Did Edward Snowden use SharePoint to leak NSA files?

The National Security Agency is still dealing with the actions of its former contractor Edward Snowden, who leaked information several weeks ago that detailed extensive data collecting activities from the spy agency. As we have reported before, Snowden's leaks claim that the NSA was able to access several of Microsoft's online services, among other tech companies.

Now the head of the NSA, General Keith Alexander, hinted that Snowden could have used Microsoft's SharePoint collaboration software to assist in moving the information he gathered for those leaks. In a Q&A this week at the Aspen Institute, General Alexander answered a question from a Washington Post reporter on how the agency could better protect itself from insider leaks.

General Alexander, while not naming Snowden directly, answered the question by saying, "This leaker was a system administrator who was trusted with moving the information to actually make sure that the right information was on the SharePoint servers that NSA Hawaii needed." He then added that the leak was " ... a huge break in trust and confidence. So there are issues we have got to fix there."

General Alexander then said that the NSA is currently talking about how much information sysadmins can have access while working at the agency. Some solutions such as locking down the server rooms, having sysadmins work in pairs, and keeping them from downloading data have been suggested. However, General Alexander pointed out, "As you may know, system administrators need removable media to do their job. That just makes our job twice as hard now."

It's interesting that the NSA works with SharePoint for at least part of their server software and a possible solution for plugging leaks might be to beef up security on those NSA SharePoint servers.

Source: Aspen Institute on YouTube via  The Register | Image via NSA

Report a problem with article
Previous Story

San Francisco's DA wants anti-theft improvements for Windows Phone

Next Story

Member Reviews: Huawei Ascend W1 - Windows Phone 8

38 Comments

Commenting is disabled on this article.

Let's just say that Snowden isn't the only guy here showing a "huge break in trust and confidence", NSA. Yes, all countries of any international significance spy on each other, but I think this scale is unprecedented. This is the first time I've heard of a government spying on their and others citizens (as opposed to on other governments) even in allied countries where they have no reason to suspect criminal activity that threatens national security. Well, yes maybe it can be assumed with communist countries like China and North Korea, and perhaps Russia too.

While Snowden may be considered to have violated trust given to him as a systems administrator, that is nothing in comparison to the trust that was given the US government by their allies.

Edited by Northgrove, Jul 21 2013, 10:30am :

If this was the first you heard of a government spying on its own citizens you must have been born yesterday. Every country spies on its citizens in one form or another. In the US they apparently spy on our phones and emails. I prefer that to the UK where they put spy cameras in the elementary school bathrooms.

Hard to believe to guy who ratted out everybody on Audiogalaxy (Michael Merhej) sold FolderShare/SharePoint to Microsoft for millions.

Wait, what does this have to do with anything?

He worked for a 3rd party contractor, they could have been using post-it notes as they were in charge of their own access rules and infrastructure.

(This is why I personally would argue against the privatization of crucial government functions. A 3rd party company should never have been allowed access.)

Well, the fact is, he was an infrastructure guy, he has deep experience in IT, so whether he was using SharePoint or some open source alternative, he would have still leaked the information. Its not about the platform, its about who has access to it. So whoever is bringing this up thinking it will spook businesses into not using SharePoint is an a%%hole. Sorry, but its not gonna make your 1% Linux OS any bigger or have IT Pros, CIOs, MIS Managers moving from the Microsoft stack.

Why? You believe things that have no evidence? It's just as likely, or more even more likely, that this is an economic propaganda war by Russian and Chinese corporations to try to scare people away from using US companies. Fake leaks are a common marketing practice these days.

I work as a SharePoint architect so thanks for sending us more work nsa
Edit: The NSA could use IRM to secure documents lal

JasonMiles said,
Works along with NSA, yes.
Its really sad how everyone is giving MS such a hard time. If you owned an OS and the Feds come to you with orders saying to give us certain information, what are you going to do?

MS and the others are trying to disclose to you what the Feds have been asking for specifically.In fact Microsoft is suing the Feds over it so they can release more info to the public. ITS THE FEDS WHO DONT WANT YOU YOU TO KNOW.

Which Is is why I am glad Snodwen blew the whistle. Se when those women at Enron who benefited from their CEO illegal activities, brought it out, they were just whistleblowers. Snowden does the same and he is automatically a criminal because his CEO was the US Government? What he should have did was leave the country first and made it to a safe place like South America or something and then leaked the info after he shared it with Prime Ministers who could guarantee him he could stay. Letting them know I have info that is well worth you saving my butt.

General Alexander's statement on System Administrators requiring removable media is entirely false these days. Anything currently done over CD/DVD/USB can be performed over the network either within the installed OS or a pre-install PXE/NetBoot environment. There is not a single thing that writable removable media is "required" for by a competent IT department with a minor amount of prepwork.

Removable read or read/write media at best can be convenient, but it has barely been “required” for anything for years. At best his statement indicates that the NSA's IT team is actually not current on technology that is years old. I think it's more likely this General made a statement that his IT department wouldn't fully agree with, and that if he thinks this is true, its internal politics.

The only situation where you may actually require removable media is a pre-production environment where no infrastructure exists yet, and in this one case, a place like the NSA should have a lab disconnected from the rest of their enterprise. (but then in this case, the building probably wouldn't even have 1 server setup yet)

Edited by ITFiend, Jul 20 2013, 11:52pm :

IT Administrators in these environments have the following constraints:

- No internet access
- Physically separated networks that have no network connectivity between them
- Multiple of the above

Does removable media still sound useless to you?

Useless? No. Required? Ok, yes, but only in two specific cases:

1. Bring new data into the secure environment.
2. Export authorized data to an insecure environment.

That's it. IT does not require removable media beyond that, especially not for day to day tasks. USB media is only convenient in that case, it is absolutely not required. For me, I find that USB media ceases to be convenient once DHCP/PXE/NetBoot are up and running. I expect folks in the CIA are capable of performing better than I do.

So, frankly, the CIA should entirely ban the internal use of writable removable media on their internal network for day to day work, and only allow specific monitored rooms and devices be used for export/import, where a storage/mobile/pc device cannot even leave the room without being first plugged in to a system that inventories, hashes, and maybe even clones the device for review.

Edited by ITFiend, Jul 28 2013, 1:52am :

Oh, and when I say internal network, I mean their internal secure network, not their internal insecure network.

Also, folks supporting internal servers should never need physical media, as all of their server hardware should support virtual media through a console (Apple hardware being the exception, which will require NetBoot). PXE/NetBoot is generally only required to support the end-user desktops either for troubleshooting or reimaging.

The only real case where PXE is required to support the server infrastructure is if they are all using BitLocker Network Unlock as a second key release factor to the servers onboard TPM.

Edited by ITFiend, Jul 28 2013, 2:00am :

wingliston said,
Year of the linux desktop!

No, it's the year of Microsoft handling over your personal data to NSA.

If Linux had better adoption rate you would probably not have that problem.

JasonMiles said,

No, it's the year of Microsoft handling over your personal data to NSA.

If Linux had better adoption rate you would probably not have that problem.

Skype and Hotmail work on Linux too....DURRRR

vcfan said,

Skype and Hotmail work on Linux too....DURRRR

It's not just the content of your Skype and Hotmail that Microsoft allows the NSA to access. It's a bit more serious than that, it's the content of your Windows PC itself. Don't take my word for it, go read the recent news.

And no, it's not the same across every OS, Linux is not included.

JasonMiles said,
It's not just the content of your Skype and Hotmail that Microsoft allows the NSA to access. It's a bit more serious than that, it's the content of your Windows PC itself. Don't take my word for it, go read the recent news.

And no, it's not the same across every OS, Linux is not included.

oh god. I seriously hope this is a sad attempt at trolling,and youre not actually serious. im crossing my fingers.

vcfan said,

oh god. I seriously hope this is a sad attempt at trolling,and youre not actually serious. im crossing my fingers.

Seriously, go read the news about the SNOWDEN'S LEAK before you make any attempt at making a comment.

ill tell you what, go download a network packet sniffer,like wireshark that lets you log all network packets going in and out of your PC, and when you catch m$ downloading your porn collection,come back and post the logs mmmkay?

vcfan said,
ill tell you what, go download a network packet sniffer,like wireshark that lets you log all network packets going in and out of your PC, and when you catch m$ downloading your porn collection,come back and post the logs mmmkay?
Silly you. It's all over the news, no point in denying it.
Oh and: http://en.wikipedia.org/wiki/Encryption

JasonMiles said,
Silly you. It's all over the news, no point in denying it.
Oh and: http://en.wikipedia.org/wiki/Encryption

http://en.wikipedia.org/wiki/WinDbg

encryption? are you serious? a first year computer science major will be able to use a debugger and decrypt this encrypted data in no time. you do know that every instruction executed on a PC can be viewed freely. it doesnt matter if something is encrypted, at some point its in the clear,and it is viewable before it goes out on the network.

and show me who is saying this. youre saying its everywhere. and no,im not talking about a soccer mom writing this on her blog either.

JasonMiles said,

No, it's the year of Microsoft handling over your personal data to NSA.

If Linux had better adoption rate you would probably not have that problem.

False!!!! I know it, and you know it. It has nothing to do with what OS is being used. If the same events of 9/11 happened and Linux was top dog, the NSA would be doing the same thing. Stop trying to pretend it has anything to do with Windows.

Yes, let's blame terrorism for a Big Brother society where you have no privacy anymore, starting at your own computer OS. Not to mention the industrial spying and other shady businesses coming from this.
The move is already taking place after the latest whistle blowing, which was only a confirmation of what most already knew. No Microsoft PR can stop it anymore.

Still waiting for you to provide me with the stories about the PC spying made up stuff. Looks like you're dodging it now that you were called out on fabricating things.

vcfan said,
Still waiting for you to provide me with the stories about the PC spying made up stuff. Looks like you're dodging it now that you were called out on fabricating things.
Me (TechieXP) or JasonMiles?. Bec I don't recall saying PC spying was made up stuff.

TechieXP said,
Me (TechieXP) or JasonMiles?. Bec I don't recall saying PC spying was made up stuff.

no not you. read a few posts up. he claimed nsa has access to windows pcs,and that this news is everywhere. im saying hes making stuff up.

vcfan said,

no not you. read a few posts up. he claimed nsa has access to windows pcs,and that this news is everywhere. im saying hes making stuff up.

Gotcha. I did try to read up a few, I was just making sure :-)