It's Easier to Steal State Secrets if You Take Your Co-Worker's High-Access Password

The Citizen's Guide to the Future
Feb. 13 2014 1:38 PM

It's Easier to Steal State Secrets if You Take Your Co-Worker's High-Access Password

184211606-frame-grab-made-from-afptv-footage-reportedly-taken-on
Some of the information Edward Snowden aquired came from classified documents he accessed using stolen login credentials from a co-worker.

Photo by AFPTV/AFP/Getty Images

We've all been there. Your security clearance isn't high enough to get all the information you want to steal for your high-profile whistle-blowing campaign. What to do? Trick a co-worker with higher clearance into typing his or her credentials on your computer. Then you capture the keystrokes and exploit that password until you have everything you want. Petty office politcs, amirite?

This is apparently how Edward Snowden filled in some of the gaps during his data dump days at the NSA. A memo filed earlier this week by Ethan Bauman, the NSA’s director of legislative affairs, shows that a civilian employee Snowden duped has resigned following the revocation of his or her security clearance. The memo, an unclassified document “for official use only” that was obtained by NBC, says, “Unbeknownst to the civilian, Mr. Snowden was able to capture the password, allowing him even greater access to classified information.” Similar evidence emerged in Novemeber that Snowden had tricked 20-25 employees into giving him their passwords. The NSA questioned a number of them, and they lost their assignments.

Advertisement

This most recent memo describes the employee typing his or her “public key infrastructure” certificate into Snowden's computer, thus giving Snowden access to a broader swath of the NSA's internal network. And though the employee didn't know  Snowden's intent, he or she  “failed to comply with security obligations,” according to the memo.

An active duty military member and a contractor have apparently also been “implicated” and have lost their security clearances. So far the NSA's action plan for responding to the security breach hasn't been clear, but this memo is one of the first major, public signs of movement on that front. The takeaway here for NSA employees and just everyone is don't give your passwords out. Just don't. Come on, people.

Future Tense is a partnership of SlateNew America, and Arizona State University.

Lily Hay Newman is lead blogger for Future Tense.

TODAY IN SLATE

Medical Examiner

Here’s Where We Stand With Ebola

Even experienced international disaster responders are shocked at how bad it’s gotten.

The U.S. Airstrikes on ISIS in Syria Will Probably Benefit America’s Other Enemies

Divestment Is Fine but Mostly Symbolic. There’s a Better Way for Universities to Fight Climate Change.

I Stand With Emma Watson on Women’s Rights

Even though I know I’m going to get flak for it.

It Is Very Stupid to Compare Hope Solo to Ray Rice

Building a Better Workplace

In Defense of HR

Startups and small businesses shouldn’t skip over a human resources department.

Why Are Lighter-Skinned Latinos and Asians More Likely to Vote Republican?

How Ted Cruz and Scott Brown Misunderstand What It Means to Be an American Citizen

  News & Politics
The World
Sept. 23 2014 10:55 AM This Isn’t the Syria Intervention Anyone Wanted
  Business
Business Insider
Sept. 23 2014 10:03 AM Watch Steve Jobs Tell Michael Dell, "We're Coming After You"
  Life
The Eye
Sept. 23 2014 11:33 AM High-Concept Stuff Designed to Remind People That They Don’t Need Stuff  
  Double X
The XX Factor
Sept. 23 2014 11:13 AM Why Is This Mother in Prison for Helping Her Daughter Get an Abortion?
  Slate Plus
Slate Plus
Sept. 22 2014 1:52 PM Tell Us What You Think About Slate Plus Help us improve our new membership program.
  Arts
Behold
Sept. 23 2014 11:30 AM A Rope Mistress, the Rubber Master, Sadomasochist Sisters: Portraits in Kink
  Technology
Future Tense
Sept. 23 2014 10:51 AM Is Apple Picking a Fight With the U.S. Government? Not exactly.
  Health & Science
Bad Astronomy
Sept. 23 2014 11:00 AM Google CEO: Climate Change Deniers Are “Just Literally Lying”
  Sports
Sports Nut
Sept. 18 2014 11:42 AM Grandmaster Clash One of the most amazing feats in chess history just happened, and no one noticed.