Snowden Used Basic Web Scraping Tools In NSA Breach

Edward Snowden, the man behind the explosive leaks on mass surveillance carried out by the National Security Agency and GCHQ, used widely-available web crawlers to grab the data he needed from the US intelligence body.

The reports have caused concern over the NSA’s abilities to prevent insider attacks, as the simple software used should have triggered security warnings.

Whilst working as an NSA contractor for Booz Allen Hamilton in Hawaii, it’s believed he used the crawlers, which usually carry out legitimate searching and indexing of websites, as he went about his day job, according to a senior intelligence official speaking with the New York Times.

Snowden’s insider attack

“We do not believe this was an individual sitting at a machine and downloading this much material in sequence,” the source said.

The insider attack should have been easily detected, especially given Chelsea Manning (then known as Bradley Manning) had made off with US government data three years earlier before she handed it over to WikiLeaks. Manning was said to have used similarly automated techniques to acquire files.

Snowden, who used the scraping technique to make off with 1.7 million files, likely benefitted from working at a contractor rather than inside the NSA headquarters at Fort Meade, where better security controls were in place.

He was questioned a number of times about his activities, but explained them away by saying it was simply part of his job as a systems administrator to do network maintenance.

In a new book called “The Snowden Files”, by Guardian correspondent Luke Harding, the author claims Snowden actively sought a job at Booz Allen, as it granted him more security privileges than his previous employer, Dell.

Snowden, in a statement delivered through his lawyer at the American Civil Liberties Union, said: “It’s ironic that officials are giving classified information to journalists in an effort to discredit me for giving classified information to journalists. The difference is that I did so to inform the public about the government’s actions, and they’re doing so to misinform the public about mine.”

It was previously reported Snowden was able to gain access to various parts of the NSA network after he convinced colleagues to hand over passwords.

Been keeping up with all the latest on Snowden and the NSA? Try our quiz!