Donate for the Cryptome archive of files from June 1996 to the present

7 January 2014. Corrected date of document to 1991, published in 1996.

5 January 2014. A2 notes second version of the NSA document at the National Security Archive with different redactions.

Second version: http://cryptome.org/2014/01/nsa-rogue-sysadmins-2.pdf

Comparison of the two:

http://cryptome.org/2014/01/nsa-rogue-sysadmins-compare.htm

4 January 2014

NSA Warns of Rogue System Administrators 1991

A sends:

I was just searching through a list of declassified articles from the NSA's Cryptologic Quarterly in-house journal and came across this extraordinary and prescient gem from a 1996 issue about the unfettered power possessed by intelligence agency IT system administrators.

In the very first paragraph, the unidentified author warns of the consequences of the intel IT process should a system administrator turn rogue or be exploited:

"In their quest to benefit from the great advantages of networked computer systems, the U.S, military and intelligence communities have put almost all of their classified information "eggs" into one very precarious basket: computer system administrators. A relatively small number of system administrators are able to read, copy, move, alter, and destroy almost every piece of classified information handled by a given agency or organization. An insider-gone-bad with enough hacking skills to gain root privileges might acquire similar capabilities. It seems amazing that so few are allowed to control so much - apparently with little or no supervision or security audits. The system administrators might audit users, but who audits them?"

This is fully 23 years before Edward Snowden purloined the NSA's Crown Jewels from the NSA's Hawaii RSOC.

Remarkably, the article's author also later describes a 1994 incident at an NSA RSOC when a contractor employee was caught accessing restricted files on a classified system!

The author states, "From an individual's standpoint . . . access to electronic versions of classified documents is out of control." [original emphasis]

Hence the title of the journal article: "Out of Control."

Although the author's identity has been redacted, the article bio states he joined NSA in 1986 and was an intelligence analyst in the ISSO's Threat Analysis Division (V52) where he was the primary editor of the National INFOSEC Intelligence Review (NIIR) and the ISSO Global Threat Summary reference manual - both published by NSA V52.

Reference: Author's name redacted, "Out of Control," Cryptologic Quarterly 15 (Special Edition, 1996), 263-269, Declassified from SECRET, www.nsa.gov/public_info/_files/cryptologic_quarterly/Out_of_Control.pdf

Here's a PDF of the entire article:

http://cryptome.org/2014/01/nsa-rogue-sysadmins.pdf