The Only People The NSA Can't Spy On Is Its Own Employees

from the irony-or-just-incredibly-ugly? dept

Tue, Oct 29th 2013 10:27am — Tim Cushing

The NSA is everywhere, hauling in everything. Recent leaks point out how the agency is collecting data on millions of phone calls across Europe, along with snagging SMS messages, email and internet traffic. This is on top of everything it's doing in the US with its many programs, which cover everything from phone metadata to a large percentage of internet traffic (once streaming services like YouTube and Netflix are removed from the equation).

But for all its spying power and prowess, the NSA still can't manage to keep an eye on its own backyard. A number of factors contributed to Snowden heading east with thousands of sensitive files, not the least of which was a complete lack of internal controls. The NSA honestly seems to have no idea what most of its contractors are doing. Rather than institute any more internal controls (or ones that work), the agency is leaning towards simply laying off 90% of its contractors. That may mitigate potential problems, but it stills leaves its internal systems exposed to "insider threats."

It seems that nothing goes unnoticed by its external "eyes," but those focused inward are limited in number and in vision. As was pointed out earlier, the NSA may be able to haul in millions of emails and sift through them for "relevant" information, but when asked to search its own internal email system, it draws a blank.

Additionally, as Mike covered last Friday, attempts at installing software for detecting internal threats have been thwarted by a vague "lack of bandwidth." This software, made by Raytheon, still isn't in place despite being ordered into use in 2010, shortly after Manning's leaks to Wikileaks surfaced. This lack of threat detection software made it much easier for Snowden to gather what he did -- an event the NSA had no contingency plan in place to deal with, much less head off.

As Mike said, it's unclear what this "lack of bandwidth" phrase is referring to. It could mean the software demands too many network resources to do its job. Or it could mean there aren't enough manhours to devote to installing and implementing the software. It could also simply mean the agency would rather not install the software and has come up with a plausible reason why it "can't."

Mark Hosenball, writing for Reuters, indicates it's a network issue.

Officials responsible for tightening data security say insider threat-detection software, which logs events such as unusually large downloads of material or attempts at unauthorized access, is expensive to adopt.

It also takes up considerable computing and communications bandwidth, degrading the performance of systems on which it is installed, they said.

By not installing this software (something the Dept. of Defense itself hasn't done yet), the NSA is in risk of violating the law governing insider threat detection. According to Hosenball, this software requirement was written into law in 2011, and agencies affected had until the end of October 2013 to have it in place. Obviously, the NSA won't be meeting this dealine. It has until October 2014 to have it both in place and fully operational, but it may have trouble even hitting that extended deadline.

One official said intelligence agencies had already asked Congress to extend the deadline beyond October 2014 but that legislators had so far refused.

Installing new software that plays nice with existing government software can be a lengthy nightmare, but this difficulty is hardly the only factor affecting its incredibly slow adoption. As Marcy Wheeler points out, the agency may not want to make the bandwidth tradeoff needed to deploy this threat detection software.

If the Intelligence Committees were unable to get the IC to take this mandate seriously after the Chelsea Manning leaks, I don’t see any reason they’ll show more focus on doing so after Edward Snowden. They seem either unable to back off their spying bandwidth draw far enough to implement the security to avoid another giant leak, or unwilling to subject their workers (or themselves?) to this kind of scrutiny.

If any combination of the above is true, it makes truly disturbing statement about the agency's mentality. For one, the NSA has resisted any sort of meaningful oversight. It may have no desire to subject its internal employees to additional scrutiny -- even if it means more "damaging" leaks -- simply because it would rather not generate any evidence of wrongdoing that could be used to threaten its ongoing programs.

It's also disturbing that the agency would seemingly make the tradeoff of internal security for uninterrupted and unimpaired collection activity. The agency and its supporters constantly claim there's a "balance" between security and liberty that must be considered. But its failure to implement a program that looks for potential leakers compromises the agency's security (and, consequently, the nation's, if its supporters are to be believed) in order to harvest even more data -- collections that haven't conclusively shown they're keeping the nation safer. The agency would rather deal with embarrassing leaks (or worse, the sale of information to enemy nations) rather than curtail its collection programs or subject its own staff to the same level of scrutiny the rest of the nation experiences.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: insider threats, leak prevention, nsa, nsa surveillance

22 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

Ninja (profile), 29 Oct 2013 @ 10:33am

As Mike said, it's unclear what this "lack of bandwidth" phrase is referring to.

I think this is one case where the regular dictionary applies. They are busy downloading the entire internet activity. I suppose it's an insane amount of data. And penis enlargement spam.
[ link to this | view in thread ]
DannyB (profile), 29 Oct 2013 @ 10:33am

Striking a balance
> The agency and its supporters constantly claim there's a
> "balance" between security and liberty that must be considered.

Just like there is a balance between truth and lies that must be considered.

A balance between right and wrong that must be considered.

When a cop pulls you over just tell them that there is a balance between legal and illegal that must be considered.

Some people say the sun rises in the East. Others say it rises in the West. But there is a balance between East and West that must be considered.
[ link to this | view in thread ]
Anonymous Coward, 29 Oct 2013 @ 10:38am

Re: Striking a balance
Gray Falsity, dude.
[ link to this | view in thread ]
Anonymous Coward, 29 Oct 2013 @ 10:42am

Re: Striking a balance
Actually, in this case, there is a balance. One that shouts, "Screw you, bitch!" to the public instead of, y'know, engaging them in rational discourse.

Bin laden was right when he said that America would destroy itself after 9/11.
[ link to this | view in thread ]
Anonymous Coward, 29 Oct 2013 @ 10:46am

NSA has cut security corners in order to concentrate all resources on "collecting it all".

The only thing an audit system would do is get in the way of the "collect it all" mentality.
[ link to this | view in thread ]
Anonymous Coward, 29 Oct 2013 @ 10:47am

Officials responsible for tightening data security say insider threat-detection software, which logs events such as unusually large downloads of material or attempts at unauthorized access, is expensive to adopt.

I do believe the system will identify 100% of employees as a threat considering they are downloading millions of phone records a day and as far as my personal data is concerned, you can speak for you, it is unauthorized access.
[ link to this | view in thread ]
Anonymous Coward, 29 Oct 2013 @ 10:49am

Since he left Hawaii to fly to Hong Kong. Technically he headed west. I know he went to THE far east, still he headed west.

Just sayin'
[ link to this | view in thread ]
Nigel (profile), 29 Oct 2013 @ 10:59am

watch live
http://www.nbcnews.com/video/nbcnews.com/53404133/ if that doesn't work check the top here http://www.nbcnews.com/

feck sake. I have not made it through a minute of this and its unmitigated bullshit coming out of Alexanders mouth.

Nigel
[ link to this | view in thread ]
John Fenderson (profile), 29 Oct 2013 @ 10:59am

Re: Re: Striking a balance
His point is on target. The issue is that they're trying to set up "security" and "liberty" as if they're opposites -- but they're not. Sacrificing liberty may increase security with regards to a specific threat such as certain terrorists, but it reduces security with regards to other threats such as governmental.
[ link to this | view in thread ]
Chris Rhodes (profile), 29 Oct 2013 @ 11:34am

Don't Knock It
I, for one, am completely grateful that the US government is lazy, incompetent, and inefficient. If it weren't, we'd all be in really deep shit.
[ link to this | view in thread ]
Anonymous Coward, 29 Oct 2013 @ 11:44am

Peter O'Donnell said it years ago.
"Security agencies are always too busy watching other people to pay attention to their own security. When was the last time you changed the locks?"
[ link to this | view in thread ]
Dirkmaster (profile), 29 Oct 2013 @ 12:01pm

Re:
Which would explain why there are such big dicks! /moan
[ link to this | view in thread ]
Jasmine Charter, 29 Oct 2013 @ 12:10pm

Hey NSA...
Hey NSA,

I know a few open source solutions that would work for you!

Oh wait... why use free open source solutions when you can spend millions and millions of dollars on software that works half as well.
[ link to this | view in thread ]
beltorak (profile), 29 Oct 2013 @ 12:16pm

It also takes up considerable computing and communications bandwidth, degrading the performance of systems on which it is installed, they said.

Yeah, spyware is like that.
[ link to this | view in thread ]
jupiterkansas (profile), 29 Oct 2013 @ 12:26pm

Why spy inside the NSA? That's not where the bad guys are.
[ link to this | view in thread ]
Anonymous Coward, 29 Oct 2013 @ 12:32pm

Re: Hey NSA...
If they want funding they need something to pork up their budgets. 10 % on top of 100 billions is more than 10 % on top of 10 billions!
[ link to this | view in thread ]
Anonymous Coward, 29 Oct 2013 @ 12:37pm

Dropping 90% of the sysadmins is not smart. I gather that it's more important to stop public leakage of what they are doing than to stop hackers from discovering it.

I wonder what they are going to do when they find their whole network compromised by worms and malware specifically designed to penetrate their security? We know they won't be calling on their sysadmins to fix it all. There won't be enough to handle it all.
[ link to this | view in thread ]
Papafox, 29 Oct 2013 @ 1:29pm

Lack of bandwidth
If the NSA system works the same way as the audit systems at some banks, all privileged operations by sysadmins are recorded by the terminal server. By recorded, I mean just that - the system generates an AVI file.

So probably 'lack of bandwidth' suggests that the volume generated AVI files is such that shipping 24-hours of data back to a central server may well take more than 24 hours.
[ link to this | view in thread ]
tqk (profile), 29 Oct 2013 @ 2:36pm

Re:
Why spy inside the NSA? That's not where the bad guys are.

They're still insisting Snowden's a "bad guy", so to them, that is where they are.

Rampant paranoia plus a fortress mentality ... Reminds of McCarthyism.
[ link to this | view in thread ]
Anonymous Coward, 29 Oct 2013 @ 3:39pm

Dramatic Irony
NSA employees resistant to electronic eavesdropping of their every action? Who could have predicted that?
[ link to this | view in thread ]
fjpoblam, 29 Oct 2013 @ 3:41pm

Too costly to install internal controls
Any software the NSA might install to ensure strict internal monitoring, security, and control, would itself have to be placed under careful scrutiny to ensure its own reliability and the absence of internal malware and hooks. And on, and on. Endless reports and meetings. By the end of the scrutiny, the software would likely be obsolete. Tail wags dog.
[ link to this | view in thread ]
me, 30 Oct 2013 @ 4:46am

can spy on their own, Snowden leak....
hmm..... need this really be explained?
[ link to this | view in thread ]