National Security Agency pursues automation to limit insider threats in wake of Snowden incident. Some experts doubt that's the answer.

Thomas Claburn, Editor at Large, Enterprise Mobility

August 9, 2013

3 Min Read

The Syrian Electronic Army: 9 Things We Know

The Syrian Electronic Army: 9 Things We Know


(click image for larger view)
The Syrian Electronic Army: 9 Things We Know

In an effort to reduce the risk of unauthorized leaks, the National Security Agency plans to eliminate most of its system administrator positions.

Reuters on Friday reported that Keith Alexander, director of the NSA, speaking in a panel discussion at the ICCS 2013 security conference in New York, said that the agency "is reducing our system administrators by about 90%" and that employing technology in place of people will make the agency's data and network more secure.

The NSA did not immediately respond to a request to confirm the report and to clarify whether affected system administrators are being laid off or assigned different responsibilities. According to Reuters, the NSA employs about 1,000 system administrators.

[ Are government info demands driving some companies to close? Read Lavabit, Silent Circle Shut Down: Crypto In Spotlight. ]

The efficacy of the move was immediately questioned. "NSA to turn 90% of its system administrators into disgruntled former employees," quipped Wired investigations editor Kevin Poulsen via Twitter. "That will surely end leaks."

The NSA's purge of system administrators follows a series of unauthorized disclosures by a former IT contractor, Edward Snowden, that sparked unprecedented political debate in the U.S. and abroad about the scope and legality of U.S. surveillance powers and adequacy of oversight mechanisms.

Alan Kessler, CEO of Vormetric, a data security company, doesn't see a headcount reduction as the optimal way of dealing with insider threats. "It's not the quantity of system admins," he said in a phone interview. "It's what they can do, because it only takes one." He suggests it is better to prevent systems administrators from being able to access sensitive data. "You need to give them just enough information to do their jobs," he said.

Kessler also pointed out that insider threats are not always deliberate, noting that phishing emails to employees can turn oblivious insiders into the source of a breach.

U.S. authorities are seeking to arrest Snowden, who has been granted temporary asylum in Russia. They refuse to consider him a whistleblower, someone who sought to expose illegal activity for the benefit of the public, insisting the NSA's surveillance is lawful.

On Friday, The Guardian, the U.K. news organization through which much of Snowden's leaks have been presented to the public, revealed still more details about NSA surveillance. The paper reported that an undisclosed rule change gives the NSA legal cover to search through the email and phone calls of U.S. citizens without a warrant, a claim that calls into question assurances by government officials that the communications of U.S. citizens are not being deliberately collected.

The NSA is not alone in re-evaluating its ability to prevent insiders from exposing its secrets. Still smarting from Army Pfc. Bradley Manning's unauthorized disclosure of classified information to Wikileaks, the Army last month established an Insider Threat Program, in response to a 2012 White House directive.

Just how useful this hunt for potential leakers will be remains to be seen. The kinds of behavior military and intelligence agencies will be using to flag potential threats appears to be broad enough that false positives might be a problem. As noted by Steven Aftergood, who tracks government secrecy at the Federation of American Scientists' Secrecy Blog, Defense Information Systems Agency training materials suggest that an employee who "speaks openly of unhappiness with U.S. foreign policy" might merit watching.

About the Author(s)

Thomas Claburn

Editor at Large, Enterprise Mobility

Thomas Claburn has been writing about business and technology since 1996, for publications such as New Architect, PC Computing, InformationWeek, Salon, Wired, and Ziff Davis Smart Business. Before that, he worked in film and television, having earned a not particularly useful master's degree in film production. He wrote the original treatment for 3DO's Killing Time, a short story that appeared in On Spec, and the screenplay for an independent film called The Hanged Man, which he would later direct. He's the author of a science fiction novel, Reflecting Fires, and a sadly neglected blog, Lot 49. His iPhone game, Blocfall, is available through the iTunes App Store. His wife is a talented jazz singer; he does not sing, which is for the best.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights