The New York Times reports: American intelligence and law enforcement investigators have concluded that they may never know the entirety of what the former National Security Agency contractor Edward J. Snowden extracted from classified government computers before leaving the United States, according to senior government officials.
Investigators remain in the dark about the extent of the data breach partly because the N.S.A. facility in Hawaii where Mr. Snowden worked — unlike other N.S.A. facilities — was not equipped with up-to-date software that allows the spy agency to monitor which corners of its vast computer landscape its employees are navigating at any given time.
Six months since the investigation began, officials said Mr. Snowden had further covered his tracks by logging into classified systems using the passwords of other security agency employees, as well as by hacking firewalls installed to limit access to certain parts of the system.
“They’ve spent hundreds and hundreds of man-hours trying to reconstruct everything he has gotten, and they still don’t know all of what he took,” a senior administration official said. “I know that seems crazy, but everything with this is crazy.”
That Mr. Snowden was so expertly able to exploit blind spots in the systems of America’s most secretive spy agency illustrates how far computer security still lagged years after President Obama ordered standards tightened after the WikiLeaks revelations of 2010. [Continue reading…]