30 2014 8:54 PM Bette Davis Talks Gender Roles in a Delightful, Animated Interview From 1963
  Technology
Future Tense
Sept. 30 2014 7:00 PM There’s Going to Be a Live-Action Tetris Movie for Some Reason
  Health & Science
Medical Examiner
Sept. 30 2014 6:44 PM Ebola Was Already Here How the United States contains deadly hemorrhagic fevers.
  Sports
Sports Nut
Sept. 30 2014 5:54 PM Goodbye, Tough Guy It’s time for Michigan to fire its toughness-obsessed coach, Brady Hoke.