CIA dismissed Snowden four years before NSA leaks
Agency's report on suspicious behavior never reached the NSA or its contractors, according to report in the New York Times
Computerworld - Edward Snowden got a job with top-level clearance at National Security Agency contractor after he had been dismissed by a previous employer -- the CIA -- on suspicion of breaking into computers without authorized access.
Several unnamed sources told the New York Times this week that in 2009, Snowden was released from a job as a technician at the Central Intelligence Agency's Geneva office after a supervisor reported suspicious behavior.
The CIA's report on Snowden, apparently unseen by the NSA, noted changes in Snowden's personality and work habits and cited apparent attempts he made to illegally access classified computer files, the Times said.
The CIA's assessment of Snowden, and its suspicions, were not forwarded to the NSA or its contractors. The CIA supervisor's derogatory note surfaced only after federal investigators began probing Snowden's leaks of classified materials earlier this year, the Times story said.
After the CIA released Snowden in 2009, he worked for Dell as an NSA contractor in Japan, He later worked in Hawai as a Booz-Allen Hamilton NSA contract employee.
According to the Times, the CIA supervisor's report may have slipped through the cracks because the electronic systems used to manage the security clearances for full-time and contract employees at the NSA only tracked "major rule-based infractions."
Less serious complaints, such as those pertaining to personal behavior, were apparently not tracked by the system. As a result, Booz-Allen, Dell and the NSA didn't get reports, the Times noted.
The background vetting process has since been tightened, the report added. The Snowden incident has also prompted a sweeping review of the processes used by the government for vetting employees and granting them security clearances.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan, or subscribe to Jaikumar's RSS feed . His email address is email@example.com.
- Arrests made after international cyber-ring targets StubHub
- International police operation disrupts Shylock banking Trojan
- Spamhaus pushes for arrests of alleged DDoS participants
- Accused Russian point-of-sale hacker arrested, will face U.S. charges
- No-IP regains control of some domains wrested by Microsoft
- Microsoft legal action cramping other hacking campaigns, Kaspersky says
- Microsoft admits technical error in IP takeover, but No-IP still down
- QuickPoll: Why hasn't Windows XP come under attack from hackers?
- Cybercrime losses top $400 billion worldwide
- U.S., foreign agents disrupt Gamover Zeus botnet
Read more about Cybercrime and Hacking in Computerworld's Cybercrime and Hacking Topic Center.
- Using Cyber Insurance and Cybercrime Data to Limit Your Business Risk This paper examines the challenges of understanding cyber risks, the importance of having the right cyber risk intelligence, and how to use this...
- 5 Tips to Secure Small Business Backdoors in the Enterprise Supply Chain This paper examines the insecurity of the small businesses in the supply chain and offers tips to close those backdoors into the enterprise.
- Comprehensive Advanced Threat Defense The hot topic in the information security industry these days is "Advanced Threat Defense" (ATD). This paper describes a comprehensive, network-based approach to...
- Advanced Threat Defense: A Comprehensive Approach In this interview, Peter George, president, General Dynamics Fidelis Cybersecurity Solutions, explains why we need more than anti-malware, and what constitutes a comprehensive...
- Live Webcast Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- NSS Labs & Cisco Present: Evaluating Leading Breach Detection Systems Today's constantly evolving advanced malware and APTs can evade point-in-time defenses to penetrate networks. Security professionals must evolve their strategy in lockstep to... All Cybercrime and Hacking White Papers | Webcasts