Snowden used USB flash drive to breach NSA's security

Tools

Whistle-blower Edward Snowden used a portable USB flash drive to get information from the National Security Agency when he worked there. This was reported by the Los Angeles Times, who cited an official privy to the ongoing investigation and speaking on the condition of anonymity. Apparently, investigators now "know how many documents he downloaded and what server he took them from."

Currently believed to be hiding in Hong Kong, Snowden exposed the top-secret PRISM program earlier this month, which he says made use of invasive digital snooping tactics and data from nine U.S. Internet companies. In addition, Snowden also claimed that the U.S. has been hacking Chinese civilians in Hong Kong and China for years.

The NSA apparently banned flash drives and other portable storage devices to classified computers in October 2008 after the discovery of malicious software on a classified network. As to why Snowden had access to a flash drive, a former NSA official offered insight. "There are people who need to use a thumb drive and they have special permission. But when you use one, people always look at you funny."

That Snowden succeeded in such an environment of secrecy underscores the security challenge facing conventional enterprise IT departments. Even as the ongoing debacle is sure to put pressure on enterprise security, it also represents an excellent opportunity for security-conscious organizations to reevaluate their existing security posture and implementation.

For more:
- check out this article at Los Angeles Times
- check out this article at InformationWeek

Related Articles: 
Intelligence agency secretly mining data from 9 US Internet companies
US hacking Chinese civilians for years, says Snowden
Latest Snowden claim puts pressure on enterprise security