infosec Former contractor stole most of the NSA's hacking toolkit

[Kick]

Quote

 

Federal prosecutors in Baltimore are expected to seek an indictment as early as this week against a former National Security Agency contractor who is accused of carrying out the biggest theft of classified information in U.S. history.

The indictment against Harold T. Martin III is expected to contain charges of violating the Espionage Act by “willfully” retaining information that relates to the national defense, including classified data such as NSA hacking tools and operational plans against “a known enemy” of the United States, according to individuals familiar with the case.

 

https://www.washingtonpost.com/world/national-security/prosecutors-to-seek-indictment-against-former-nsa-contractor-as-early-as-this-week/2017/02/06/362a22ca-ec83-11e6-9662-6eedf1627882_story.html

 

In an update to a story that broke last year, we are learning more information on just what it was that former NSA contractor Harold Martin III stole during his 20 year career with the agency (and/or affiliated agencies/departments). Among the thousands of pages that were found hoarded in his car and home, he also stole 50 terabytes of data, including more than 75% of the Tailor Access Operations' (TAO) toolkit. If you aren't familiar with the TAO, they are responsible for creating and deploying "software used to penetrate foreign targets’ computer networks for foreign espionage purposes." (They also likely wrote Stuxnet, Duqu, Flame, and whatever else we haven't discovered yet.)

 

This story is heavily tied into the recent history of surveillance disclosures and state-sponsored hacking, but here's the quick version: 

• NSA/FBI increased efforts to identify leaks after Snowden revealed what they had been up to,
• Likely due to these increased efforts, they find a long-time employee has been hoarding massive amounts of classified information in his home and car. Seriously, they say stuff was just laying in his car and all over his house.
  • And by massive amounts I mean this was the largest theft of classified information, and it took place over 20 years.
• Not much is new in this story, we knew he stole thousands of pages and 50 TB of *stuff* back in October, but we're just now learning that it did, in fact, include almost the entire digital arsenal of the NSA. 
• He has been held pending trial since October. 
• Federal prosecutors are set to press charges next week for theft of government property and unauthorized removal and retention of classified materials. Full complaint here

What makes this story different from the government related espionage stories is that it is difficult to tell if Martin's theft was malicious (or intentional) espionage or simply hoarding. And that's what I wanted to talk about today--Do you think it matters? 

 

If you want to chime in I'd urge you to read his Wikipedia page, it's brief but impressive. He is a highly educated military veteran with a long career in government. If this really was an incident of hoarding--an obsessive compulsion to collect all the data so that he could do a better job (as his defense has claimed)--should the government take some responsibility? After all, they granted him TS-SCI clearance. If he is a hoarder, surely they would have discovered evidence of this during background checks.

 

P.S. I got really distracted writing this so it might be all over the place, but if you made it this far, take a look at this cool tool from Kaspersky that tracks APTs.

[biker]

How does this affect me?

[Kick]

1 minute ago, biker said:

How does this affect me?

Does it have to? It's InfoSec law, this shit is exciting!

[biker]

4 minutes ago, Kick said:

Does it have to?

Is this a Snowden/Wikileks thing?

[Admiral Naismith]

6 minutes ago, biker said:

Is this a Snowden/Wikileks thing?

Doesn't appear to be. Just, yeah know, major accusations regarding the security of the most powerful nation. Guy is accused of stealing tools that the National Security Agency uses. Also highly sensitive data and knowledge. Nothing major I guess.

[biker]

Maybe its the NSA's fault for not weeding out the guy.

 

2 minutes ago, Admiral Naismith said:

Doesn't appear to be. Just, yeah know, major accusations regarding the security of the most powerful nation. Guy is accused of stealing tools that the National Security Agency uses. Also highly sensitive data and knowledge. Nothing major I guess.

 

[gtx1060=value]

well, if the guy wrote a good bunch of the code and wasn't selling it and was just storing in it his house, we can call it the genius phenomenon - when they are super smart when it comes to things like algebra and coding but completely senile and sometimes clueless in life

[TetraSky]

You mean to tell me, the NSA doesn't check the people going in or out, for any potential documents they may have taken?

That feel when your job at a food plant has better security than the NSA...

[tlink]

wouldn't surprise me if the guy is a victim of himself. i mean why else would you hoard so much information and be so carelessly about it? a spy wouldn't keep evidence laying around like that and if he sold it they would've found money. he's a veteran and works in a specialized field that often has quite odd people. 

[jagdtigger]

6 hours ago, TetraSky said:

You mean to tell me, the NSA doesn't check the people going in or out, for any potential documents they may have taken?

That feel when your job at a food plant has better security than the NSA...

Yeah its pretty pathetic, on the other hand the security guy at my workplace(car manufacturer) was putting up a farce about a totally off brand(Brisk, and the manufacturer has Bosch) spark plug... (One of my motorbikes was manufactured back in 1987 and it loves to kill the plug. Usually i keep it in the motorbike but i purchased that one on the way to work and forgot to take it out from my bag.

[Atmos]

8 hours ago, biker said:

How does this affect me?

Should such tools fall into the publics hands we could see massive breaches across the board.

Should someone like north korea get their hands on this data it could very well lead to massive repercussions and attacks against us and all our allies.

 

 

The document makes it very clear that this contraster knew full well what he was doing, and was doing it for up to 20 years with unclear rmotives. Treason and espionage are absolutely something that our government doesn't take lightly, especially on such a large scale.  I hope he gets a fair trial and in the end we can understand the why and how, to try and prevent such actions in the future.

[TidaLWaveZ]

11 hours ago, biker said:

How does this affect me?

The contractor sells the material and the government is no longer the only one with full access to everyone's full online identity.

[TidaLWaveZ]

"If you don't have anything to hide, then you have nothing to worry about."

 

We've been telling you this is wrong for so long and now you finally get to see why.

[biker]

16 hours ago, TidaLWaveZ said:

The contractor sells the material and the government is no longer the only one with full access to everyone's full online identity.

No but Google, Microsoft, Facebook and many many others have your info. Google is the worst offender in my books.