WASHINGTON — Several years after contractor Edward Snowden abruptly left the U.S. in 2013 with a trove of highly classified secrets, the National Security Agency and its counterparts in the U.S. intelligence community continue to struggle under the crushing impact of his actions.
“It should be pretty obvious to everyone that what Snowden did was a jolt to our system. Not only did he endanger what we’ve spent years developing, but he endangered the lives of the people we try to protect,” NSA Deputy Director George C. Barnes told WTOP in an exclusive interview.
Although Snowden revealed specific sources and methods, which may now be obsolete, the principal damage is that he provided global insight into the NSA’s thought process, Barnes said. More egregiously, Barnes added, Snowden made the agency’s secrets the stuff of dangerous global gossip.
“The things he did have now become more commonplace in international dialogue; things that were never discussed in the past seem to be routine now. So, it heightens awareness, not just of those that he directed his activities toward, but for the global populace,” Barnes said.
The enemy makes adjustments
After Snowden’s leaks, U.S. adversaries and enemies alike have made clever changes that turned what was already an uphill battle for the intelligence community against sometimes treacherous, partially exposed targets, into a fight against those same targets that now know how to hide completely from the NSA.
In February 2016, then-NSA Deputy Director Rick Ledgett told WTOP how the agency became aware of the situation.
“We track, through our intelligence sources, legitimate foreign intelligence targets of the United States who are saying to each other, ‘I’ve seen this stuff published about what NSA does, and I’m concerned about it because now I’m vulnerable,’” Ledgett said.
Because U.S. adversaries and enemies now know about the NSA’s highly evolved methods of tracking, listening and using modern tools such as algorithms to search though communications, many of them have simply slipped off the grid.
“They have said, ‘I need to change the way that I communicate in order to avoid being detected by the NSA.’ And a lot of them have actually done that. And that includes at least one terrorist group that was actively engaged in operational plans directed against the United States,” Ledgett said.
Barnes, saying he was not aware which terrorist group Ledgett was referring to, concluded the group’s members, after learning how they were being pursued, likely initiated efforts to cover their tracks.
U.S. intelligence officials, including former FBI Director James Comey, confirmed U.S. adversaries’ tool kit included publicly available, encrypted instant messaging applications.
“Nefarious actors — terrorists being a primary, but not the only example — try to be fluid in their use of applications. Most actors don’t just use one application to communicate; they use multiples,” Barnes said.
In early 2016, Joshua Skule, now FBI assistant director in charge of intelligence, told WTOP that encryption had created a sanctuary for bad actors that even a warrant would not solve. “Despite the fact that we abide by the legal process and we go to get a warrant to intercept, we still would not be able to see the communications going on between two bad guys, two terrorists, two spies.”
“We’re missing pieces to that puzzle only because we don’t have the capability to see it,” because, he added, “companies have created the ability for two people to communicate, and only two people.”
Brig Barker, a former FBI supervisory special agent until 2016 who led a counterterrorism team and worked as an interrogator in the Middle East and Africa, told WTOP that Snowden’s leaks dealt a “crushing blow” to authorities trying to track terrorists.
“Terrorists have created an impenetrable chamber or an unreachable island where they can conduct their communications on attack planning, network building, surveillance and new tactics that cannot be penetrated by counterterrorism authorities at this point,” Barker said.
Hardened terrorists, hackers, spies and others with long intelligence dossiers have begun engaging on the same simple communications apps that ordinary people use.
Barker said, “They use mobile applications like WhatsApp, which employs 256-bit encryption that cannot be penetrated and cannot be monitored at this point. They can send photos. They can communicate by phone or text or whatever, and we don’t have access to that communication.”
In addition to only using apps with ironclad security, U.S. intelligence targets, especially terrorists, have gone beyond the open internet.
“Terrorists, like those involved with ISIS, meet and recruit individuals in an open forum like Twitter, and then, they’ll immediately drop down to the dark web where the critical planning and communications take place,” Barker said.
That poses a difficult problem for the NSA, which tentatively has to contend with blind spots.
“We have to identify, find and follow bad entities across the continuum of different applications,” Barnes said.
Considering today’s sophisticated mobile communications devices, he said, “The sky’s the limit as far as the number of apps that are out there. Our job is much more complicated because we have to identify and piece together fragments of information, across multiple applications, to try to thread together one theme, one intent and one communication.”
Working to regain its edge
Snowden’s gifts to U.S. adversaries, however, have a shelf life.
“All advantage in electronic surveillance, all advantage and signals intelligence, is transient. You never have permanent capture of a target,” former NSA Director Michael Hayden told WTOP.
“The catastrophe in this case,” said Hayden, “is that you lost so many targets in such a compressed period of time. You lose targets, but you generally lose them over time.”
Hayden said what the NSA has to do is “to continue the hunt, which it always does. It will recover, but it will take years and lots of money, but in the meantime, valuable intelligence will be lost.”
Barnes is confident the NSA will eventually regain its undisputed superiority in the intelligence world.
“I think it will. Timing was not always on our side. We had the losses from Edward Snowden at a time when we were realizing, as a nation, that we were extremely fragile from a cybersecurity standpoint.”
To address its own losses and fragility at the time, the agency instituted the NSA 21 program, which, according to its website, “will position the agency to meet tomorrow’s challenges by staying ahead of threats while effectively leveraging our current missions — thwarting terrorists, protecting the warfighter, enhancing cybersecurity, protecting national security systems and strategic weapons — which are all critical elements in keeping our nation safe.”
The program comprises four key elements: people, integration, innovation and a new mission model.
NSA 21 is working, said Barnes, but “it was a big change, and so, it takes a while for it to be changed, to settle in. The last time we had a change in structure of that magnitude was in 2001, and it took really two to three years for everything to settle into the new structure.”
A hallmark of the change is the fusion of operational personnel that work two different mission authorities: foreign intelligence and information assurance.
“When we’re looking at cybersecurity,” said Barnes, “we need both sides to influence and inform each other so that we’re stronger. The intelligence side informs the defensive side as to what other nation and non-nation states’ cyberactors are doing, hopefully in advance of when they actually apply their techniques against us.”
Clearheaded about the challenges that lay ahead, Barnes acknowledges the NSA and the entire intelligence community, by default, suffered a serious setback and believes recognition is the first step to addressing it.
“We had to dynamically respond. It was inconvenient, and it made it even harder because the workforce was dealing with losses and structural adjustments. But we dove in and did it, and we’re working through it.”