FBI Looks for Leaks at Foreign Intelligence Surveillance Court

The FBI is investigating whether the highly protected and segregated computer systems that store the secret court warrants authorizing electronic surveillance inside the United States have been breached, according to current and former U.S. intelligence officials. Thirteen days after the Guardian published a top-secret court order from the top-secret Foreign Intelligence Surveillance Court disclosing the National Security Agency's collection of all phone records from Verizon's business customers over a three-month period, the U.S. intelligence community has yet to determine how the warrant, one of the most highly classified documents inside the U.S. government, was leaked.

Those who receive the warrant—the first of its kind to be publicly disclosed—are not allowed “to disclose to any other person” except to carry out its terms or receive legal advice about it, and any person seeing it for those reasons is also legally bound not to disclose the order. The officials say phone companies like Verizon are not allowed to store a digital copy of the warrant, and that the documents are not accessible on most NSA internal classified computer networks or on the Joint Worldwide Intelligence Communications System, the top-secret internet used by the U.S. intelligence community.

The warrants reside on two computer systems affiliated with the Foreign Intelligence Surveillance Court and the National Security Division of the Department of Justice. Both systems are physically separated from other government-wide computer networks and employ sophisticated encryption technology, the officials said. Even lawmakers and staff lawyers on the House and Senate intelligence committees can only view the warrants in the presence of Justice Department attorneys, and are prohibited from taking notes on the documents.

“The only time that our attorneys would have gotten to read one was if Justice Department lawyers came over with it in a secure pouch and sat there with them when they read them,” said Pete Hoekstra, a former Republican chairman and ranking member of the House Permanent Select Committee on Intelligence. “There was never one in the intelligence-committee spaces, never one left there without someone from the Justice Department. It would not have been left there overnight.”

U.S. intelligence officials were careful to say investigators have not yet concluded there is a mole inside the FISA Court or that the secure databases that store the court warrants have been compromised, only that both prospects were under active investigation.

If the secret court has been breached, it would be one of the most significant intelligence failures in U.S. history, potentially giving America’s adversaries a road map to every suspected agent inside the United States currently being watched by the FBI, according to the officials. Unlike the Verizon order and other such sweeping collection demands that have been received by internet and telecom companies, many FISA warrants identify a specific individual or entity being monitored by the U.S. government.

“If we have a human or electronic breach in this system it could be a counter-intelligence disaster. It would allow our adversaries to see what we are targeting and how,” said Joel Brenner, a former inspector general and senior counsel for the NSA who left the agency in 2010.

“If they got access into the database or mainframe that the warrants are housed in, this compromises our country’s most closely guarded ongoing investigations,” Hoekstra said. “This would be like Aldrich Ames,” referring to the CIA officer who told the Soviet Union about moles inside the USSR working for the United States for nearly a decade, with several of the operatives he outed arrested and executed by the Soviets. “This would be breathtaking.”

Stewart Baker, a former general counsel to the NSA, just said such a breach would be “very bad.”

The leading suspect in the leak of the FISA court warrant is Edward Snowden, the 29-year-old NSA contractor who announced himself earlier this month as the source of NSA documents leaked to the Washington Post and the Guardian. Snowden, however, has not acknowledged being the source of the FISA court warrant. When asked on ABC News earlier this month to speak more about his source’s motivations, Glenn Greenwald, the journalist who broke the first stories for the Guardian, said, “Well, first of all, I am not going to confirm that there is only one individual, there could be one or more than one.”

The FISA warrant that Snowden accessed "was on a web server at NSA in a special classified section that as he was getting his training he went to,” said Alexander. The highly classified warrant had been placed on an internal web forum intended to "help people understand how to operate NSA’s collection authorities, where you look for collection authorities." Asked for a reaction to Alexander's acknowledgement that Snowden accessed the FISA court warrant through the NSA's own internal networks, Rep. Mike Rogers, the chairman of the House Permanent Select Committee in Intelligence said that "It’s too early to rule out anything or to rule anything in."

On Tuesday, hours after this story was originally posted, General Keith Alexander, the NSA director, told reporters that Snowden had accessed some of the materials he later leaked, including the Foreign Intelligence Surveillance Act warrant, from a special classified part of the NSA's internal servers.

The FISA warrant that Snowden accessed "was on a web server at NSA in a special classified section that as he was getting his training he went to,” said Alexander. The highly classified warrant had been placed on an internal web forum intended to " help people understand how to operate NSA’s collection authorities, where you look for collection authorities."

Asked for a reaction to Alexander's acknowledgement that Snowden accessed the FISA court warrant through the NSA's own internal networks, Rep. Mike Rogers, the chairman of the House Permanent Select Committee in Intelligence said that "It’s too early to rule out anything or to rule anything in."

A U.S. intelligence official on Monday told The Daily Beast that investigators still did not know how many other FISA court warrants, if any, might make their way into the public eye, or if Snowden was the source of the Verizon document and, if so, whether or not he was working alone.

If the court has been compromised, it would not be the first breach of FBI surveillance targets inside the United States. In April, CIO.com quoted Microsoft's Dave Aucsmith, the senior director of the company's Institute for Advanced Technology in Governments, saying a 2009 hack of major U.S. Internet companies was a Chinese plot to learn the targets of email and electronic surveillance by the U.S. government. In May, the Washington Post reported Chinese hackers had accessed a Google database that gave it access to years’ worth of federal U.S. surveillance records of counter-intelligence targets. But current and retired U.S. intelligence officials stressed that the government has jealously guarded access to FISA Court warrants, and doubted that they could have been obtained from the databases of U.S. Internet or telephone companies.

Spokespeople for the Justice Department, the FISA Court, Verizon, and the office of the Director of National Intelligence declined to comment for this story.

Editor's Note: This story has been updated with Alexander's comments on Tuesday. A quote from an "intelligence official" asserting that Snowden would not have had access to the warrant has been removed.