dcsimg

Breaching the NSA: Is Your Enterprise Next?

  • Breaching the NSA: Is Your Enterprise Next?-

    Just like any government contractor, Edward Snowden was issued a CAC smart card with digital certificates and keys. As an administrator, he was also issued SSH keys for systems he was required to administer. This allowed Snowden to have valid access to some data and understand what else was out there.

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13

Breaching the NSA: Is Your Enterprise Next?

  • 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13
  • Breaching the NSA: Is Your Enterprise Next?-3

    Just like any government contractor, Edward Snowden was issued a CAC smart card with digital certificates and keys. As an administrator, he was also issued SSH keys for systems he was required to administer. This allowed Snowden to have valid access to some data and understand what else was out there.

Venafi, a leading cyber security company in next-generation trust protection, recently announced the results of in-depth research by its Threat Center team into how Edward Snowden successfully breached the National Security Agency (NSA). After months of review, analysis and peer feedback, this research reveals that the contract worker leveraged valid credentials as a low-level system administrator to fabricate cryptographic keys and digital certificates, which he then used to access and steal classified information and U.S. intellectual property. The NSA's inability to detect or respond to anomalous key and certificate activity on its network allowed him to infiltrate systems and exfiltrate data without being detected.