WASHINGTON — Three people at the National Security Agency have been implicated in Edward Snowden’s efforts to copy classified material, including a civilian employee who resigned last month after acknowledging he allowed Snowden to use his computer ID, according to an NSA memo sent to Congress.
The other two were an active-duty member of the military and a civilian contractor. The memo does not describe their conduct but says they were barred from the NSA and its systems in August.
The memo from the director of the NSA’s legislative affairs office, Ethan L. Bauman, to the House Judiciary Committee staff does not identify the three or say whether they all worked with Snowden at an NSA post in Hawaii last year. But it offers a glimpse into the internal investigation of what intelligence officials have called the largest theft of classified material in U.S. history.
The NSA employee who resigned did not know that Snowden, an agency contractor employed by the consulting firm Booz Allen Hamilton, planned to reveal classified NSA operations and systems to the media. But the employee admitted to the FBI in June that he had used his Public Key Infrastructure certificate, a special digital ID, to give Snowden access to material he was not authorized to see on an internal network called NSA Net.
The employee used his password to sign onto the network and Snowden secretly captured the password without the employee’s knowledge, Bauman wrote, and later used it to download additional material.
The employee had his security clearance revoked in November and resigned on Jan. 10, according to the memo. Bauman’s memo was first reported Thursday by NBC News.
An NSA spokeswoman declined to comment Friday.
Snowden, who is living in Moscow, has denied that he stole colleagues’ passwords to gain access to classified documents. U.S. officials have confirmed reports that he used so-called Web crawler software to automatically troll the spy agency’s networks and secretly access up to 1.7 million documents without being detected. It’s still unclear how many he copied. News organizations have published a few dozen at most so far.
U.S. officials say Snowden mostly took documents that explained how NSA surveillance programs work, rather than fruits of eavesdropping and code-breaking operations. The officials say he was walled off from many NSA secrets, including recordings of private calls or conversations by world leaders.
But he appears to have accessed documents that could compromise military communications systems, satellite orbits and even the names of clandestine agents, officials say. Mitigating the damage, they say, will take years and cost billions of dollars.
James R. Clapper, the director of national intelligence, told the Senate Armed Services Committee this week that the Snowden breach was a “perfect storm.”
“He knew exactly what he was doing,” Clapper said. “And it was his job as assistant administrator to arrange across a lot of the databases. And he was pretty skilled at staying below the radar, so what he was doing wasn’t visible.”
Officials have acknowledged that the NSA facility in Hawaii where Snowden worked had not yet implemented security improvements installed elsewhere at the agency since 2010, when then-Army Pfc. Bradley Manning downloaded more than 250,000 classified military and diplomatic documents from a computer in Iraq and gave them to WikiLeaks.
Since the Snowden breach, the NSA has sought to implement additional security upgrades. They include making sure computer systems administrators work directly for the NSA instead of an outside contractor and imposing a “two person” rule intended to ensure that no single individual can gain unsupervised access to restricted computer networks.