Edward Snowden was missing. In June 2013, the NSA contractor was on sick leave. Snowden told his boss, Steven Bay, he had a bout with epilepsy and needed to take time off to treat it.
Snowden disappeared — not returning calls, emails or text messages.
“I was looking for him with NSA security trying to make sure he was safe, that he hadn’t driven off a cliff in an epileptic episode,” Bay told Fifth Domain. During the previous three days, some of America’s deepest secrets were splashed across the front pages. Intelligence operations were upended. The world wanted to know: Who did this?
“Wouldn’t it be crazy if Ed was leaking this stuff,” a friend asked Bay.
“That would be my worst nightmare,” Bay responded, jokingly.
The next day, Bay turned on his phone. It was June 9. Notifications blitzed the home screen. The first message he saw was from the same friend: “Sorry man, looks like your worst nightmare came true.”
“It was the end of the world. It was every sort of irrational thought and fear and consequence running through my head,” Bay recalled. “I went and found an empty church and just lost it. I thought all my employees were going to be fired. I was going to jail. Terrorists are going to run wild. CIA assets are going to get compromised.”
Bay found his wife. He broke down on her shoulder and whispered two words:
To some, Snowden is a hero for shining a light on systemic government intrusion into American’s privacy. To others, Snowden is a traitor for exposing some of the country’s most closely guarded secrets and putting American lives at risk. But five years after the Snowden disclosures, the estimated 1.5 million documents that the former NSA contractor stole in a blaze of glory have fueled perhaps the most significant period in cybersecurity’s history.
It has been a half-decade of swirling controversy around wiretaps, hacks and leaks, not to mention the alleged alteration of a presidential election. For the cyber industry, the Snowden disclosures have driven systemic reform.
“Snowden opened the Pandora’s box to the data leaks,” Bay said, adding that the Snowden disclosures may have been the catalyzing force behind sensational attacks ranging from Vault 7, Shadow Brokers and the alleged hacking of the Democratic National Committee in 2016. “Undoubtedly, he did a huge damage to U.S. intelligence. I can’t think of any scenario where the NSA hasn’t had to change huge amounts of their infrastructure.”
Snowden’s theft and disclosure of government documents shed light on signals intelligence and access the government had into customer data from top U.S. internet companies.
Former government officials like Bay argue that only a small percent of the resulting leaks were related to American’s privacy. Bay now works for a private cybersecurity firm. The other chunk of Snowden’s disclosures detailed sensitive American intelligence methods, they argue.
Their release jolted American government.
As the State Department’s cyber czar, Chris Painter was charged with bolstering cooperation with countries who faced shared digital threats. The Snowden disclosures over intelligence gathering techniques caused tension with these traditional allies.
“Our adversaries tried to capitalize on that.” Painter told Fifth Domain. Snowden’s leaks “led to an examination in the U.S. as to what our processes were and what our oversight was ... The discussion was good, but clearly the costs on appropriate intelligence gathering and safety of people outweighs any benefits that come out of it.”
A 2016 report from the House of Representatives says that “the public narrative popularized by Snowden and his allies is rife with falsehoods, exaggerations, and crucial omissions.” By a conservative estimate, the House estimated that the U.S. government will eventually spend a billion dollars to attempt to mitigate the “damage” Snowden caused.
The disclosures rattled the sprawling, billion-dollar industry of cyber contractors who can have access to some of America’s most intimate secrets. Contractors like Snowden are such an integral part of America’s cyber defense that they may sit at desks next to government officials. There can be almost no distinction.
Snowden “forced the government to re-evaluate everything. From background check to network access to data protection controls. How did we clear him?” said Paul Parker, chief technologist for federal and national government at Solarwinds. Parker added the disclosures have shifted federal budget priorities to boost data protection.
A Solarwinds report from 2017 said that three-quarters of federal cybersecurity professionals believe agencies are taking a more proactive approach to IT security than five years ago. At the same time, over half of participants said that security regulations can lead to complacency. “Tasks are performed to ‘check a box,’” the report warned.
“What Snowden did is make us look internally — not just for the government, but for the private sector. We say ’What are you doing about insider threats?’ Dan Medina told Fifth Domain. Medina served at the Department of Homeland Security during the Snowden disclosures in 2013, and now works for Glasswall Solutions.
The lasting impact of the Snowden revelations on the cyber industry may be a shift in culture. Leakers have gone mainstream. Today, universities like Carnegie Mellon have specific programs tailored to root out insider threats.
Snowden “diminished the barrier to leaking, the thing that was sacrosanct,” Medina said. “He popularized leaking.”
Justin Lynch is the Associate Editor at Fifth Domain. He has written for the New Yorker, the Associated Press, Foreign Policy, the Atlantic, and others. Follow him on Twitter @just1nlynch.