WASHINGTON — The U.S. government may have to reconsider how much it relies on outside defense contractors who are given top security clearances, after an NSA contractor exposed top-secret phone and internet surveillance programs.
Edward Snowden, a 29-year-old systems technician at Booz Allen Hamilton Holding Corp, admitted on Sunday that he divulged details of the National Security Agency's programs to the Guardian and Washington Post.
Booz shares fell 3.3 percent Monday, and peers such as SAIC and General Dynamics fell as much as 3 percent.
"We do need to take another, closer look at how we control information and how good we are at identifying what people are doing with that information," said Stewart Baker, former general counsel at the NSA and former assistant secretary for policy at the Department of Homeland Security.
Baker said Snowden's leaks show the need for the government to tighten up what can be seen by contractors, as well as government employees.
"Are we challenging him, are we auditing him? Are we taking measures to be sure he doesn't have wide-ranging access to stuff that is not relevant to him?" Baker said of a theoretical contractor with wide-ranging access.
Companies like Booz became a cornerstone of the U.S. government's national security efforts after the 9/11 attacks. With a massive ramp-up in security operations came the need for organizations that could move quickly to implement new rules, regulations and screening protocols.
But that expansion did not always go smoothly. A notorious example is the company formerly known as Blackwater, which agreed last summer to pay fines for trying to operate in Sudan despite sanctions. The company had previously been a source of strained U.S.-Iraqi relations over shootings there.
The risk to a company like Booz is clear - according to its last quarterly report, 99 percent of its revenue comes from contracts with U.S. government agencies or other federal contractors. Lose the government's trust and nothing is left.
Booz said Snowden worked for the company in Hawaii for less than three months.
"News reports that this individual has claimed to have leaked classified information are shocking, and if accurate, this action represents a grave violation of the code of conduct and core values of our firm," Booz said in a statement on Sunday. "We will work closely with our clients and authorities in their investigation of this matter."
As of March 31, Booz employed 24,500 people, of whom 76 percent held government security clearances and more than a quarter held top security clearances, according to a company filing.
Security experts say the risks of a Snowden-type case grow as the number of clearances proliferates.
"Are contractors a unique risk? No - Bradley Manning wasn't a contractor," said Paul Rosenzweig, a former deputy assistant secretary for policy at the Department of Homeland Security.
Manning, the U.S. Army private first class charged with the biggest leak of classified files in the nation's history, is in the second week of his court-martial at Fort Meade, Maryland.
"It's the people, it's not what their job title is," said Rosenzweig. "What does change the dynamic is the greater number of people overall - whether they're contractors or inside."