MI6: Snowden Files Hacked to Find Western Spies

snowden-100355452-carousel.idge.jpg

Edward Snowden

The UK Governmnet believes that Russian and Chinese intelligence agencies have used documents from whistleblower Edward Snowden to identify British and US secret agents, and that agents have been put in peril, according to a report in the Sunday Times.

The newspaper says MI6, Britain’s Secret Intelligence Service, has withdrawn agents from overseas operations because Russian security services had broken into encrypted files held by American computer analyst Snowden.

Snowden provided the Guardian with top-secret documents from the US National Security Agency (NSA), which revealed that western intelligence agencies had been undertaking mass surveillance of phone and Internet use. He fled to Hong Kong, then to Moscow, and the Sunday Times claims that both Chinese and Russian security officials gained access to his files as a result.

The files held by Snowden were encrypted, but now British officials believe both countries have hacked into the files, according to the report.

The newspaper quotes a series of anonymous sources from Downing Street, the Home Office and British intelligence saying that the documents contained intelligence techniques and information that would enable foreign powers to identify British and American spies.

The newspaper quoted a “senior Downing Street source,” saying that “Russians and Chinese have information”.
The source said, “agents have had to be moved and that knowledge of how we operate has stopped us getting vital information”. The source said they had “no evidence” that anyone had been harmed.

A senior Home Office source was also quoted by the newspaper saying: “Putin didn’t give him asylum for nothing. His documents were encrypted but they weren’t completely secure and we have now seen our agents and assets being targeted.”

The Sunday Times also quoted a “British intelligence source” saying that Russian and Chinese officials would be examining Snowden’s material for “years to come”.
“Snowden has done incalculable damage,” the intelligence source reportedly said. “In some cases the agencies have been forced to intervene and lift their agents from operations to prevent them from being identified and killed.”
A Downing Street spokeswoman told the Observer on Saturday night: “We don’t comment on leaks.” 

Traitor or patriotic Whistleblower?

Anti-Snowden reporting has gradually increased and some senior current and past intelligence agency commanders have expressed the view that Snowden was a double agent working for the Russians.

Sir David Omand, former Director of GCHQ, said on Radio 4’s Today Program recently, that Snowden had stolen enormous of amounts of classified documents from NSA and that some of these had been used against Western agents and operations in Russia and elsewhere. 

Some Commanders say that Snowden traded documents for asylum, or that the documents were taken by the Russian’s and perhaps Chinese to get intelligence and spy on the West. 

Snowden says that this is not true and no documents were given to the either the Russians or the Chinese.

Almost dependent on which office and individuals one speaks to within different intelligence agencies and parts of governments the views on Snowden both in the US and UK and EU differ radically – some see him as a sensible and honorable Whistleblower who has given the American people and other Western citizens a clearer understanding of how much they are monitored by their own government which, many believe goes against the US Constitution.

Others within the intelligence departments and other parts of government see Snowden as a traitor who should be tried and jailed.   

Questions About The Sunday Times Snowden Story

Outside the intelligence world, specialist journalists, notably Glenn Greenwald and RJ Gallagher, critsicse The Sunday Times story. Gallagher writes that the UK newspaper's claim that the Chinese and Russian governments have somehow managed to obtain National Security Agency whistleblower Edward Snowden's trove of documents is poorly sourced from anonymous UK government officials, who make a series of significant allegations, backed up with little evidence.

It's worth going through some of the key points of the story to cast some critical scrutiny on the central claims and to raise a few questions about them:
    
1) "RUSSIA and China have cracked the top-secret cache of files stolen by the fugitive US whistleblower Edward Snowden...according to senior officials in Downing Street, the Home Office and the security services."   
Is the claim here that a full archive of encrypted files was "cracked" by some sort of brute-force decryption attack? If so, how did these "senior officials" establish that? How did the Russians and Chinese allegedly obtain the encrypted material in the first place? 
2) "forcing MI6 to pull agents out of live operations in hostile countries."
This was a surprise to me because I've reviewed the Snowden documents and I've never seen anything in there naming active MI6 agents. Were the agents pulled out as a precautionary measure? Keeping in mind that the UK government does not actually know what Snowden leaked, how do these officials know there were documents in there that implicated MI6 operatives and live operations in the first place? 
3) "Moscow gained access to more than 1m classified files held by the former American security contractor"
Snowden has said repeatedly that he did not carry any files with him when he left Hong Kong for Moscow. Is this article alleging that he is lying? If so, where's the evidence to support that? Moreover, I've seen nothing in the region of 1m documents in the Snowden archive, so I don't know where that number has come from. Oh, wait: 
4) "Snowden, a former contractor at the CIA and National Security Agency (NSA), downloaded 1.7m secret documents"
This 1.7m figure was invented by US officials and since then it has been regurgitated repeatedly and unquestioningly by various media outlets. I've seen the trove of documents; the claim or insinuation that he leaked 1.7m is not true. 
5) "A senior Downing Street source said: 'It is the case that Russians and Chinese have information'."
Of course they do: the same information that the rest of the world has access to -- in public news reports and documents published as part of those. If the claim here is that the Russians and Chinese have access to every single document in the entire archive (i.e. all the unpublished material), where is the evidence to support that? How do the officials know? Are they speculating? These are serious claims -- and serious claims demand serious evidence. Which is unfortunately not provided here. 
6) “Why do you think Snowden ended up in Russia?” said a senior Home Office source. “Putin didn’t give him asylum for nothing."
I thought this one had long since been debunked by now, but apparently not. The reality is that Snowden never intended to stay in Russia. He was trying to get to Latin America and only ended up in Russia because his passport was revoked by the US government while he was transiting through. 
7) Senior Home Office source: "His documents were encrypted but they weren’t completely secure and we have now seen our agents and assets being targeted.”
So the UK Home Office is alleging Snowden lied about taking documents to Moscow? How has it established that, exactly?
8) "A British intelligence source said: “We know Russia and China have access to Snowden’s material"
Again: they have access to documents published with public news reports, sure, that's obvious and true. But is the claim here that they have access to material beyond that? If so, where's the evidence? How does this source "know" and what does he "know," exactly? Why the vague statement? Let's hear what it is the source knows and how so we can properly assess and scrutinise the merit of the allegation. 
9) "It is not clear whether Russia and China stole Snowden’s data, or whether he voluntarily handed over his secret documents in order to remain at liberty in Hong Kong and Moscow."
If it's not clear then why does the top line of the story say the Chinese and Russians "cracked" the documents? If Snowden just handed them over, why would they need to "crack" them? And if the Russians and Chinese somehow stole the data, how did they a) manage to steal the documents in the first place (especially given he says he didn't carry the files with him into Russia), and then b) break the encryption? 
10) "David Miranda, the boyfriend of the Guardian journalist Glenn Greenwald, was seized at Heathrow in 2013 in possession of 58,000 'highly classified' intelligence documents after visiting Snowden in Moscow."
This is wrong. Miranda was detained at Heathrow after visiting Laura Poitras in Berlin. He wasn't visiting Snowden in Moscow and I think this is the first time I've ever seen this asserted. It's false.

Gallagher thinks The Sunday Times story raises more questions than it answers, and contains some dubious claims, contradictions, and inaccuracies. "The most astonishing thing about it is the total lack of skepticism about these grand government assertions, made behind a veil of anonymity. This sort of credulous regurgitation of government statements is antithetical to good journalism. The government has an obvious vested interest in portraying Snowden as a terrible person who's helped "the enemy" -- it has been badly stung by his surveillance revelations and the political fallout that has ensued as a result of them. For that reason alone its claims should be treated with caution and not repeated unchallenged. Evidence should be necessary for allegations of this magnitude, which have such big ramifications."

The Sunday Times has a long and commendable history of holding the government to account with great investigative journalism. But in this case, sadly, it has allowed itself to be used by faceless officials as a mouthpiece, Gallagher says.

Guardian: http://bit.ly/1dE3Dq5
RJ Gallagher: http://bit.ly/1KS05Or

 

« Second Hack of US Federal Records
Enforcing Magna Carta in the Age of Cyberwarfare »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Trend Micro

Trend Micro

Trend Micro is a leader in hybrid cloud, endpoint, and network security solutions.

National Cyber-Forensics & Training Alliance (NCFTA)

National Cyber-Forensics & Training Alliance (NCFTA)

NCFTA is a trusted alliance of private industry and law enforcement partners dedicated to information sharing and disrupting cyber-related threats.

Open Information Security Foundation (OISF)

Open Information Security Foundation (OISF)

OISF is a non-profit organization led by world-class security experts, programmers, and others dedicated to open source security technologies.

OEDIV SecuSys

OEDIV SecuSys

OEDIV SecuSys (formerly iSM Secu-Sys) develops high-quality IT software solutions, setting standards as a technology leader in the area of identity and access management.

e-Lock

e-Lock

e-Lock services include IT security consulting and training, security systems integration, managed security and technical support.

SecurityGate

SecurityGate

SecurityGate.io is the only Integrated Risk Management platform built for OT/ICS cybersecurity.

Networks Unlimited

Networks Unlimited

Networks Unlimited is a leading value-added distributor in Africa, providing technology solutions with a focus on security, networking, enterprise systems management and cloud technologies.

Redsquid

Redsquid

At Redsquid we are all about making a difference to our customers with the use of technology, as an innovative provider of solutions within IoT, Cyber security, ICT, Data Connectivity & Voice.

Amvia

Amvia

Amvia is a fast-growing telecoms, Internet and Microsoft service provider. We supply voice, data and cyber security services to 100s of small and large companies.

Incognia

Incognia

Incognia have created a ubiquitous private identity based on location behavior, that enables a personalized frictionless experience with mobile apps and connected devices.

CyberconIQ

CyberconIQ

CyberconIQ provide an integrated Human Defense Platform that reduces the probability and/or the cost of a cybersecurity breach by measurably improving our clients risk posture and compliance culture.

SGTech

SGTech

SGTech is the leading trade association for Singapore's tech industry, offering focused support and development to both strategic and emerging sectors in the industry.

X-Analytics

X-Analytics

X-Analytics is a cyber risk analytics application to create a better way for organizations to understand and manage cyber risk.

CYBRI

CYBRI

CYBRI is a cybersecurity company helping businesses detect and remediate mission-critical vulnerabilities before they get exploited by hackers.

NMi Group

NMi Group

NMi Group is a global pioneer in mission-critical Testing, Inspection, Certification, and Calibration (TICC) services.

Sacumen

Sacumen

Sacumen is a niche player in the cybersecurity market, solving critical problems for security product companies.