Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Government Privacy Security IT

NSA Firing 90% of Its Sysadmins 634

sl4shd0rk writes "NSA Director Keith Alexander has decided that the best way to prevent illegal data leaks is to reduce the number of ears and eyes involved. During a talk at a cybersecurity conference in New York this week, Alexander revealed his plans to cut 90% of the System Administration workforce at the NSA. 'What we're in the process of doing — not fast enough — is reducing our system administrators by about 90 percent,' he said. Alluding to an issue of mistrust, Alexander further clarified: 'At the end of the day it's about people and trust ... if they misuse that trust they can cause huge damage.' Apparently, breaking the law and lying about it leaves one without a sense of irony when speaking in public."
This discussion has been archived. No new comments can be posted.

NSA Firing 90% of Its Sysadmins

Comments Filter:
  • Hmm (Score:5, Insightful)

    by spike hay ( 534165 ) <blu_ice&violate,me,uk> on Friday August 09, 2013 @10:39AM (#44520999) Homepage

    So having a huge amount of very disgruntled people with at least previous access to large amounts of classified data isn't a security risk?

    • Re:Hmm (Score:5, Insightful)

      by the eric conspiracy ( 20178 ) on Friday August 09, 2013 @10:43AM (#44521057)

      Previous access to stuff that really isn't secret any more.

    • by khallow ( 566160 )

      So having a huge amount of very disgruntled people

      Depends how it's done. Contractors come and go. So if those 900 people were contractors, like Snowden, it might not make a difference in outcome (though in that case, the NSA was probably already creating some number of disgruntled contractors).

      Or they might move these people into other decent paying work. If the ex-workers aren't experiencing a big decline in wages and no longer fall under those heavy security rules, then it's possible that most of them might see it as a promotion.

      • They just told a large number of sysadmins they are going to be discarded like used tissue for no fault of their own. I wonder how many will hold a grudge.
    • Re:Hmm (Score:5, Insightful)

      by Feyshtey ( 1523799 ) on Friday August 09, 2013 @11:08AM (#44521447)
      My initial question was, if you can do the work with 90 people, why the FUCK were you paying 900?!? And people actually debate against the need to reduce the size of government...
      • Re:Hmm (Score:5, Insightful)

        by MaskedSlacker ( 911878 ) on Friday August 09, 2013 @11:22AM (#44521689)

        That is the incorrect question. The correct question is: "Why aren't you firing 100%?"

      • Re:Hmm (Score:4, Insightful)

        by NatasRevol ( 731260 ) on Friday August 09, 2013 @11:23AM (#44521695) Journal

        I'm pretty sure he has no idea how many he needs. He just knows he doesn't trust the people that can see all the data.

        • I'm pretty sure he has no idea how many he needs. He just knows he doesn't trust the people that can see all the data.

          Then... I don't see a solution. Sysadmins traditionally have access to everything. You need to hire admins you can trust, and be careful not to piss them off. Or you could outsource to a foreign country. That always works out well.

      • Re:Hmm (Score:5, Insightful)

        by roc97007 ( 608802 ) on Friday August 09, 2013 @11:29AM (#44521809) Journal

        > My initial question was, if you can do the work with 90 people, why the FUCK were you paying 900?!?

        Having been present when a company fired 88% of their IT staff, (and came to *really* regret it later) I have come to the conclusion that the real question would be "how the FUCK do you think everything is going to get done with 90 people?"

        • A better question is, "You have 900 people doing WHAT?!".
          • Re: (Score:3, Informative)

            by roc97007 ( 608802 )

            A better question is, "You have 900 people doing WHAT?!".

            That's actually a good point, but not, perhaps, in the way you meant it. The powers that be almost certainly do not know what those admins are doing or the value thereof, even if they were (or were not) vital to the organization. Their true value (if any) will be discovered after they're dismissed.

            "We have to fire the employees to find out what they did."

            • by bberens ( 965711 )
              I think it's more a case of reducing the surface area of the vulnerabilities (people with access) is viewed as more important than "whatever it is they do." It *almost* doesn't matter what they do.
        • Re:Hmm (Score:4, Funny)

          by arf_barf ( 639612 ) on Friday August 09, 2013 @12:53PM (#44522951)

          We will outsource it to China or India. They have full access to the systems anyhow, they might as well keep the systems running ;-)

      • Re:Hmm (Score:4, Insightful)

        by saleenS281 ( 859657 ) on Friday August 09, 2013 @12:45PM (#44522833) Homepage
        You're assuming they can do the work with 90 people. It's just as likely, just like in the private sector, they're going to layoff 90% of the people, and expect the remaining 10% to work 90 hour weeks until they burn out, constantly reminding them how lucky they are just to have a job.
      • Re:Hmm (Score:5, Insightful)

        by vawwyakr ( 1992390 ) on Friday August 09, 2013 @01:11PM (#44523193)
        The reality is that what they are probably doing is just expecting the other employees there to do the admin's work. The thought being "hey we have lots of smart techie people". I have seen many gov divisions with very little IT support available....they usually still limp along painfully but very inefficiently. In the end this probably going to cost tax payers more than it saves.
    • Re:Hmm (Score:5, Informative)

      by beltsbear ( 2489652 ) on Friday August 09, 2013 @11:09AM (#44521451)

      And even worse, letting it slip in advance? None of them ever read slashdot!

      Partitioning and reducing the number of eyes on data is a good idea. Re-checking the people with access to the most sensitive information is a good idea. Blanket orders from higher up administration who do not understand the problem, BAD IDEA. 'Automation' that could allow one person (with access legit or not) to get to even more information than before, recipe for disaster.

      Seems like someone from upper management saw a presentation on this subject (from a vendor) and now thinks they know everything.

      • by Manfre ( 631065 )

        Sounds like a good attempt to bait others in to leaking information. Having your job security and trust put in to doubt will encourage those inclined to pilfer information.

    • Re:Hmm (Score:4, Funny)

      by Anonymous Coward on Friday August 09, 2013 @11:17AM (#44521587)

      >plans to cut
      >previous access
      I'm not sure you understand the difference between past and future tense. Basically. ALL sysadmins there now know there's a 90% chance their job is about to go away. As they sit there at their desks. With their computers. And access.

      On the bright side though, does this mean American corporations will finally have a pool of qualified domestic tech talent to pick from rather than H1-Bs?

    • Re: (Score:3, Insightful)

      by CAIMLAS ( 41445 )

      Previous access?

      Let's think about this. You're a sysadmin for the NSA; you're not actually all that fond of what's going on there at this point. You catch wind that there's a 90% likelihood you will lose your job, and if you don't lose your job, you will have 10 times as much work hoisted onto your shoulders - so you're looking for a new job regardless.

      This is true for every one of your coworkers as well, many of which will likely be pre-emptively disgruntled about their firings, and many will have at least

    • Not only that, but firing 90% of your sysadmins indicates that either:

      A) You were grossly overstaffed to begin with. And I mean *grossly* overstaffed, because 90% of your workforce is simply unnecessary. That's not just, "we're a bit overstaffed, so let's let some people go." That's at the level of, "We're totally incompetent and have no idea what we're doing." Frankly, it would be terrifying ot think that this program is being run by such incompetent people. --or--

      B) Once you're done firing people, y

  • by Anonymous Coward on Friday August 09, 2013 @10:41AM (#44521023)

    "At the end of the day it's about people and trust"

    I... it's.... but...

    *pop*

    • by ColdWetDog ( 752185 ) on Friday August 09, 2013 @10:50AM (#44521155) Homepage

      From TFA:

      Using technology to automate much of the work now done by employees and contractors would make the NSA's networks "more defensible and more secure," as well as faster, he said at the conference.

      Which sounds eerily like:

      The strategy behind Skynet's creation was to remove the possibility of human error and slow reaction time to guarantee a fast, efficient response to enemy attack.

      Skynet was originally activated by the military to control the national arsenal on August 4, 1997, at which time it began to learn at a geometric rate. On August 29, it gained self-awareness, and the panicking operators, realizing the extent of its abilities, tried to deactivate it. Skynet perceived this as an attack and came to the conclusion that all of humanity would attempt to destroy it.

      Be afraid. Be very afraid.

  • by kommakazi ( 610098 ) on Friday August 09, 2013 @10:41AM (#44521025)
    and pissing them all off, giving them no job to lose, is going to somehow *prevent* further leaks? Brilliant!!!!
    • by h4rr4r ( 612664 ) on Friday August 09, 2013 @10:49AM (#44521147)

      And announcing that you are going to fire 90% of them ahead of time. So they have lots of time to collect what they want to leak.

      • by cusco ( 717999 ) <`moc.liamg' `ta' `ybxib.nairb'> on Friday August 09, 2013 @10:59AM (#44521319)
        And create dummy accounts with remote access, hide old desktop machines in dusty closets with modems attached to the fax machine, and take home that secondary hard drive out of their desktop machine. I tell you, this guy is truly a manager's manager!
      • by Quila ( 201335 ) on Friday August 09, 2013 @11:27AM (#44521767)

        Or, they just set up massive auditing everywhere and aren't really going to fire anybody. Now they just sit back and watch which admins start accessing stuff they aren't supposed to. A bunch of little snively Snowdens we'll grab before they can flee justice.

    • The actual deterrent (Score:3, Interesting)

      by sjbe ( 173966 )

      So firing 90% of their admins and pissing them all off, giving them no job to lose, is going to somehow *prevent* further leaks?

      I'm pretty sure the threat of life imprisonment for revealing "secrets" was and is a bit more of a deterrent than the loss of wages ever could hope to be. If someone kicks you while holding a gun to your face are you worried about their foot or the gun?

    • Re: (Score:3, Funny)

      by linear a ( 584575 )
      It's a spy agency. You're misinterpreting the meaning of "firing" here. As in "ready, aim, ...".
    • by camperdave ( 969942 ) on Friday August 09, 2013 @11:18AM (#44521615) Journal
      Hang on! It says reducing their sysadmins by 90%. Surely that means instituting a high fiber, low carb diet, and an exercise regimen.
    • It couldn't be that St. Snowden saw the writing on the wall and was acting more as a disgruntled employee about to be canned, than as the patron saint of government transperency?

  • by Chris Mattern ( 191822 ) on Friday August 09, 2013 @10:42AM (#44521035)

    You fire all the people who are responsible for the security of your systems. Wait, what?

  • Question.... (Score:5, Interesting)

    by Anonymous Coward on Friday August 09, 2013 @10:43AM (#44521051)

    Can we fire 90% of the NSA?

  • Alternatively... (Score:5, Insightful)

    by Nogami_Saeko ( 466595 ) on Friday August 09, 2013 @10:45AM (#44521091)
    They could just pay them well, give them a fair amount of responsibility and respect, and, perhaps... not break the law or violate the constitution.
  • So... (Score:4, Interesting)

    by Ecuador ( 740021 ) on Friday August 09, 2013 @10:45AM (#44521101) Homepage

    Is he saying that sysadmins are particularly untrustworthy? Why not reduce the entire workforce by 90% to reduce the number of ears and eyes involved. Reducing 90% of just the sysadmins won't reduce the total "population" by much (unless I am mistaken in my assumption that NSA is not just a data center). Also, you could try reducing the number of people who know too much - i.e. could do most damage. If the sysadmins fit that category and not, say, the directors or management then you are doing it wrong...

    • Re:So... (Score:5, Interesting)

      by fuzzyfuzzyfungus ( 1223518 ) on Friday August 09, 2013 @10:52AM (#44521185) Journal

      I assume that sysadmins score particularly badly on the 'amount of access vs. degree of trust' metric.

      Barring really elegant, or unbearably onerous, system design, (which the NSA apparently didn't bother with, since one comparatively junior sysadmin at a contracting company, not even in house, apparently had massive access to the juicy details) sysadmins tend to have enormous power over your systems, access (because somebody has to run backups) to your files and email, etc, etc.

  • by Sockatume ( 732728 ) on Friday August 09, 2013 @10:47AM (#44521121)

    Am I reading this right? The NSA think that the issue of mistrust around PRISM is that we worry some whistleblower will leak our information, and not that it's being harvested in the first place? They're deep into cognitive dissonance land over there I see.

    • by fuzzyfuzzyfungus ( 1223518 ) on Friday August 09, 2013 @10:59AM (#44521311) Journal

      I'm surprised that Keith's head didn't explode when he said "people who have access to data as part of their missions, if they misuse that trust they can cause huge damage.”

      He is sort of Public Enemy #1 on that score right about now, with any lackeys who have nontrivial authority right behind him.

      • I'm surprised that Keith's head didn't explode when he said "people who have access to data as part of their missions, if they misuse that trust they can cause huge damage.â

        His head did not explode because this is a deliberate tactic of misdirection. If he can just get the public to focus on the leaker, instead of the content of the leak......

        This is more of the same: he is trying to say that the problem is leakers, not the core activity of the NSA.

  • by sinij ( 911942 ) on Friday August 09, 2013 @10:48AM (#44521143)
    Great, now NSA will have mismanaged IT systems prone to failures and easier to compromise. As a result thier snooping will be available not only to US government, but to any other entity that would bother to hack their way into under-managed IT system run by remaining 10% of overworked sysadmins.
  • total stupidity (Score:5, Insightful)

    by MickyTheIdiot ( 1032226 ) on Friday August 09, 2013 @10:50AM (#44521157) Homepage Journal

    He is going to increase the work of each sysadmin by 10x... ->

    Making what is perpetually an overworked position 10x worse ->

    Making it not worth the stress for the amount of pay ->

    Making every sysadmin in the NSA a ripe target for various bribes...

    BRILLIANT!

    The people in leadership positions in the USA (government and corporate) are all idiots.

  • Umm (Score:4, Insightful)

    by wbr1 ( 2538558 ) on Friday August 09, 2013 @10:54AM (#44521231)
    How about REDUCING 90% of the ILLEGAL data tapping instead?
  • Amazing (Score:5, Insightful)

    by gmuslera ( 3436 ) on Friday August 09, 2013 @11:00AM (#44521331) Homepage Journal
    An organization that have no respect for other people having no respect for their workers too? Working for them is no magic shield, only gives them more tools to hit you harder when comes your turn.
  • by hawguy ( 1600213 ) on Friday August 09, 2013 @11:05AM (#44521413)

    If they don't need 90% of their sysadmins, they should have fired them long ago.

    But I suspect that they aren't all redundant, so how are they going to maintain their systems? It would be interesting to see their server-to-sysadmin ratio and compare to other companies.

    Without the sysadmins to maintain and secure their systems, they may be making their data even easier for hackers to access, so the NSA may end up being a huge liability to the security of the country. I don't see why no lawmaker understands this - data breaches happen every day, even to large companies that follow best practices to secure their data. Why do they think that the NSA's vast data warehouse is not going to be breached when it's such a huge target to non-friendly governments and hackers throughout the world - even governments of countries where most computer hardware is made that have the resources to hide backdoors in that hardware.

  • by Dracos ( 107777 ) on Friday August 09, 2013 @11:09AM (#44521463)

    "If you're doing nothing wrong, you have nothing to worry about." Does that sound familiar, Mr. Alexander?

    Obviously, you are very worried.

  • by Culture20 ( 968837 ) on Friday August 09, 2013 @11:12AM (#44521491)
    If I were in the remaining 10%, I'd quit no matter how much they paid me. Doing the work of 9 people? That's burn out in less than a month.
  • by Dishwasha ( 125561 ) on Friday August 09, 2013 @12:27PM (#44522615)

    Four star general in the United States Army and head of U.S. National Security Agency discovers after 62 years that there are some humans that can not be trusted. After an intense investigation, it was uncovered that director of the NSA Keith Alexander in fact changed his name from Adam Weber shortly after crawling out of a bomb shelter he was sequestered in to by his father and mother at the tender age of 10. Famous actor Brendan Fraser is well known for portraying Keith Alexander a.k.a. Adam Weber in the lesser known 1999 documentary A Blast from the Past [imdb.com] that follows the real life of Keith Alexander, his father, and his mother during their self imposed quarantine and the emergence of Keith Alexander in to a modern and morally questionable society.

  • by coolsnowmen ( 695297 ) on Friday August 09, 2013 @01:22PM (#44523347)

    So, I was researching to comment/argue with a previous post and typed into google "goal of the nsa"- and the first link was: http://www.nsa.gov/about/strategic_plan/ [nsa.gov]

    Coincidentally that returned "Internal Server Error...unable to complete your request."

    HAH!

"Everything should be made as simple as possible, but not simpler." -- Albert Einstein

Working...