Inspector General Says NSA Still Hasn't Implemented Its Post-Snowden Internal Security Measures

An anonymous reader quotes a report form Techdirt: In the immediate aftermath of an NSA contractor springing numerous leaks back in 2013, the NSA vowed this would never happen again. It has happened again and it hasn't just been documents. It's also been software exploits, which contributed to a worldwide plague of ransomware. The NSA was going to make sure no one could just walk out of work with thousands of sensitive documents. It laid out a plan to exercise greater control over access and fail safe procedures meant to keep free-spirited Snowdens in check. The NSA is the world's most powerful surveillance agency. It is also a sizable bureaucracy. Over the past half-decade, the NSA has talked tough about tighter internal controls. But talk is cheap -- at least labor-wise. Actual implementation takes dedication and commitment. The NSA just doesn't have that in it, according to a recent Inspector General's report: "The nation's cyber spy agency is suffering from substantial cyber vulnerabilities, according to a first-of-its-kind unclassified audit overview from the agency's inspector general released Wednesday. Those vulnerabilities include computer system security plans that are inaccurate or incomplete, removable media that aren't properly scanned for viruses, and an inadequate process for tracking the job duties of National Security Agency cyber defenders to ensure they're qualified for the highest-level work they do, according to the overview."

Flow of secrets

NSA continues to spy on the rest of the world, with the help of 5 eyes countries. 5 Eyes countries are protected by 'agreements'. Agreements like 'trade-agreements', are not enforceable when dealing with a bad-actor. If he won't abide by trade-agreements, why would him and his boss in Moscow abide by no-spy agreements?

https://www.usatoday.com/story/news/2017/01/26/report-arrested-russian-intel-officer-allegedly-spied-us/97094696/

This is what happened to US spies, 6 days after Trump got to power, and got access to the unredacted names of the spies mentioned in the pee pee memos, he passed the names over to Putin as revenge:

"A senior Russian intelligence officer and cybersecurity investigator arrested last month on treason charges allegedly was passing information to U.S. intelligence services, according to Russian media outlets. Sergei Mikhailov, who worked for the FSB, the successor to the KGB, was arrested in December, along with Ruslan Stoyanov, a top manager for Russia's largest cybersecurity firm, according to the economic newspaper Kommersant. Stoyanov was also charged with suspicion of treason. In addition, two other people, including Major Dmitry Dokuchaev, also an FSB officer, were arrested in connection with the case, according to Russia's REN-TV. The fourth person was not identified."

Once you start stripped away the privacy protections and replace checks and balances with faith and trust, it only takes one bad actor in the right position to undermine the whole system. One foreign puppet and that's all it takes to flip a nation. Because the nation already did the work needed, and they'll always be people who'll sell out their country in pursuit of their party flag. Fox News (Hannity-Cohen payments), One America News (old man Robert Herring invited to Russia, married a hot sexy Russian woman and turned his news network into a pro-Russia fluff cable network) etc, etc,.

You let NSA spy on everyone on a promise not to look at some of the data, and then you put someone above them who always lies, has dodgy foreign friends, and never keeps promises.

Too busy

[dristoph]

Too busy pursuing their mission outside the mission itself and the bounds of constitutional practice.

That said, I have trouble believing this, or really any offer of information to the public from government agencies. Sounds like a honeypot, or a false reveal of vulnerability. Who trusts any of them at face value?