CIA dismissed Snowden four years before NSA leaks
Agency's report on suspicious behavior never reached the NSA or its contractors, according to report in the New York Times
Computerworld - Edward Snowden got a job with top-level clearance at National Security Agency contractor after he had been dismissed by a previous employer -- the CIA -- on suspicion of breaking into computers without authorized access.
Several unnamed sources told the New York Times this week that in 2009, Snowden was released from a job as a technician at the Central Intelligence Agency's Geneva office after a supervisor reported suspicious behavior.
The CIA's report on Snowden, apparently unseen by the NSA, noted changes in Snowden's personality and work habits and cited apparent attempts he made to illegally access classified computer files, the Times said.
The CIA's assessment of Snowden, and its suspicions, were not forwarded to the NSA or its contractors. The CIA supervisor's derogatory note surfaced only after federal investigators began probing Snowden's leaks of classified materials earlier this year, the Times story said.
After the CIA released Snowden in 2009, he worked for Dell as an NSA contractor in Japan, He later worked in Hawai as a Booz-Allen Hamilton NSA contract employee.
According to the Times, the CIA supervisor's report may have slipped through the cracks because the electronic systems used to manage the security clearances for full-time and contract employees at the NSA only tracked "major rule-based infractions."
Less serious complaints, such as those pertaining to personal behavior, were apparently not tracked by the system. As a result, Booz-Allen, Dell and the NSA didn't get reports, the Times noted.
The background vetting process has since been tightened, the report added. The Snowden incident has also prompted a sweeping review of the processes used by the government for vetting employees and granting them security clearances.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan, or subscribe to Jaikumar's RSS feed . His email address is firstname.lastname@example.org.
- Kicking the stool out from under the cybercrime economy
- Chinese man indicted over theft of Boeing C-17 secrets
- The making of a cybercrime market
- Arrests made after international cyber-ring targets StubHub
- International police operation disrupts Shylock banking Trojan
- Spamhaus pushes for arrests of alleged DDoS participants
- Accused Russian point-of-sale hacker arrested, will face U.S. charges
- No-IP regains control of some domains wrested by Microsoft
- Microsoft legal action cramping other hacking campaigns, Kaspersky says
- Microsoft admits technical error in IP takeover, but No-IP still down
Read more about Cybercrime and Hacking in Computerworld's Cybercrime and Hacking Topic Center.
- Transforming Information Security: Future-Proofing Processes This report provides a valuable set of recommendations from 19 of the world'd leading security officers to help organizations build security strategies for...
- The Evolution of Corporate Cyberthreats Cybercriminals are creating and deploying new threats every day that are more destructive than ever before. While you may have more people devoted...
- 3 Questions to Ask Your DNS Host about Lowering DDoS Risks Neustar has had wide-ranging conversations with clients wanting to know how they can optimize protection as DDoS attacks increase in frequency and size.
- The Danger Deepens: 2014 Neustar Annual DDoS Attacks and Impact Report This report compares DDoS findings from 2013 to 2012, based on a survey of 440 North American companies, including 139 businesses delivering technology...
- Establish Cyber Resiliency: Developing a Continuous Response Architecture Many enterprises fail to proactively prepare the battlefield for a data breach by only leveraging outdated techniques that focus on the perimeter or...
- An Incident Response Playbook: From Monitoring to Operations As cyber-attacks grow more sophisticated, many organizations are investing more into incident detection and response capabilities. In this webcast, learn how to develop... All Cybercrime and Hacking White Papers | Webcasts