Snowden, a high-school drop-out has been passionate about IT and computers since he was 16. He took computer courses in community college and even tried military service for a month, but got discharged. His IT skills earned him a job to secure IT at CIA for few years and he became really good at it.
Then his story of what he did is really of 4 weeks. He took a new job that allowed him to be an elite ghost system admin at NSA. This game him access to not only any servers at NSA but also access to any NSA hacked system/ data. He was really good with OS and networking, and he was able to get credentials of his colleagues either through hacking or social engineering.
He started using his privilege ghost access credentials to get unauthorized access to servers and data from the network and was probably able to delete logs and be under the radar of any IT or security tools using his ghost protocols. He was able to download all of the information on to a USB stick and say it was part of a backup as he is reinstating a server or a data source.
After downloading roughly 1.7 million files, he took sick leave from his new job of 4 weeks and fled to Hong Kong and then to Russia. He went from criticizing New York Times leak of the joint operation between US and Israel over Russia (Stuxnet) to creating a largest NSA hacking/ whistleblowing operation in the history.
Leaving aside the motive behind this, and if we look at the means of how it was done, we can see some valuable lessons.
Your business is IT and the data you have. It is no longer different. The three most important things in your business/ IT are users, apps, and data that you need to monitor. Make sure you have the right role-based, access-controlled mechanism, and monitor your privileged users. For apps, have a proper logging and monitoring mechanism including access controls and monitoring. For data, ensure proper encryption and key management technologies to make sure good data loss prevention techniques. An encrypted data with a good key management solution ensures that even if data and files are lost, it will be useless to users who don’t have an authorized access.
Now you know enough to go watch the movie, learn something, and more importantly to have fun…
Sridhar Karnam 