It didn’t take long for journalists to find Reality Leigh Winner — the National Security Agency contractor who was arrested for leaking a top secret document to The Intercept — on social media, where she tweeted #trumpisacunt, called the president an “orange fascist,” and followed and retweeted Edward Snowden.
One might think that in the course of vetting prospective NSA workers, the government might at least check to see if they were Snowden superfans.
Even after the Snowden revelations, the NSA has continued to rely on what The Nation called a “shadow NSA” of private intelligence contractors. The Snowden breach reportedly prompted changes at the NSA to reduce the threat of insider leaks, including implementing a National Insider Threat Task Force, improving background checks, and reducing the number of contractors used by 17 percent, the White House told Bloomberg. And yet in August 2016, the FBI arrested Harold Martin, an employee of Booz Allen Hamilton, the same contractor that employed Snowden. Martin had been stealing and stowing highly classified information in his home. In April 2017, code for an NSA-developed cyberattack was leaked online; the perpetrator is still unknown. And now, Winner.
The NSA and Pluribus International, the company that employed Winner, did not respond to questions about how she was vetted and whether any processes will change because of the leak.
Cortney Weinbaum, a senior technical analyst at the RAND Corporation who works with the intelligence community and Department of Defense, said that the incident may result in a review of the process for contractors who get security clearances.
We talked about this story on our daily podcast, The Outline World Dispatch.
The changes won’t necessarily be visible to prospective employees, however, she said. But if a review finds that officials missed some potential red flags, it could prompt some changes on the government's side, Weinbaum said.
"What will change is how the government analyzes data, and sometimes they add new data sources when they come up," she said. “What the government is looking for and the processes they're using, those do evolve over time, and when there's a major leak, the government goes back and looks at, ‘what could we have known?’”
What are private contractors doing about leaks? Art Davis, the director of corporate security at Booz Allen Hamilton, which also recruits people to work for the NSA, said at an intelligence conference in Washington in 2015 that the company had doubled its spending in security after Snowden, and also adopted a “full-scale counterintelligence program” for employees who had access to classified data. Booz Allen Hamilton provided The Outline with only a short statement on the recent arrest: “We are committed to learning from this matter and constantly enhancing our security practices.”
“What could we have known?”
The government has taken some new steps to combat the problem of leaking since Snowden. Bryan Clark, a senior fellow at the Center for Strategic and Budgetary Assessments and the think tank’s security officer, noted that the Defense Department had implemented a new “Insider Threat” program over the last year, “partly because most of the major releases of classified material in the past few years were from insiders who were careless or who sought political or monetary gains."
Organizations such as the Center for Strategic and Budgetary Assessments, which receive security clearances from the government, have their own program run by an Insider Threat Program Senior Official that provides training for all personnel who are given clearances on indicators to watch for and how to report concerns, Clark said.
“The rationale behind this new approach is just doing clearance investigations every five to ten years may not be enough to identify changes that make someone vulnerable to espionage, or make them more likely to illegally or accidentally release classified information,” Clark said in an email. “We now train everyone in the organization [since 2016] to be on the lookout for things like significant indebtedness, major life changes, recent financial windfalls, foreign contacts, etc. that could indicate someone is at risk.”
“We also train folks to watch out for actions like excessive printing of classified documents, accessing secured containers and vaults outside of normal working hours, etc. that could suggest someone is accessing or creating materials for unauthorized purposes,” he added. “If someone may be a security risk, the security manager or officer could restrict their access until their situation is reviewed.”
Critics argue that as long as the government depends so heavily on private industry for keeping an eye on employees with top secret clearances, there will be more Snowdens, Martins, and Winners. “You can't outsource national security,” Robert Baer, a former CIA veteran who worked in the Mideast, told the Associated Press in 2013. “As long as we depend on the intel-industrial complex for vetting, we're going to get more Snowdens.”