Quantcast

US official: New anti-leak measures set at NSA

Published July 18, 2013 12:25 pm

This is an archived article that was published on sltrib.com in 2013, and information in the article may be outdated. It is provided only for personal research purposes and may not be reprinted.

Aspen, Colo. • The National Security Agency is implementing new security measures because of the disclosures by former NSA-systems-analyst-turned-fugitive Edward Snowden, a top defense official said Thursday.

Deputy Defense Secretary Ashton Carter said systems administrators like Snowden must now work with a colleague when accessing sensitive, compartmented intelligence — the kind Snowden leaked to the media. The information revealed that the agency was gathering millions of U.S. phone records and intercepting some U.S. Internet traffic.

"This was a failure to defend our own networks," Carter said.

"In an effort for those in the intelligence community to be able to share with each other, there was an enormous amount of information concentrated in once place. That's a mistake," he told attendees at the Aspen Security Forum in Colorado. "The loading of everything onto a server creates a risk."

NSA chief, Gen. Keith Alexander, has explained that Snowden accessed much of the information on a single internal site designed to share information.

Carter said they are working to limit that access, as well as implementing a "two-man rule" everywhere systems administrators have "elevated" clearance access to sensitive information.

He said they are also looking at how to better monitor individuals with access to that kind of information and suggested the Pentagon might monitor intelligence workers just as it monitors staff at nuclear installations.

"When it comes to nuclear weapons, you watch people's behavior in a special way. We don't let people all by themselves do anything," he said. "There is always some aberrant individual and you've got to recognize that."

Meanwhile, Carter said the Pentagon is also close to launching a 4,000-person cybersquad of both offensive and defensive teams. He said the teams will both protect Defense Department systems and launch cyberattacks against enemy networks.