U.S. Worries NSA Leaker's Files Could Be Hacked
DAVID GREENE, HOST:
The Russian lawyer for NSA leaker Edward Snowden predicts his client will soon get temporary asylum in Russia. The condition would be that Snowden not release information damaging to the United States. But that promise might not matter anymore.
NPR's Tom Gjelten reports that U.S. officials have a new worry: that Snowden no longer has control over the files he took with him.
TOM GJELTEN, BYLINE: Edward Snowden's allies insist he's been careful so far not to release the most damaging files he has from his days as an NSA contractor.
His chief advocate in the media, Glenn Greenwald, says Snowden wanted to make public those documents that show the surveillance to which Americans are subject. But Greenwald told CNN this week that there are more far more damaging files that Snowden has not released.
(SOUNDBITE OF CNN BROADCAST)
GLENN GREENWALD: The documents that he took that prove that what he's saying is true contain innocuous information that we've published to inform the public but they also contain the blueprints of how the NSA is doing these things technically.
GJELTEN: In an interview with an Argentine newspaper, Greenwald said if some of Snowden's remaining information were compromised, it could be the U.S. government's worse nightmare. Up to now, Greenwald says, Snowden has been careful to safeguard all those files.
GREENWALD: Nothing that has been released has been remotely damaging to national security, and that is going to continue to be exactly how it is.
GJELTEN: Unless the Russians force Snowden to give up his files, or if there's a way for the Russians or anyone to steal them. Cybersecurity experts say stealing the files is entirely possible. They note Snowden had to go through customs in Hong Kong and then camp out in a Russian airport hotel. He's undoubtedly encountered Chinese and Russian security services. Those countries have cyber capabilities second only to the United States. Mark Weatherford, until recently, the top cyber expert at the Department of Homeland Security, expects the Chinese or the Russians or both have already gotten hold of Snowden's secret files.
MARK WEATHERFORD: If they haven't done this, then they're probably not as savvy as I thought they were.
GJELTEN: For Snowden to have kept his files secure, he would have had to keep his laptops powered off and disconnected from the Internet. Plus, he'd need physical control of the machines at all times. Rob Lee, a computer forensics expert for the SANS Training Institute, says this would have to include Snowden's Russian airport stay.
ROB LEE: If the Russians are able to just have him turn his back for, you know, a five or six hour period while he was sleeping, that's all it would take to potentially get that data off those systems.
GJELTEN: One easy and quick way to access Snowden's files would be to remove the hard drive from his computers, copy the contents and then put it back. Lee says even an expert like Snowden might not realize what had happened.
LEE: Most of the drives in laptops are accessible just with a screwdriver on the outside. You could essentially do that without the person knowing. Law enforcement does this routinely when they're trying to do monitoring of, you know, individuals - install cameras, whatever, to make it look like no one has been in there. So from a physical side it's pretty easy to do.
GJELTEN: Once the foreign cyber agents have copies of the files on Snowden's laptops, they'd have to be able to read them, of course. Glenn Greenwald told CNN Snowden has secured his documents, quote, "with extreme amounts of encryption." That means the documents were saved in an algorithm-devised code and are accessible only with a key. Michael Sutton, vice president for security research at Zscaler, says this is Snowden's best protection.
MICHAEL SUTTON: If Snowden were using the best possible encryption and he was using a strong key, it would be virtually impossible for NSA, China, Russia - anyone - to access that data.
GJELTEN: At least in the short run. There are ways to break a code, if only by what cyber technologists call brute force - essentially having a computer try every possible key combination until the correct one is found. Mark Weatherford, now at the Chertoff Group, points out that no encryption lasts forever.
WEATHERFORD: Encryption really only buys you time. You can eventually decrypt it. It just takes time to do that, and it's really dependent on the algorithm and the keys.
GJELTEN: In all, cybersecurity experts agree, the likelihood is good that the Chinese or the Russians or both will sooner or later have whatever documents Snowden has taken with him, whether he intended to share them or not. Tom Gjelten, NPR News, Washington.
GREENE: And you hear Tom's reporting when you're listening to MORNING EDITION from NPR News.