NSA Skips the Oscars to Beef Up its Cloud Storage

  • HBO’s Citizenfour Casts Spotlight on Edward Snowden & NSA
  • NSA Building Stronger Cloud Storage to Thwart Whistleblowers
  • GovCloud: Big Brother’s Little Helper
  • A Huge Step Forward

HBO’s Citizenfour Casts Spotlight on Edward Snowden & NSA

When the Academy Awards were held in February, the National Security Agency was nowhere to be seen, even though it was the subject of an award-winning film. Citizenfour, a movie about the agency’s whistleblower Edward Snowden, took home the prize for best feature-length documentary.

“The disclosures of Edward Snowden don’t only expose a threat to our privacy but to our democracy itself,” said director Laura Poitras in her acceptance speech. “When the decisions that rule us are taken in secret we lose the power to control and govern ourselves.”

The film really is incredibly well-done. The majority of the footage was collected in Snowden’s Hong Kong hotel room, providing an extraordinarily detailed record of the moments leading up to and following the initial stories about the former NSA contractor that were published in The Guardian. Snowden speaks calmly, clearly, and convincingly to reporters Glenn Greenwald and Ewen MacAskill, while Poitras records the entire interaction.

Essentially, the movie does exactly what the NSA did not want it to do: humanize Snowden and make it clear that he was not crazy, attention-seeking, or irresponsible (insofar as he refused to give the reporters any data that he believed was legitimately classified and the revelation of which could potentially endanger innocent people).

NSA Building Stronger Cloud Storage to Thwart Whistleblowers

Well, as you can imagine, the NSA feels a little dumb about this whole whistleblower thing. Even if they are a menace to society, they don’t want their technology to be working against them.

According to Donna Carson of Reuters, citing an announcement from NSA CIO Lonny Anderson, the agency is migrating all its systems to a custom cloud infrastructure so that individuals with access to classified data will have a much more difficult time removing it.

“A major part of the system is that all the data an analyst will have access to will be tagged with new bits of information, including that relating to who can see it,” Carson explains. “Data won’t even show up on an analyst’s screen if they aren’t authorized to access it.”

This system has been in development since Edward Snowden released portions of the government files to the press (although, as indicated above, he did not give reporters the ability to openly post the documents as occurred following the Sony Pictures hack).

Ever since 9/11, the NSA had been planning to firm up its security to protect itself against whistleblowers or any misuse by creating its own distributed architecture; but Snowden struck while some analysts still had considerable, virtually unchecked access.

GovCloud: Big Brother’s Little Helper

The agency is currently deploying GovCloud (replacing its original name, CreepCloud), a platform that will be deployed on the PCs of all 16 American surveillance offices.

Why the cloud? It really doesn’t seem to make any sense, as Carson states. After all, Edward Snowden was able to achieve what he wanted much more easily since everything was in the same system.

The logic actually is interesting, though.

Although Lonny admits that aggregating everything into one location could make it easier for analysts to grab whatever data they want and remove it, the upside is that (in his words) “by focusing on securing data down at cell level and tagging all the data and the individual, we can actually see what data an individual accesses, what they do with it, and we can see that in real time.”

In other words, sure, you can shoplift from GovCloud. But GovCloud will see you, and you will be spirited away to a secret detention center before you even have time to say bye to your work buddies and make a final Facebook post. Now are you glad you pocketed those Tic Tacs?

Speed is obviously one of the biggest benefits of cloud, and that is true of the NSA’s homemade version too. The agency will be able to pinpoint unusual log data of users much more quickly. There was nothing about Edward Snowden’s desktop activities that raised any warnings. Monitoring of the logs was not automated at that point.

The NSA has apparently taken the traditional viewpoint that it’s unwise to automate computing tasks – that automating detection of nonstandard behavior is like having robots serve as ball boys at Wimbledon. Now, though, the agency has realized that Wimbledon ball boys are a threat to our national security. Robots it must be.

Lonny argues that those who are concerned their data is being collected and scrutinized without any evidence of legitimate criminal behavior should feel more comfortable with this new infrastructure. Integrating compliance (ie, liberty safeguards) is “an extremely manual process,” he says. “There is risk built in all over that we try to address. The cloud architecture allows us to build those issues in right from the start[.]”

A Huge Step Forward

The CIO of America’s favorite spy agency calls its cloud system “a huge step forward.” Please don’t hold it against cloud technology. It’s merely a tool. It had no say in the matter.

Obviously every organization, regardless its mission, wants to tap the full potential of the cloud.

What can cloud computing do for you?

By Kent Roberts

Free use image via Wikipedia