Lawmaker: Snowden may have had help with leaks

Snowden's access to NSA data raises questions, the chairman of the U.S. House Intelligence Committee says

Edward Snowden may not have acted alone, and may have had outside assistance, when he leaked information about the U.S. National Security Agency's data collection and surveillance programs earlier this year.

Snowden's access to information he shouldn't have known existed raises questions about whether he had help in collecting information about NSA programs, Representative Mike Rogers, a Michigan Republican and chairman of House Intelligence Committee, said Thursday.

Rogers didn't say directly whether he suspects Snowden, a former NSA contractor, had help from inside or outside the agency. Newspaper columnist David Ignatius, moderating a Washington Post Live panel on cybersecurity, asked Rogers if he was saying there was "evidence that Snowden had help from another government."

"I didn't say 'evidence' or 'government,' but that was pretty good," Rogers answered. "As someone who gets to see all of it, it raises concerns that there may have been help in ... his search queries and in some of the security measures he circumvented."

Rogers said he's not surprised other governments are "fanning the flames" of controversy over the NSA programs, even though most other nations have their own unchecked intelligence-gathering services. "This may be the most brilliant espionage operation conducted against the United States in the history of the world," he said. "This is a very dangerous time for us."

Snowden's access to information raises a lot of questions, Rogers said.

"When you look at some of the things he did that may have been a little bit beyond his capabilities, when you look at the kinds of information he queried and the way he queried it on his smash-and-grab and run out the door to the bastions of Internet freedom, China and Russia, there's some things in there that don't quite add up just yet," Rogers said. "We're a little concerned there may have been more to this story than meets the eye."

Snowden, granted political asylum in Russia, is now "in the loving arms" of a Russian intelligence agent, Rogers said.

General Michael Hayden, former director of the NSA and the CIA, suggested there was another explanation for Snowden's access. It appears Snowden was engaged in a "sustained, long-term campaign" to take information from the NSA, with the contractor moving from job to job to gain more access, Hayden said.

Snowden wasn't "suddenly offended by something he came across," Hayden said. Snowden was responsible for pulling data to share among intelligence officers, and the information-sharing culture in U.S. intelligence agencies following the 9/11 terrorist attacks on the U.S. made it easier for someone like Snowden to see more data, he said.

That explanation "isn't inconsistent" with Rogers' concerns about Snowden having help, Hayden added.

Both Rogers and Hayden said Snowden's leaks create serious national security problems for the U.S. There's evidence that the leaks have prompted terrorist organizations to shift their communication strategies to avoid surveillance, Rogers said.

The leaks will lead to a lack of trust in the U.S. government's ability to keep secrets, Hayden added. "Why would anyone, domestic or foreign, be willing to have confidence in the United States to undertake anything that requires any kind of discretion ... in order to go do things that are lawful, appropriate, effective, but edgy?" he said.

Hayden, responding to recent criticisms of the NSA's dual role of surveillance and cybersecurity, defended the agency. The NSA exploits vulnerabilities in communications but determines when there are vulnerabilities that "nobody but us" can take advantage of, he said.

Reported back doors on the Internet that the NSA exploits could be vulnerable to other attacks, one audience member said.

"What do you with a vulnerability?" Hayden said. "Do you patch it, or do you exploit it? If even with the vulnerability, it requires substantial computational power, substantial other attributes, you have to make the judgment, 'who else out there can do this?'

"If there's a vulnerability in here that weakens encryption, but you still need four acres of Cray computers in the basement in order to work it, you kind of think ... 'that's a vulnerability that we are not ethically or legally compelled to try to patch'," he added. "It's one that ethically and legally we could try to exploit in order to keep Americans safe."

Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's email address is

Join the CSO newsletter!

Error: Please check your email address.

Tags telecommunicationU.S. National Security AgencyMichael HaydengovernmentMike RogersinternetprivacyciaU.S. House of Representatives Intelligence CommitteeDavid IgnatiussecurityEdward Snowden

More about CrayIDGNational Security AgencyNSA

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Grant Gross

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place