HOUSE_OVERSIGHT_020320.jpg

168

Despite all the potential flaws in it, the outsourcing system, it seemed to work until 2013. It
even featured a revolving door through which Booz Allen, for example, hired retiring executives
from the intelligence services, such as ex-NSA director Michael McConnell, R. James Woolsey, a
former director of CIA, and Lieutenant General James Clapper (ret), who later served as Director
of National Intelligence.

The cozy relationship between the private firms and the NSA notwithstanding, the NSA
leadership was unaware that outsourcing could create a security problem. As far back as 2005,
Michael Hayden, then the departing head of the NSA, had been warned of one such vulnerability
in a memorandum written by a counter-intelligence officer at the NSA. Like the earlier 1995
report by the threat officer, this memorandum noted the NSA had ceded responsibility for
managing its secret systems to outsiders, and warned that the NSA’s reliance on them to manage
its computers had opened a back-door into the NSA. In addition, it warned that once an outside
contractor managed to slip in through this back door, he could easily jump from one outsourcer
to another. This was what Snowden did when he moved from Dell to Booz Allen Hamilton in
2013.

Despite its security flaws, outsourcing provided a number of advantages to the NSA. For
one thing, it provided a means for circumventing the budget restrictions imposed by Congress on
hiring new employees. In addition, since private companies had less-rigid hiring standards, it
greatly expanded the pool of young system administrators by tapping into computer cultures that
would be antagonistic to working directly for the government. Finally, it used less NSA
resources. Since these information technologists were only temporary employees, they were not
entitled to military pensions, medical leave and other benefits. It was a system which effectively
replaced military careerists with free-lancers.

The irony of the situation was that the NSA had surrounded its front doors with rings of
barbwire, close-circuit cameras, and armed guards, but for reasons of economy, bureaucratic
restrictions and convenience, it had left the back door of outsourcing opened to temporary
employees of private companies. To be sure, it might take some time for them to gain entry to its
inner sanctum. “It was not a question of if but when one of the contractors would go rogue,” the
former NSA executive who wrote the memorandum told me. Snowden answered that question in
2013 by stealing a vast number of files while working for both Dell and Booz Allen. Even more
extraordinary than the theft itself was the reaction to it by the NSA. It turned out that there was
not cost of failure levied against the outside contractor, Booz Allen, which employed Snowden
when he bypassed its security regime to steal the keys to the kingdom. Even though the
counterintelligence investigation showed Snowden stole documents from compartments to which
he did not have access, the NSA did not penalize his employer, Booz Allen, even though the NSA
was set back for decades according even to Michael McConnell, the vice chairman of Booz Allen.
Instead, its revenues and profits from government contracts markedly increase between 2013 and
2015.

HOUSE_OVERSIGHT_020320