Risk
6/11/2013
11:31 AM
50%
50%

9 Facts About NSA Prism Whistleblower

Here's what we know about Edward J. Snowden, the NSA contractor last seen in Hong Kong -- and why the Bradley Manning case could affect Snowden's fate.

The Syrian Electronic Army: 9 Things We Know
(click image for larger view)
The Syrian Electronic Army: 9 Things We Know
Who is Edward Joseph Snowden?

Snowden, 29, has come forward to say that he's responsible for leaking information about the NSA's online communications surveillance program, known as Prism, to the Guardian, as well as leaking details of the NSA's access to U.S. phone call metadata to The Washington Post.

By some estimations, they are the most important leaks in U.S. history, surpassing even Daniel Ellsberg's release of the secret history of the Vietnam War known as the Pentagon Papers, as well as the leak of classified State Department cables and information relating to the wars in Afghanistan and Iraq to WikiLeaks, for which Pfc. Bradley Manning has been charged and is only now standing trial. Furthermore, according to The Guardian, Snowden has leaked "thousands" of documents, of which "dozens" are newsworthy and not all have yet been published.

[ What happens when leak controversies spill over into other areas of business? Read DataCell Wins WikiLeaks Donation Case. ]

In the midst of these leaks, here's what we know about Snowden, as well as what might be in store for him:

1. From Army Veteran To CIA Employee.

Snowden is a 29-year-old former technical assistant for the Central Intelligence Agency who's been working at the National Security Agency for the past four years as a contractor employed by various firms, including Dell and most recently Booz Allen. He told The Guardian that he earned about $200,000 a year, which commentators said would be a commensurate salary for a contract NSA IT administrator who holds a valuable top-secret clearance.

Sunday, Booz Allen issued a statement confirming that Snowden "has been an employee of our firm for less than three months, assigned to a team in Hawaii."

How did Snowden come to work in IT? Long interested in computers, he enlisted in the Army Reserve in 2003 in a Special Forces training program, but was discharged four months later after breaking both of his legs in a training accident. According to news reports, he then began a job as a security guard at a covert CIA facility in Maryland, then moved to an information security job with the CIA.

2. Snowden Requests No Anonymity.

Snowden purposefully requested that after publishing the leaked data, both The Guardian and Post identify him by name. "I have no intention of hiding who I am because I know I have done nothing wrong," Snowden told The Guardian, emphasizing that he's not seeking media attention.

"I don't want public attention because I don't want the story to be about me. I want it to be about what the U.S. government is doing," he said. "The government has granted itself power it is not entitled to. There is no public oversight. The result is people like myself have the latitude to go further than they are allowed to."

3. Reason For Leak: Dismantle "Architecture Of Oppression."

In a video interview, Snowden said the rationale for the leak was to highlight the extent to which the U.S. government was spying on its own citizens, and that he was no longer able to countenance working a job that involved building an "architecture of oppression."

"The NSA has built an infrastructure that allows it to intercept almost everything. With this capability, the vast majority of human communications are automatically ingested without targeting," he told The Guardian. "If I wanted to see your emails or your wife's phone, all I have to do is use intercepts. I can get your emails, passwords, phone records, credit cards."

"I do not want to live in a world where everything I do and say is recorded," he said. "That is not something I am willing to support or live under."

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-6090
Published: 2015-04-27
Multiple cross-site request forgery (CSRF) vulnerabilities in the (1) DataMappingEditorCommands, (2) DatastoreEditorCommands, and (3) IEGEditorCommands servlets in IBM Curam Social Program Management (SPM) 5.2 SP6 before EP6, 6.0 SP2 before EP26, 6.0.3 before 6.0.3.0 iFix8, 6.0.4 before 6.0.4.5 iFix...

CVE-2014-6092
Published: 2015-04-27
IBM Curam Social Program Management (SPM) 5.2 before SP6 EP6, 6.0 SP2 before EP26, 6.0.4 before 6.0.4.6, and 6.0.5 before 6.0.5.6 requires failed-login handling for web-service accounts to have the same lockout policy as for standard user accounts, which makes it easier for remote attackers to cause...

CVE-2015-0113
Published: 2015-04-27
The Jazz help system in IBM Rational Collaborative Lifecycle Management 4.0 through 5.0.2, Rational Quality Manager 4.0 through 4.0.7 and 5.0 through 5.0.2, Rational Team Concert 4.0 through 4.0.7 and 5.0 through 5.0.2, Rational Requirements Composer 4.0 through 4.0.7, Rational DOORS Next Generation...

CVE-2015-0174
Published: 2015-04-27
The SNMP implementation in IBM WebSphere Application Server (WAS) 8.5 before 8.5.5.5 does not properly handle configuration data, which allows remote authenticated users to obtain sensitive information via unspecified vectors.

CVE-2015-0175
Published: 2015-04-27
IBM WebSphere Application Server (WAS) 8.5 Liberty Profile before 8.5.5.5 does not properly implement authData elements, which allows remote authenticated users to gain privileges via unspecified vectors.

Dark Reading Radio
Archived Dark Reading Radio
Join security and risk expert John Pironti and Dark Reading Editor-in-Chief Tim Wilson for a live online discussion of the sea-changing shift in security strategy and the many ways it is affecting IT and business.