A damage assessment framework for insider threats to national security information: Edward Snowden and the Cambridge Five in comparative historical perspective

Abstract

A new ‘digital generation’ of insider threat has emerged within the US intelligence community. Edward Snowden’s mass leaks were not the first transparency-driven digital challenge to the United States Intelligence Community (USIC). Three years before, then U.S. Army Private Bradley Manning provided 500,000 classified documents to WikiLeaks, which published them to great fanfare for transparency advocates while causing much concern in Washington. These are not isolated cases; the tempo of such mass public disclosures seems to be increasing. In what ways is this new breed of insider threat akin to more traditional counterintelligence breaches such as those of the Cold War? One central point of comparison is the relative damage caused by each, since it would be difficult to sustain the thesis that a new type of insidious threat has emerged if the damage caused by mass leaks was of little consequence when compared to traditional espionage cases. And ‘damage’ must be evaluated within the social history of the breaches themselves. A systematic approach to the comparison of breaches has remained elusive. This article offers such a framework using the Snowden leak as a case study in contemporary self-tasked digital breaches and the Cambridge Five spy ring as a case study in traditional externally-tasked breaches.

Correction Statement

This article has been republished with minor changes. These changes do not impact the academic content of the article.

Notes

1 Noble intent by itself would not exonerate such leaks according to scholars of the ethics of treason; for example, see Hatfield 2017.

2 For a fairly comprehensive list of insider threat cases within the US context, see Herbig 2017.

3 It is notable that the overwhelming number of comparisons used thus far to understand and contextualize Snowden’s impact have been to either the Cambridge Five in the UK or other notorious FBI and CIA spies in the US. Almost no observers have made mention of Snowden in comparison to the atom spies of World War II who delivered Josef Stalin the bomb. That would also be a useful comparison to test the proposed damage framework, but the current comparison is tested first because the popular narrative has shaped the comparison thusly.

4 In an email to one of the authors, dated 9 November 2014, Sir David explained that he intended his mention of Burgess and Maclean to stand for the entire group in the public discourse as much as they were the best known, and he clarified that his view that Snowden is not only worse than the Cambridge Five, but also more serious than KGB spy and former SIS officer George Blake (about whom there is regrettably not enough space to include in this historical comparison).

5 The atom spies that delivered Stalin the bomb would also be an apposite comparison for future inquiry and to test proposed damage assessment frameworks in historical perspective.

6 It is beyond the scope of this paper to offer a justification for this broadly Aristotelian view of the purpose of the state. But for an explanation of this view as it relates to insider threats, see (Hatfield 2017).

7 Mutatus mutandis because every historical case contains unexplainable endogenous variation which needs to be eliminated from the overall comparison (for both terms $y_I^h$ and $y_N^c$) lest it potentially overwhelm the measured accuracy of the comparison. King, Keohane, and Verba (1994, 80-81) describe this elimination procedure within the context of the definition of causality as one of measuring and accounting for ‘random causal effect.’ See King, Gary, Robert O. Keohane, and Sidney Verba (1994) Designing Social Inquiry: Scientific Inference in Qualitative Research, Princeton: Princeton University Press.

8 According to NSA Deputy Director Rick Ledgett, there were 54 instances in which NSA programs in question helped foil terrorist attacks (12 US-focused, 41 focused at allies). See his response to Snowden’s TED Talk in Ledgett 2014.

9 This will, inevitably, result in cries of intelligence failure and calls for further organizational reforms like the creation of a Director of National Intelligence.

10 Despite Snowden’s coup by landing at NSA’s outpost in Hawaii, his remained a singular effort.

11 The KGB, the Committee for State Security, was called various things at various times, including NKVD from the mid-1930s through the end of the Second World War. The balance of this article will simplify this nomenclature by referring the Soviet intelligence and security apparatus as the KGB, although this name change did not occur until 1954 and was officially dissolved in 1991.

12 On the Cambridge Five side, it is unknown how many pages are in a ‘document’ or a ‘volume’. In relation to Snowden, it is unknown how many pages are in a digital record, and, in any case, it is probably not constant.

13 Hostilities turned from proxy war to direct confrontation when Hoxha’s coastal batteries had begun firing on British Naval vessels in the Adriatic and, on 22 October 1946, two British destroyers, Saumarez and Volafge, were heavily damaged in the Corfu channel and 43 sailors were killed after striking Albanian sea mines.

14 One Time Pads are theoretically unbreakable because they are completely random. No pattern would be evident for a cryptanalyst to break into. As their name implies, however, they are meant for a single use only. There is temptation to reuse them when there are not enough OTPs available to keep up with message traffic demands.

15 Additional scientific material, such as the technical information for nuclear fission, was being provided to Moscow through Klaus Fuchs, Bruno Pontecorvo, David Greenglass, and Ted Hall. On this, see Andrew, Christopher (1990) KGB, Harper Collins.

16 While many question the legitimacy of the US Government’s interpretation of the provisions of the PATRIOT Act that Snowden found objectionable, the preponderance of legal challenges have been unsuccessful so far.

Additional information

Notes on contributors

David V. Gioe

David V. Gioe is Associate Professor of History at the US Military Academy at West Point, where he also serves as History Fellow for the Army Cyber Institute. He is Visiting Senior Research Fellow in the Department of War Studies at King’s College London, and Director of Studies for the Cambridge Security Initiative’s International Security and Intelligence program. His areas of expertise are applied contemporary history, strategic and intelligence studies. Email: [email protected]

Joseph M. Hatfield

Joseph M. Hatfield is Associate Chair of the Cyber Science Department at the United States Naval Academy and is an active duty intelligence officer with over a decade of overseas operational experience. Hatfield's areas of expertise are Intelligence Studies, Cyber Operations, ethics and political theory. Email: [email protected]