An official assessment of the damage caused by news leaks about government surveillance programs suggests that terrorist groups are changing their communication methods in response to the disclosures, according to officials at the National Security Agency.
Shortly after former NSA contractor Edward Snowden leaked top secret documents concerning the agency’s foreign surveillance operations, Keith Alexander, director of the NSA, said the disclosures had caused “irreversible and significant damage.” He ordered a thorough investigation into how the leaks occurred and what effect they would have on agency operations.
The damage assessment, which NSA officials describe as the biggest such effort ever undertaken in the U.S. intelligence community, is said to confirm Alexander’s judgment.
Among the most noticeable initial effects of the leaks, however, may simply be that they prompted NSA leaders to divert agency resources from intelligence missions to security reforms and to the investigation itself.
“We’ve devoted a lot of people to looking at the impact of what we think Snowden took, so it’s people off task,” says Richard Ledgett, the NSA official leading the leaks investigation.
Leaks May Prompt New Communication Methods
Intelligence officials say Snowden had access to a file-sharing location on the NSA’s internal website and that he was able to copy secret documents stored there in part because he was responsible for moving the documents to a more secure location. Among those documents were memoranda and reports detailing how the agency monitors telephone and email data with a foreign connection.
The biggest concern, NSA officials say, is that foreign individuals or groups targeted for surveillance may now switch to more secure communication methods.
“If there is disclosure that NSA can do this thing or that thing, then they can take action to close that vulnerability. That denies us the ability to see the foreign intelligence threat,” Ledgett says. “We’re beginning to see that.”
Assessing possible responses to the NSA disclosures, however, can be a complicated exercise. Even if terrorist groups change their means of communication, NSA surveillance programs may still serve a purpose.
“The question then becomes whether the existence of the program causes their operations to proceed more slowly, become more difficult, with less chance for real-time command and control,” Ledgett says.
When Osama bin Laden learned the NSA was monitoring his satellite telephone, for example, he switched to sending messages by courier. The messages couldn’t be intercepted, but the change meant bin Laden’s communications become slower and more cumbersome as a result.
Expediting Planned Reforms
Another effect of Snowden’s disclosures on NSA operations has been that agency leaders have chosen to expedite planned security reforms, as part of an effort to prevent future leaks. The agency has begun consolidating databases, moving them from separate repositories into large data centers where cloud analysis can be employed. The data is to be “tagged” with restrictions so that analysts not qualified or authorized to review it will not be able to access it.
“We’ve had to do things that we had planned to do over the next three or four years and move them dramatically to the left,” says the NSA’s chief information officer, Lonny Alexander. “We haven’t asked for additional resources. We’ve just said, ‘We’ve got to do this.’ So something gives, because we’re not getting additional resources. And what gives, for us, is mission.”
The NSA mission is intelligence gathering.
“We have to make sure we don’t cross a line where we’re so busy locking down the networks that we’re not defending the nation,” Alexander says. “That’s the fine line we walk.”
Such adaptations, however, are minor. The Snowden leaks and the resulting controversy have not yet prompted the NSA to rethink its whole surveillance operation.
“It hasn’t caused any major right or left turns yet in the path the organization is taking,” Ledgett says, though he notes that such changes would not be evident in the short term in any case.
To the disappointment of privacy advocates, there is little evidence that NSA leaders are reconsidering the propriety of their surveillance operations in light of all the objections raised in recent weeks.
“I haven’t seen yet any willingness to reconsider the policies themselves,” says Jameel Jaffer, director of the Center for Democracy at the American Civil Liberties Union.
“But in my view,” he continues, “that’s exactly what should be going on. The NSA should be part of this conversation about how broad government surveillance policies ought to be, and thus far all I’ve seen from the NSA is a kind of defensiveness about the programs that have been put in place.”
Jaffer notes, however, that it is ultimately up to Congress and the White House to implement changes in the NSA’s surveillance authority. On that, NSA leaders agree. “That’s a policy decision,” says Ledgett, “and we don’t make that call. We operate within policy constraints.”