The NSA might have all sorts of high-tech methods to prevent and sniff out internal leaks. But sometimes all it takes is a pair of pantyhose to steal highly sensitive, classified information.
Consider how the agency was able to pin down an alleged leaker of a classified intelligence report, published by The Intercept, that said Russian military intelligence launched a cyberattack on a US voting software company and sent spear-phishing e-mails to local US election officials ahead of the November election.
NSA investigators quickly narrowed down suspects to Reality Leigh Winner, a 25-year-old linguistics contractor for Pluribus International Corporation, a company that provides analytical, translation, and cyberwarfare development services to the intelligence community. When The Intercept asked the NSA in June to confirm the document's authenticity, the online news agency unwittingly exposed the leak's alleged source. The copy of the report showed fold marks that indicated it had been printed—and it included encoded watermarking that revealed exactly when it had been printed and on what printer.