Indictment of NSA Contractor Shows Breach Affected Other Agencies

On Wednesday, former NSA contractor Harold Martin III was indicted for willfully retaining records pertaining to national defense. But beyond his alleged hoarding of an enormous 50 terabytes worth of data, the indictment itself revealed that the security breach affected more than just the NSA, including the Department of Defense, U.S. Cyber Command, the National Reconnaissance Office (NRO), and the CIA. Material stolen from the NSA included a 2014 report on foreign cyber intrusion techniques, a 2009 draft of the U.S. Signals Intelligence Directive outlining defensive computer network operations, extremely sensitive planning and operations information pertaining to global terrorists, and even email correspondence from the agency dating back to 1996. Related to U.S. Cyber Command, Martin is accused of stealing documents dating from 2007 to 2016, including some discussing capabilities gaps and detailing specific operations. The NRO is impacted by stolen information on the launch of an intelligence gathering satellite, and the CIA by a 2008 document related to foreign intelligence collection sources and methods.

The Cipher Take: While this is new information, it should come as no surprise that Martin was able to access data on a variety of U.S. military and intelligence organizations due to intelligence sharing mechanisms and a 20-year career in the industry. Since the above documents are unlikely to meet the total amount of 50 terabytes stolen, it is possible that either the majority of the information taken by Martin was not classified, or that the court system did not want to reveal more secrets than necessary to indict him. It is doubtful that the documents mentioned are the most highly classified documents in the stolen collection. The indictment does not mention the Shadow Brokers, a hacker group that publically released NSA hacking tools thought to be within Martin’s stolen cache of data. The group continues to communicate online while dumping more files, but it remains unclear if the files were in fact from Martin – and if they were, whether they were purchased from Martin or if he was hacked himself.


No comments :