WASHINGTON — In a pair of public appearances this week, CIA Director John O. Brennan made clear that he blames leaks by former intelligence contractor Edward Snowden for enabling terrorists to evade detection.
“Because of a number of unauthorized disclosures, and a lot of hand-wringing over the government’s role in the effort to try to uncover these terrorists,” Brennan said, the CIA and others agencies have lost use of critical tools needed “to find these terrorists.”
Brennan’s assertion has become a refrain in the two years since Snowden exposed details about a range of U.S. surveillance programs. And former CIA director R. James Woolsey went further, saying on Sunday, “I think Snowden has blood on his hands from these killings in France.”
But drawing a line from Snowden to the Paris tragedy is problematic, according to some analysts, because even two years after the leaks it is difficult to isolate the extent to which they caused terrorist networks to change the way they communicate.
The revelations that were the source of greatest controversy involved programs that would likely have been of little value in disrupting the Paris plot, experts said. The National Security Agency’s collection of data about the times and durations of billions of domestic phones calls was not designed to pick up calls entirely outside the United States.
A second program that relied heavily on cooperation from companies including AOL, Microsoft and Google was aimed at intercepting email and phone calls between foreign operatives and individuals in the United States. Nothing has changed since that revelation to restrict the NSA’s ability to sweep up communications exclusively among foreigners, as was apparently the case for the plot in France.
Other subsequent disclosures undoubtedly gave adversaries including terrorist groups a deeper understanding of the scale of U.S. surveillance capabilities, as well as specific programs that enabled, for example, the NSA and its counterpart in Britain to tap into Google and Yahoo data centers overseas.
But to conclude that those revelations caused enough damage to make the United States and its allies, including France, substantially more vulnerable assumes that terrorist cells would not otherwise have taken precautions that to some seem inevitable, some analysts said.
“Aspiring terrorists already knew the U.S. government was doing everything it could to track and monitor their communications,” said Jameel Jaffer, the deputy legal director of the American Civil Liberties Union. “What Snowden disclosed was the astonishing extent to which the government’s surveillance power had been turned on ordinary citizens. The CIA director knows this. He’d just rather we talk about Snowden’s disclosures than about the intelligence community’s failures.”
But others say that the tremendous publicity surround Snowden’s disclosures may well have caused militants to take even greater precautions in their communications than they already were.
“I think you can recognize that the leaks did damage to the United States’ ability to monitor some of their communications, while also acknowledging that the jihadists were pretty security-conscious anyway,” said William McCants, a Brookings Institution terrorism expert and author of “The ISIS Apocalypse.”
[rebelmouse-image 27089659 alt=”” original_size=”800×1198″ expand=1]
Woolsey was head of CIA under President Bill Clinton — Photo: CMichel
Investigators are still piecing together details on how the Paris plotters communicated with one another, including whether they were in touch with senior Islamic State operatives in Syria in the days or weeks leading up to the attacks.
U.S. officials have said it is likely that some of those involved in the plot used encrypted communications tools, but officials have stopped short of saying whether they have established that this was the case. Any attempt by the plotters to communicate with handlers in Syria would have raised the risk of exposure significantly, officials said, because of the surveillance assets that the United States and its allies have mobilized against the Islamic State.
Officials and experts are in broad agreement that terrorist groups have ramped up their operational security measures in recent years. And some think Snowden’s disclosures accelerated both the development and adoption of encryption technology.
Terrorist groups “adapted to the disclosures by Snowden and have made it more difficult for us to track their whereabouts as well as their plotting and planning,” said Rep. Adam B. Schiff of California, the ranking Democrat on the House Intelligence Committee. “I do think the Snowden revelations have had an adverse security impact, because our enemies know far more about our capabilities and programs.”
Experts who monitor the communications and social media postings of terrorist groups said there are indications that Islamist militants studied the Snowden coverage.
Rita Katz of the SITE Intelligence Group, which tracks jihadist activity online, said the Islamic State and al-Qaida have studied documents leaked by Snowden and articles based on the documents. Militants have posted tips on how to avoid NSA surveillance, such as how to register on Twitter without phone verification, she said.
She pointed to a discussion in a jihadist forum in October 2013 — at the height of the Snowden revelations — calling attention to an “important article related to Tor. Good read.”
[rebelmouse-image 27089660 alt=”” original_size=”1002×774″ expand=1]
Tor is a system used by dissidents and militants alike to shield one’s identity online by moving encrypted traffic across a global network of servers. The forum moderator concluded that Tor itself “is not broken” and “could be a relative secure option after all.” But, he added that jihadists should “switch away” from a particular convenience feature that might have been tampered with and use the regular Tor program.
But concern about jihadist networks adopting sophisticated communications security long predates Snowden. The FBI’s then-director, Louis Freeh, was warning about terrorists using “uncrackable encryption” in February 2001. In 2010, the attackers behind the attempted Times Square bombing used encrypted emails to communicate, though the government was still able to read their messages.
McCants, of the Brookings Institution, said tradecraft was a major part of jihadist training in the al-Qaida camps in Afghanistan. “In many ways, online discussion boards became a replacement for the camps,” he said.
Even fierce critics of Snowden have acknowledged that his disclosures — published in The Washington Post, the Guardian and other outlets — triggered an important, and possibly overdue, debate over U.S. surveillance practices in the years after the attacks of Sept. 11, 2001. Director of National Intelligence James R. Clapper Jr. has also suggested that the fallout from the revelations might have been easier to contain if spy agencies hadn’t been so determined to preempt public debate even in the broadest terms.
In Brennan’s appearance at a conference at the Center for Strategic and International Studies in Washington on Monday, the CIA director said that “some policy and legal” changes have made the spy agencies’ job more difficult.
He did not elaborate, but the most consequential piece of legislation passed after Snowden’s leaks, which calls for an end to the bulk collection of phone data, has not yet gone into effect.
Other changes included giving foreigners expanded privacy protections and requiring White House approval for spying on foreign heads of state.
“I don’t think any of the policy changes we have made have diminished our capability to combat terrorism,” Schiff said.
It’s possible that operational details disclosed by Snowden that barely registered with the public nevertheless provided meaningful clues to terrorist groups. U.S. officials including NSA Director Michael S. Rogers have warned that intelligence agencies have lost the trail of terrorist targets they were tracking.
One former senior intelligence official said he had operators report to him that “it’s getting harder for me to do my job because we’re seeing more of our targets using encrypted communications. Targets would cycle through different services and then disappear. We saw that quite a bit.”
FBI Director James B. Comey has warned that terrorists are increasingly turning to encrypted modes of communication, and last year he criticized companies such as Apple for building smartphones and applications whose data can be unlocked only by the user. Officials say that U.S. firms accelerated the development of encryption as a response to the Snowden leaks, in a bid to allay concerns that their platforms were too transparent to spy agencies.
But industry officials familiar with Apple’s product development say that the firm’s moves to encryption predated the Snowden disclosures and were not sped up by them. “Snowden had nothing to do with it,” said one industry official, who was not authorized to speak on the record. “It was the ethos to protect the customer — not to stymie governmental investigations.”
Some analysts who monitor jihadist forums say they have seen scant discussion about Snowden.
Flashpoint did a study on that question last year and found “one or two articles cited,” said Evan Kohlmann, the firm’s co-founder. “And from the reaction to those articles,” he said, it seemed clearly that “they already assumed the NSA was looking in all these various places.”
Adam Goldman contributed to this report.