"We're seeing al-Qaida and related groups start to look for ways to adjust how they communicate," said Matthew Olsen, director of the National Counterterrorism Center and a former general counsel at the NSA.
Other officials, who declined to speak on the record about particulars, said they had watched some of their surveillance targets, in effect, changing channels. That evidence can be read another way, they acknowledged, given that the NSA managed to monitor the shift.
Clapper has said repeatedly in public that the leaks did great damage, but in private he has taken a more nuanced stance. A review of early damage assessments in previous espionage cases, he said in one closed-door briefing this fall, found that dire forecasts of harm were seldom borne out.
"People must communicate," he said, according to one participant who described the confidential meeting on the condition of anonymity. "They will make mistakes and we will exploit them."
According to senior intelligence officials, two uncertainties feed their greatest concerns. One is whether Russia or China managed to take the Snowden archive from his computer, a worst-case assumption for which three officials acknowledged there is no evidence.
In a previous assignment, Snowden taught U.S. intelligence personnel how to operate securely in a "high-threat digital environment," using a training scenario in which China was the designated threat. He declined to discuss the whereabouts the files now, but he said he is confident he did not expose them to Chinese intelligence in Hong Kong and did not bring them to Russia at all.
"There's nothing on it," he said, turning his laptop screen toward his visitor. "My hard drive is completely blank."
The other big question is how many documents Snowden took. The NSA's incoming deputy director, Rick Ledgett, said on CBS's "60 Minutes" recently that the number may approach 1.7 million, a huge and unexplained spike over previous estimates. Ledgett said he would favor trying to negotiate an amnesty with Snowden in exchange for "assurances that the remainder of the data could be secured."