By Paul Cruickshank
Obama administration officials and congressional lawmakers over the past two weeks have condemned Edward Snowden for admittedly leaking classified information on national security surveillance programs.
Mike Rogers, the chairman of the House Intelligence Committee, spoke of "changes we can already see being made by the folks who wish to do us harm, and our allies harm."
He added the disclosures of surveillance programs may also "make it harder to track bad guys trying to harm U.S. citizens in the United States."
FBI Director Robert Mueller last week testified "these disclosures have caused significant harm to our nation and to our safety."
How should these claims be weighed?
There is little doubt the leaks were damaging to some degree. It is axiomatic that disclosures on the scope of NSA surveillance can be helpful to terrorist groups.
Al Qaeda and its affiliates do pay attention to such things because nothing is more important to terrorist groups than operational security.
However, some analysts also rightly point out that al Qaeda and like-minded groups were already aware of the enormous capabilities of the NSA to snoop on their communications, and had already taken measures to try to evade detection.
Al Qaeda can hardly have failed to notice that U.S. intelligence intercepts helped thwart a significant number of its plots since 9/11. This was well documented long before Snowden's leaks this month to the Guardian and the Washington Post.
Some of these plots included the 2009 Najibullah Zazi plan to bomb New York subway system; a potential plot in Belgium in 2008; a plot by al Qaeda affiliated militants to bomb U.S. soldiers in Germany in 2007; and the 2006 plot to bomb nine airliners bound for North America simultaneously above the Atlantic (by far the most serious plot since 9/11).
Al Qaeda and its affiliates responded to the string of plots thwarted by the NSA by being more careful in the way they communicated.
By 2008, al Qaeda had banned electronic communications inside the tribal areas of Pakistan, instead requiring messages be exchanged through couriers, according to the testimony of Western al Qaeda recruits.
Militants sympathetic to al Qaeda developed encryption software to help it mask its communications with operatives overseas.
A group of German militants recruited into an al Qaeda plot to attack Europe in 2010 were provided hands-on instruction in encrypting their communications using a program called Mujahideen Secrets in the tribal areas of Pakistan by Younes al Mauretani, a senior al Qaeda operative, according to German intelligence officials.
An internal al Qaeda strategy document called "Future Works" authored in 2009, which was subsequently recovered by German authorities from an al Qaeda operative in Berlin, spoke of the need to instruct Western recruits in ways to secretly communicate with their handlers.
German intelligence officials told CNN that militants in Germany had by 2011 developed ways to communicate in secret over the Internet with terrorist operatives in Pakistan.
The most prominent adopter of the Mujahideen Secrets software was Anwar al Awlaki, an American-Yemeni cleric who orchestrated several plots against the United States for al Qaeda's affiliate in Yemen before his death in a U.S drone strike in September 2011.
In 2009, Awlaki personally instructed at least one European militant in Yemen how to use the software so they could communicate without their e-mails being intercepted. CNN has seen copies of the encrypted emails.
By the following year al Awlaki had developed a sophisticated multi-layered method to encrypt communications with operatives overseas.
Significant detail about it was revealed in the 2011 trial of Rajib Karim a British-Bangladeshi-British terrorist operative who had communicated with Awlaki the previous year.
The court heard how in early 2010 Karim, then working in a British Airways call center in Newcastle, communicated in coded phrases from the UK with Awlaki in Yemen through deeply-encrypted word documents that were stealthily digitally compressed and then uploaded to pages of Web hosting sites with addresses only known to the parties in question.
The messages appear not to have been intercepted by the NSA or any other Western intelligence agency.
Even after finding the communications, it took British investigators significant time to decipher the communications, only succeeding after they found the cipher codes and passwords in a file on his the computer, it was revealed at trial. This illustrated how difficult it would be to track such messages in real time.
It was not just al Qaeda that was able to evade detection by the NSA.
On May 1 2010, Faisal Shahzad, an American recruited by the Pakistani Taliban, tried but failed to blow up a car bomb at New York's Times Square.
Court documents revealed that rather than stay off the grid, Shahzad had been in regular touch over the Internet with his handler in Pakistan to get bomb-making guidance in the run up to the attack.
"Using software programs that were installed on his laptop while he was in Pakistan, Shahzad and the Pakistani Taliban were able to exchange information about the bomb he was building," court documents stated.
These communications were obviously not detected by the NSA, otherwise Shahzad would have been arrested before trying to carry out an attack.