More than three months after Edward Snowden revealed details of NSA secret surveillance activities, intelligence officials are still assessing the fallout from the former contractor's disclosures. But they already know how the leaks happened.
"We have an extremely good idea of exactly what data he got access to and how exactly he got access to it," says the NSA's chief technology officer, Lonny Anderson.
In interviews with NPR, two government officials shared that part of the Snowden story in one of the most detailed discussions of the episode to date.
According to the officials, the documents Snowden leaked — the memoranda, PowerPoint slides, agency reports, court orders and opinions — had all been stored in a file-sharing location on the NSA's intranet site. The documents were put there so NSA analysts and officials could read them online and discuss them.
"Unfortunately for us," one official said, "if you had a top secret SCI [sensitive compartmented information] clearance, you got access to that."
The importance of such information-sharing procedures was one of the lessons of the Sept. 11, 2001, attacks. Law enforcement and intelligence agencies were unable to "connect the dots" before the attacks because they were not always aware of what other agencies knew.
As a systems administrator, Snowden actually had the responsibility to go to the NSA intranet site and move especially sensitive documents to a more secure location. The assignment was the perfect cover for someone who wanted to leak documents.
"It's kind of brilliant, if you're him," an official said. "His job was to do what he did. He wasn't a ghost. He wasn't that clever. He did his job. He was observed [moving documents], but it was his job."
Snowden's supervisors, however, did not realize that he was making digital copies of the secret documents. The officials interviewed by NPR would not say how Snowden managed to take the files out of his workplace, citing the ongoing investigation.
As of June, when Snowden's disclosures became public, some NSA computers were equipped with USB ports where thumb drives could be used. As the NSA's chief technologist and information officer, Anderson is responsible for implementing security reforms to guard against future data leaks. NSA security officers have now limited the options employees have for storing data on their own, thumb drives included.
"One thing we have done post-media leaks," Anderson says, "is lock those down hard, so those are [now] all in two-person control areas."
With new security reforms in place, it should be impossible for people like Snowden to work completely on their own. "We're going to remove anonymity from our network," Anderson says. "If you've got privileged access to our network, like a systems administrator [has], if you're being given a privilege that very few people have, you're not going to do anything alone."
The NSA will now be "tagging" sensitive documents and data with identifiers that will limit access to those individuals who have a need to see the documents and who are authorized by NSA leadership to view them. The tagging will also allow supervisors to see what individuals do with the data they see and handle.
"Someone today could [still] get access to that intranet [location]," Anderson says, "because it still exists. Could someone today do what [Snowden] did? No."
Among the questions raised by the NSA's security reforms, however, is whether the changes will inhibit the kind of information-sharing the agency wanted to promote in the first place.
"You can't make good policy if you can't keep more than one idea in your head at the same time," warns Joel Brenner, a former NSA inspector general. "One of those important ideas is that we have to do a really good job of sharing information and disseminating it to people who really need to know it and doing it fast. The other really important idea is that a lot of this information, if it gets into the hands of people who ought not have it, hurts us badly. So that information has to be protected. You can't separate those ideas."