Risk
6/24/2013
11:07 AM
50%
50%

NSA Leaker Snowden On The Run

U.S. files charges against former National Security Agency contractor Edward Snowden, who is seeking asylum in Ecuador. To date, Hong Kong and Moscow have declined to detain him.

Former National Security Agency (NSA) contractor and whistleblower Edward Snowden, 30, is on the move, reportedly attempting to gain asylum in Ecuador. But after reportedly arriving in Moscow, by Monday evening Moscow time his whereabouts were unknown.

Snowden flew from Hong Kong to Moscow Sunday, where he was reportedly met on the tarmac by Venezuelan diplomats. "He has arrived. He cannot leave the terminal, since he doesn't have a Russian visa," an Aeroflot source told Russian news agency Interfax.

U.S. authorities have charged Snowden with criminal and espionage crimes relating to his leaking information about numerous NSA surveillance programs, including Prism.

But government officials in Russia, who claimed they hadn't known Snowden was Moscow-bound, declined to detain him, saying there was no warrant for his arrest issued via Interpol. "It is not a question for us," President Vladimir Putin's spokesman Dmitry Peskov told The Wall Street Journal. "We don't know what his plans are and we were unaware he was coming here." Russia has no extradition treaty with the United States.

[ Is Snowden an altruistic whistle-blower, reckless criminal, outright traitor or somewhere in between? See NSA Prism Whistleblower Snowden Deserves A Medal. ]

An Interpol official told the Wall Street Journal that the United States could have issued a "red notice" for Snowden that would have served as an international arrest warrant for Interpol's 190 member countries -- except that such notices can't be issued for espionage, which is considered to be a political crime. Interpol's charter prohibits the organization from getting involved in military, political or religious matters.

While last seen in Moscow, according to a statement issued Sunday by WikiLeaks, Snowden is ultimately "bound for the Republic of Ecuador via a safe route for the purposes of asylum, and is being escorted by diplomats and legal advisers from WikiLeaks."

"The Government of Ecuador has received an asylum request from Edward J. #Snowden," tweeted Ecuador's foreign minister, Ricardo Patiño on Sunday. He told the Associated Press Monday that the Ecuadorean government has been "analyzing it with a lot of responsibility," and said its decision would factor in "freedom of expression and with the security of citizens around the world." While the United States and Ecuador have a joint extradition treaty -- first signed in 1872 -- it doesn't apply "to crimes or offenses of a political character."

U.S. officials revealed Friday that Snowden has been charged for leaking classified information. A one-page sealed criminal complaint filed by the FBI in federal court charged Snowden with theft of government property, unauthorized communication of national defense information, and willful communication of classified communications intelligence information to an unauthorized person. Each of the charges carries up to 10 years in prison. Although the complaint was filed June 14, 2013, it wasn't made public until June 21, and an accompanying affidavit still remains under seal.

As noted, by Monday evening Moscow time, Snowden's whereabouts were unknown, after he failed to show for a Cuba-bound flight. "Edward Snowden not on Aeroflot flight to Havana. But a bunch of reporters are. (Bad news for them: it's dry)," tweeted the Guardian. Why skip the Cuba-bound flight? Legal experts said that if the plane's route took it over North American airspace, U.S. authorities could have compelled it to land. Then again, it could also have been a ruse intended to throw any pursuers off Snowden's tracks.

Regardless, an unnamed Aeroflot official told Interfax that Snowden was still in the airport's transit area. "Everything has been done to allow Snowden to spend the night peacefully at the airport's capsule hotel and to fly quietly to Cuba," according to the official.

Furthermore, Snowden may eventually take a chartered plane, since WikiLeaks has offered to fly him to a destination of his choice. "The WikiLeaks legal team and I are interested in preserving Mr. Snowden's rights and protecting him as a person," Baltasar Garzon, legal director of WikiLeaks -- and also Julian Assange's attorney -- said in a statement.

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-4692
Published: 2015-07-27
The kvm_apic_has_events function in arch/x86/kvm/lapic.h in the Linux kernel through 4.1.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging /dev/kvm access for an ioctl call.

CVE-2015-1840
Published: 2015-07-26
jquery_ujs.js in jquery-rails before 3.1.3 and 4.x before 4.0.4 and rails.js in jquery-ujs before 1.0.4, as used with Ruby on Rails 3.x and 4.x, allow remote attackers to bypass the Same Origin Policy, and trigger transmission of a CSRF token to a different-domain web server, via a leading space cha...

CVE-2015-1872
Published: 2015-07-26
The ff_mjpeg_decode_sof function in libavcodec/mjpegdec.c in FFmpeg before 2.5.4 does not validate the number of components in a JPEG-LS Start Of Frame segment, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via craft...

CVE-2015-2847
Published: 2015-07-26
Honeywell Tuxedo Touch before 5.2.19.0_VA relies on client-side authentication involving JavaScript, which allows remote attackers to bypass intended access restrictions by removing USERACCT requests from the client-server data stream.

CVE-2015-2848
Published: 2015-07-26
Cross-site request forgery (CSRF) vulnerability in Honeywell Tuxedo Touch before 5.2.19.0_VA allows remote attackers to hijack the authentication of arbitrary users for requests associated with home-automation commands, as demonstrated by a door-unlock command.

Dark Reading Radio
Archived Dark Reading Radio
What’s the future of the venerable firewall? We’ve invited two security industry leaders to make their case: Join us and bring your questions and opinions!