FBI Arrested NSA Contractor For Walking Off With 'Highly Classified Information'

from the thought-this-kind-of-thing-was-supposed-to-be-impossible? dept

Wed, Oct 5th 2016 11:37am — Mike Masnick

The Justice Department announced this morning that it had arrested Harold Martin, an NSA contractor (working for Booz Allen), for apparently copying "highly classified" material. The arrest actually happened at the end of August, but the details were only unsealed today.

According to the affidavit, on August 27, 2016, search warrants were executed at Martin’s residence in Glen Burnie, including two storage sheds, as well as upon his vehicle and person. During execution of the warrants, investigators located hard copy documents and digital information stored on various devices and removable digital media. A large percentage of the materials recovered from Martin’s residence and vehicle bore markings indicating that they were property of the United States and contained highly classified information of the United States, including Top Secret and Sensitive Compartmented Information (SCI). In addition, investigators located property of the United States with an aggregate value in excess of $1,000, which Martin allegedly stole.

The complaint alleges that among the classified documents found in the search were six classified documents obtained from sensitive intelligence and produced by a government agency in 2014. These documents were produced through sensitive government sources, methods, and capabilities, which are critical to a wide variety of national security issues. The disclosure of the documents would reveal those sensitive sources, methods, and capabilities.

The NY Times story about this claims that the information Martin had was "computer code." There's a lot of speculation on the Twitters that this is related to the infamous Shadow Brokers "leak" of NSA hacking tools. The dates don't fully line up. The Shadow Brokers leak involved code from 2013. The DOJ claims that the code it found Martin had is from 2014 -- though it's certainly possible that the investigation into Shadow Brokers led them to Martin (the arrest came the week after the Shadow Brokers info went public). However, the NY Times report does say that the info was for breaking into foreign computer systems:

The contractor arrested in recent weeks is suspected of taking the highly classified “source code” developed by the agency to break into computer systems of adversaries like Russia, China, Iran and North Korea. Two officials said that some of the information the contractor is suspected of taking was dated.

As always, it will be interesting to hear the other side of this story. We've certainly seen the DOJ come down hard on former NSA employees and contractors, claiming they had made off with classified information, when the later details turned out to show a lot less. But this is clearly a story worth following...

It should also make you wonder just how many "controls" the NSA has really put in place to keep employees and contractors from walking off with highly classified information. We know that Snowden did it back in 2013, but the NSA keeps insisting that it's put in place more controls to stop it from happening again. And, if this truly is exploit code, this is much worse. Snowden made off with information about certain programs -- but not actual code.

Martin-Criminal-Complaint (PDF)Martin-Criminal-Complaint (Text)

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: contractor, doj, exploits, fbi, harold martin, nsa, shadow brokers, surveilance
Companies: booz allen

27 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

Regret, 5 Oct 2016 @ 11:58am

No reference to classified emails that somehow made it onto the private server of a former top State Department employee? Huh.
[ link to this | view in chronology ]
- Anonymous Coward, 5 Oct 2016 @ 11:56pm
  
  Re:
  Or the classified information disclosed by the other Presidential candidate? Huh.
  [ link to this | view in chronology ]
John Cressman, 5 Oct 2016 @ 12:09pm

Too bad
He should have just emailed it to Hillary Clinton's private email server with the rest of the classified material. Suddenly... instant immunity deal AND they'd destroy any incriminating material, like they did with her aids.
[ link to this | view in chronology ]
Anonymous Coward, 5 Oct 2016 @ 12:23pm

Honeypots
"... the NSA keeps insisting that it's put in place more controls to stop it from happening again."

Along with honeypots to tempt the temptable. We can't discount that possibility, maybe they set him up. This is the spying game.
[ link to this | view in chronology ]
- Anonymous Coward, 5 Oct 2016 @ 12:26pm
  
  Re: Honeypots
  Seeding a honeypot with large amounts of actual classified information that he could successfully copy and carry out seems like a bad idea. Sure, build a honeypot and stock it with plausible looking goods, but don't make them so valuable that you will regret it if someone successfully copies them.
  [ link to this | view in chronology ]
  - Anonymous Coward, 5 Oct 2016 @ 12:31pm
    
    Re: Re: Honeypots
    "Seeding a honeypot with large amounts of actual classified information"
    
    But maybe it isn't, and maybe some of it is but the rest has subtle modifications acting as breadcrumbs if it gets into the wild. Just claim national security. Who's going to disagree?
    [ link to this | view in chronology ]
I.T. Guy, 5 Oct 2016 @ 12:39pm

"There's a lot of speculation on the Twitters" LOL.
[ link to this | view in chronology ]
Uriel-238 (profile), 5 Oct 2016 @ 12:40pm

My fantasy
My understanding of the NSA is that it's a rogue agency that frequently lies to our legislature and administration to justify its own agenda, which likely includes finding and using leverage on our legislature and administration.

That said, my fantasy is that this incident leaves them without any contractors willing to trust the NSA to let them work without false arrest of their employees.

Let it rot into obsolescence and disrepair in a shortage of labor and expertise.
[ link to this | view in chronology ]
- Anonymous Coward, 5 Oct 2016 @ 12:53pm
  
  Re: My fantasy
  I'm surprised they find anyone to work at these jobs any more. Personally, they'd have to blow their yearly budget to hire me, and I'm not even that talented a developer.
  [ link to this | view in chronology ]
  - Anonymous Coward, 6 Oct 2016 @ 5:54am
    
    Re: Re: My fantasy
    "I'm surprised they find anyone to work at these jobs any more."
    
    After NAFTA, TPP, etc., wipes out all the other jobs, what else can you do if you live in the rust belt?
    
    These *are* the "good jobs" that HRC has been proposing.
    [ link to this | view in chronology ]
    - Uriel-238 (profile), 6 Oct 2016 @ 6:03pm
      
      Hey, ho! All together...
      After NAFTA, TPP, etc., wipes out all the other jobs, what else can you do if you live in the rust belt?
      
      When the harbors are impacted with unemployed sailors, you know it's the dawn of interesting times.
      
      Going on the account, I think they called it...
      [ link to this | view in chronology ]
I.T. Guy, 5 Oct 2016 @ 12:42pm

I like the way they put that:
"However, the NY Times report does say that the info was for breaking into foreign computer systems."

Whew!!! I am so happy the programs can tell foreign computer systems from domestic computer systems. That's a relief.
[ link to this | view in chronology ]
- Baron von Robber, 5 Oct 2016 @ 12:54pm
  
  Re:
  Actually, IPs do show a country by country location
  http://whatismyipaddress.com/ip-lookup
  [ link to this | view in chronology ]
  - Anonymous Coward, 5 Oct 2016 @ 1:06pm
    
    Re: Re:
    But an attack vector doesn't care what your IP is. If it would work on a computer in a foreign country it would work on a comparable computer here in the US.
    [ link to this | view in chronology ]
    - Baron von Robber, 5 Oct 2016 @ 1:17pm
      
      Re: Re: Re:
      Ah I see what you mean. Aye, Stuxnet has already been modified and pointed back at the US. Some malware makers do prevent some countries (assuming their own) from being targeted, but that too can be modified.
      [ link to this | view in chronology ]
  - Anonymous Coward, 6 Oct 2016 @ 7:49am
    
    Re: Re:
    It is trivial to spoof and IP address. It is also trivial to spoof a MAC address.
    [ link to this | view in chronology ]
Anonymous Coward, 5 Oct 2016 @ 2:15pm

These tools could be considered weapons. Of course they could be used domestically, just as a Nuke could hit a US city as easy as hitting Iran.

And you do realize that the CIA and NSA has no problems recruiting, right? Mostly from Ivy's. If you are not that great a developer, they don't want you, because they pretty much have the pick of the crop.
[ link to this | view in chronology ]
- Anonymous Coward, 6 Oct 2016 @ 7:50am
  
  Re:
  If code is classified as a weapon or a monition, then an US citizen can have it via the 2nd amendment. The guvmint already tried that and it backfired on them.
  [ link to this | view in chronology ]
Anon, 5 Oct 2016 @ 3:56pm

Computer Code?
The material was apparently computer code? No proof of reselling or delivering to a foreign power? Sounds like this was your typical computer geek attitude "this is cool code. I want a copy for myself..."
[ link to this | view in chronology ]
Capt ICE Enforcer, 5 Oct 2016 @ 4:04pm

Newsworthy
Looks like we just found a new presidential candidate for 2016.
[ link to this | view in chronology ]
Ryunosuke (profile), 5 Oct 2016 @ 4:33pm

the other side of the story will be heavily redacted citing "National Security"
[ link to this | view in chronology ]
New Mexico Mark, 5 Oct 2016 @ 7:11pm

What property did he steal?
"In addition, investigators located property of the United States with an aggregate value in excess of $1,000, which Martin allegedly stole."

He took a hammer and a toilet seat?

http://www.dailyprogress.com/news/a-toilet-seat-is-nothing/article_9174fbc6-0e7c-55a2-8760-a264 863320b2.html

Seriously, the way government seemingly assigns random values to assets, this could be anything from a POS ten-year-old netbook to a mothballed battleship.
[ link to this | view in chronology ]
- David, 6 Oct 2016 @ 7:34am
  
  Re: What property did he steal?
  This is common. When Kevin Mitnick was charged with stealing documents, the value of the documents included the paper they were on, the entire cost of the DEC computer used to word-process the document, the software licenses of the same computer and word-processing software, the salary of the employee that word-processed the document. It was like Hollywood accounting.
  [ link to this | view in chronology ]
Dave, 6 Oct 2016 @ 1:31am

Retirement planning
Considering iOS bug bounties now top $1.5 million, perhaps he saw this info as part of his retirement savings. It wouldn't surprise if other TAO employees felt likewise.
[ link to this | view in chronology ]
Jollygreengiant (profile), 6 Oct 2016 @ 6:51am

The big question.
So, $1000 dollars of NSA equipment. Is that one, or two, lightbulbs, do you think?
[ link to this | view in chronology ]
FBI, 6 Oct 2016 @ 8:49am

No more Snowdens!
[ link to this | view in chronology ]
John Mayor, 7 Oct 2016 @ 12:22am

OUR ROCK OR THE HARD PLACE
Frankly!... given the problems "hounding" the FBI, I don't which commissions are worse!... those of the FBI, or those of the NSA!
.
Please!... no emails!
[ link to this | view in chronology ]