Snowden Likely Used SSH Keys to Access Classified NSA Data: Venafi
Using public statements from Edward Snowden and NSA officials, digital-certificate firm Venafi pieces together a likely scenario for how the former contractor accessed classified documents.Edward Snowden has not publicly stated how he leveraged his privileged access to certain servers and top-secret information at the National Security Agency into a wider fishing expedition, netting classified secrets that he had no clearance to access. The NSA hasn't provided much insight either. This week, however, security researchers at certificate-management firm Venafi threw their collective hat into the ring, posting an analysis stating that Snowden likely used authentication keys to give his account privileged access to other servers in the network. Secure shell (SSH) keys are frequently used by system administrators to log into remote computers without a password, and Snowden likely gained access to others' keys or to privileged accounts and inserted his own keys, the company said. The most significant clue is General Keith Alexander's testimony in which the NSA chief reportedly stated that Snowden "fabricated digital keys" to gain access to classified systems, Jeff Hudson, CEO of Venafi, told eWEEK. "It all comes back to one thing: 'He fabricated the SSH keys,'" he said. "What he did was he allowed himself access to other systems and in the process he elevated his privilege."
A number of accounts have tried to piece together how Snowden managed to break out of the systems he was authorized to access and move onto other sensitive systems and data. The theories have ranged from weaknesses in the thin-client architecture used by the NSA to the insecure collection of troves of data as part of the agency's sharing of information with other intelligence arms of the government.