Image credit: NBC News

NSA Contractor Faces Espionage Charges For Data Theft

Andrew Orr In the News

Government lawyers charge a contractor for the National Security Agency with espionage. The charge? Stealing massive amounts of data about the Shadow Brokers group.

Further Reading

Google Removes Ban On Personalized Web Tracking

VPN Passwords Recovered From NSA Hack

The Shadow Brokers

In August,  a hacker group calling themselves the Shadow Brokers revealed that they stole a huge cache of hacking tools belonging to the NSA. In a document called Equation Group Cyber Weapons Auction – Invitation, the group, released some files for free and put the rest up for auction. The Brokers said that the remaining data is “better than Stuxnet.”

shadowbrokers_tweet

Image credit: Twitter

Experts estimated the total value of the cyberweapons to be around $500 million. The Shadow Brokers only wanted auction bids made in bitcoins. The origin of the weapons? The Brokers claimed to have stolen them from a mysterious group called Equation Group. Although no one knows for sure, many believe that the team directly works with the NSA.

As to who the Shadow Brokers are, one theory suggests that an insider “possibly someone assigned to the [NSA’s] highly sensitive Tailored Access Operations,” stole the weapons.

“possibly someone assigned to the [NSA’s] highly sensitive Tailored Access Operations,” stole the weapons.

The Insider

The person thought to be responsible is former NSA contractor Harold Thomas Martin. Martin apparently spent the last 10-20 years taking classified information from several government agencies. The amount of data he stole is about 50 terabytes. Some people even believe this to be the biggest theft of classified government information in history.

U.S. officials have not found a motive for the theft. It’s notable that during Martin’s trial, the Shadow Brokers made more posts about the trove of weapons. No one knows whether the Shadow Brokers broke into Martin’s computer and stole the data, or whether he knowingly aided them.

Friends and family of Harold Martin maintain his innocence, saying that he loved his job and just made a habit of taking home work materials so he could improve his skills. Martin said he did take the data but denies knowingly giving them to anyone else. A person “familiar with the exchanges” said:

“As a contractor, he gets to see a slice of the overall picture. He wanted to see the overall picture so that he could be more effective.”

The Hunt

The amount of stolen data is much larger than the documents that Edward Snowden took in 2013 and even bigger than the Panama Papers, which was 2.6 terabytes.

The FBI found the material in a raid on Martin’s house. After the Shadow Brokers leak, the government started a search and internal investigation. After Martin had posted something on the web that attracted the FBI’s attention, it set off an alarm. The FBI is not saying what he posted.

Image credit: Pixabay

Image credit: Pixabay

Dave Aitel, a former NSA employee who now runs Immunity Inc., an infosec company, said:

“The damage from this release is huge, both to our ability to protect ourselves on the internet and our ability to provide intelligence to policy makers and the military.”

At the time, Martin, a 51-year old Navy veteran was completing a Ph.D. in information systems at the University of Maryland. Previous jobs he held were at the Computer Sciences Corporation and Tenacity Solutions. He joined Booz Allen Hamilton in 2009 where he became an NSA contractor until 2015. Martin had access to a digital library of tools used by Tailored Access Operations.

A conviction under the Espionage Act can carry up to 10 years in prison. Indeed, the Obama administration has prosecuted more people under this law than all previous presidents combined.