Risk
6/24/2013
11:07 AM
50%
50%

NSA Leaker Snowden On The Run

U.S. files charges against former National Security Agency contractor Edward Snowden, who is seeking asylum in Ecuador. To date, Hong Kong and Moscow have declined to detain him.

Former National Security Agency (NSA) contractor and whistleblower Edward Snowden, 30, is on the move, reportedly attempting to gain asylum in Ecuador. But after reportedly arriving in Moscow, by Monday evening Moscow time his whereabouts were unknown.

Snowden flew from Hong Kong to Moscow Sunday, where he was reportedly met on the tarmac by Venezuelan diplomats. "He has arrived. He cannot leave the terminal, since he doesn't have a Russian visa," an Aeroflot source told Russian news agency Interfax.

U.S. authorities have charged Snowden with criminal and espionage crimes relating to his leaking information about numerous NSA surveillance programs, including Prism.

But government officials in Russia, who claimed they hadn't known Snowden was Moscow-bound, declined to detain him, saying there was no warrant for his arrest issued via Interpol. "It is not a question for us," President Vladimir Putin's spokesman Dmitry Peskov told The Wall Street Journal. "We don't know what his plans are and we were unaware he was coming here." Russia has no extradition treaty with the United States.

[ Is Snowden an altruistic whistle-blower, reckless criminal, outright traitor or somewhere in between? See NSA Prism Whistleblower Snowden Deserves A Medal. ]

An Interpol official told the Wall Street Journal that the United States could have issued a "red notice" for Snowden that would have served as an international arrest warrant for Interpol's 190 member countries -- except that such notices can't be issued for espionage, which is considered to be a political crime. Interpol's charter prohibits the organization from getting involved in military, political or religious matters.

While last seen in Moscow, according to a statement issued Sunday by WikiLeaks, Snowden is ultimately "bound for the Republic of Ecuador via a safe route for the purposes of asylum, and is being escorted by diplomats and legal advisers from WikiLeaks."

"The Government of Ecuador has received an asylum request from Edward J. #Snowden," tweeted Ecuador's foreign minister, Ricardo Patiño on Sunday. He told the Associated Press Monday that the Ecuadorean government has been "analyzing it with a lot of responsibility," and said its decision would factor in "freedom of expression and with the security of citizens around the world." While the United States and Ecuador have a joint extradition treaty -- first signed in 1872 -- it doesn't apply "to crimes or offenses of a political character."

U.S. officials revealed Friday that Snowden has been charged for leaking classified information. A one-page sealed criminal complaint filed by the FBI in federal court charged Snowden with theft of government property, unauthorized communication of national defense information, and willful communication of classified communications intelligence information to an unauthorized person. Each of the charges carries up to 10 years in prison. Although the complaint was filed June 14, 2013, it wasn't made public until June 21, and an accompanying affidavit still remains under seal.

As noted, by Monday evening Moscow time, Snowden's whereabouts were unknown, after he failed to show for a Cuba-bound flight. "Edward Snowden not on Aeroflot flight to Havana. But a bunch of reporters are. (Bad news for them: it's dry)," tweeted the Guardian. Why skip the Cuba-bound flight? Legal experts said that if the plane's route took it over North American airspace, U.S. authorities could have compelled it to land. Then again, it could also have been a ruse intended to throw any pursuers off Snowden's tracks.

Regardless, an unnamed Aeroflot official told Interfax that Snowden was still in the airport's transit area. "Everything has been done to allow Snowden to spend the night peacefully at the airport's capsule hotel and to fly quietly to Cuba," according to the official.

Furthermore, Snowden may eventually take a chartered plane, since WikiLeaks has offered to fly him to a destination of his choice. "The WikiLeaks legal team and I are interested in preserving Mr. Snowden's rights and protecting him as a person," Baltasar Garzon, legal director of WikiLeaks -- and also Julian Assange's attorney -- said in a statement.

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-6501
Published: 2015-03-30
The default soap.wsdl_cache_dir setting in (1) php.ini-production and (2) php.ini-development in PHP through 5.6.7 specifies the /tmp directory, which makes it easier for local users to conduct WSDL injection attacks by creating a file under /tmp with a predictable filename that is used by the get_s...

CVE-2014-9652
Published: 2015-03-30
The mconvert function in softmagic.c in file before 5.21, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not properly handle a certain string-length field during a copy of a truncated version of a Pascal string, which might allow remote atta...

CVE-2014-9653
Published: 2015-03-30
readelf.c in file before 5.22, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not consider that pread calls sometimes read only a subset of the available data, which allows remote attackers to cause a denial of service (uninitialized memory ...

CVE-2014-9705
Published: 2015-03-30
Heap-based buffer overflow in the enchant_broker_request_dict function in ext/enchant/enchant.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 allows remote attackers to execute arbitrary code via vectors that trigger creation of multiple dictionaries.

CVE-2014-9709
Published: 2015-03-30
The GetCode_ function in gd_gif_in.c in GD 2.1.1 and earlier, as used in PHP before 5.5.21 and 5.6.x before 5.6.5, allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted GIF image that is improperly handled by the gdImageCreateFromGif function.

Dark Reading Radio
Archived Dark Reading Radio
Good hackers--aka security researchers--are worried about the possible legal and professional ramifications of President Obama's new proposed crackdown on cyber criminals.