| ® || Crossing the Rubicon | 45 which was done at NSA headquarters in Fort Meade and most of the NSA’s regional facilities, had not yet been installed at the Hawaii base, because a lack of bandwidth prevented the safe upgrading of the software. This auditing software was scheduled to be installed after the backup system was completed in 2013. The Kunia base was one of the last NSA bases that did not monitor suspicious transfers of files on a real-time basis. Snowden was aware of this deficiency; he later pointed out in his interview in Wired that the NSA base where he worked did not have an “audit” mechanism. This security gap allowed Snowden, using his system administrator’s credentials, to copy classified data to a thumb drive without anyone's being able to trace the copied data back to him. According to the NSA’s subse- quent damage assessment, he stole many thousands of pages while working for Dell in 2012 before he contacted journalists. Ledgett subsequently reported that the NSA analysis of the fifty-eight thou- sand documents that were given by Snowden to journalists in June 2013 showed that most of them were taken while he was still work- ing at Dell. © This theft was made even more serious by the interconnection re) of NSA computers with those of other intelligence agencies. Prior to the 9/11 attacks in 2001, “stovepiping” had protected NSA data on its computers from networks used by other intelligence services. After the 9/11 Commission concluded that part of the reason U.S. intelligence agencies were unable to “connect the dots” in advance of the attack was related to this practice, the NSA stripped away a large part of its stovepiping. As a result, the NSANet, which Snowden had access to at Dell in 2012, became a shared network with “com- mon access points,” as the former NSA director Michael Hayden described them to me, which made them the equivalent of “reading rooms” in a library. They served as a means for NSA workers to exchange ideas about the pro