Current and former CIA directors blame Paris on Snowden and encryption

The current and former directors of the world's most famous intelligence agency lay the blame for terror attacks including Paris at the feet of Edward Snowden and encrypted messaging.

Snowden has "blood on his hands" according to one former CIA official
Snowden has "blood on his hands" according to one former CIA official

A former and a current director of the Central Intelligence Agency,  the US' premiere intelligence agency, has laid the blame for Friday's attacks in Paris at Edward Snowden's feet.

Giving a speech to the Center for Strategic and International studies, Brennan, the current director of the CIA, made the point that the Snowden disclosures created an atmosphere for intelligence agencies that hampered their ability to find terrorists. Brennan said, gesturing in the direction of the bespectacled exile: "In the past several years, because of a number of unauthorised disclosures and a lot of handwringing over the government's role in the effort to try to uncover these terrorists, there have been some policy and legal and other actions that are taken that make our ability collectively, internationally to find these terrorists much more challenging." Brennan was thrown into the spotlight earlier this month for having his email hacked by a thirteen year old

James Woolsey, who headed the CIA between 1993 and 1995 and Brennan who took office as director in 2013, spoke to National Public Radio in the US on Sunday echoing that point: “I'm no fan of the changes that were made after Snowden's leaks of classified information. I don't think they have improved our ability to collect and use intelligence.” Woolsey gravely added that, “I think Snowden has blood on his hands from these killings in France.”

Many took to their soapboxes just hours after Friday's attack in the capital to try to impress some kind of political point upon the massacre.

Of course, international punch-bag for the security community that he is, Snowden faced this kind of blame not just from the current and former mandarins of the CIA but from other sources as well. Blustering London Mayor, Boris Johnson, wrote in his recent Telegraph column that: “To some people the whistleblower Edward Snowden is a hero; not to me. It is pretty clear that his bean-spilling has taught some of the nastiest people on the planet how to avoid being caught.”

Johnson added, “and when the story of the Paris massacre is explained, I would like a better understanding of how so many operatives were able to conspire, and attack multiple locations, without some of their electronic chatter reaching the ears of the police.”

Former White house Press secretary under the Bush administration and current contributor to FOX news put it plainly:

SCMagazineUK.com asked some members of the cyber-sec industry what they thought, given they should have a far better understanding than those with a political axe to grind. Justin Harvey, chief security officer at Fidelis Cybersecurity responded coolly: “It is a fact that Snowden definitely compromised world governments' ability to spy on citizens, both those that pose a threat and those who are conducting normal business.”  Harvey added that we might consider a reinforced emphasis on human intelligence, that is to say, the classical mode of espionage that places agents within enemy organisations: “We did it before computers, so I'm sure we can conduct those types of operations again. The answer is not to weaken encryption, since that is a losing battle. While it can technically be done, it is impossible to regulate and enforce.”

Itay Glick, the CEO of Votiro, an anti-spear phishing service, doesn't think Snowden can be blamed for terror attacks: “There are so many ways out there that malicious groups can communicate and as the next question implies, terrorists have enough cyber-know-how, they don't need outside help. “

Pravin Kothari, the founder and CEO of CipherCloud, an enterprise cloud company, doesn't think that weakening encryption will do what government and security services intend it to do: “Diluting commercial encryption won't prevent the bad guys from using their own proprietary encryption and won't make us safer", Kothari told SC, "Weakening the technology that companies use to protect average users misses the mark. Nor will enacting the IPB better protect the homeland as many of its monitoring provisions already exist in France following Charlie Hebdo. Dismantling privacy for the masses will only push the terrorists further underground. We cannot let fear override reason.”

The claim that the Snowden's disclosures allowed terrorists to better understand how they were being tracked and to start using encryption seems a strange one as Jihadist groups were using encrypted communications long before Snowden decided to ‘unencrypt' his employers' secrets.

On Face the Nation, an American television programme on the CBS network, Michael Morell, a former deputy director of the CIA, said that Paris was the far side of the curve that Snowden's disclosures started. He also speculated, on the back of French Intelligence's statements they believed the attackers used encryption, that the attackers used some kind of readily-available commercial encrypted communication like WhatsApp or the Playstation network's chat function. Morell said that this kind of encryption “is very difficult or nearly impossible for governments to break, and the producers don't produce the keys necessary for law enforcement to read the encrypted messages."

ISIS and Al Qaeda are known to use Telegram to share information on how to perform cyber-attacks and make weapons. The second culprit the authorities have mentioned is just this kind of encrypted communication and some in power have correspondingly ramped up their calls for back-door access.

Clearly the internet is becoming a new attack vector for terrorism, with radical groups not only recruiting and spreading their messages through online tools but attempting to actually launch cyber-attacks on western targets. Only today George Osborne, the UK Chancellor, told the public that IS is trying to develop the capability to carry out deadly cyber-attacks on the UK.