Sometime over the last few weeks, the FBI made a secret arrest of a Maryland man who worked as a Booz Allen Hamilton contractor for the National Security Agency.
The New York Times was first to report that the FBI is investigating the possibility this NSA contractor "stole" highly classified software created bythe NSA to hack into foreign governments and gain access to their computer networks.
The Times report quoted several unnamed senior law enforcement and intelligence officials in today's report.
Shortly after the NYT report was published, the Justice Department announced U.S. charges against a Maryland man for "theft of government property, unauthorized removal and retention of classified materials."
AAG John Carlin, just now at #CambridgeCyber: "We have made an arrest of an individual who was involved in taking classified information."
— Eric Geller (@ericgeller) October 5, 2016
In 2013, Booz Allen contractor Edward J. Snowden famously shared a vast trove of NSA documents with journalists that exposed the NSA's warrantless domestic surveillance programs. Snowden was a whistleblower, as his subsequent actions show. He acquired and shared the documentation for public benefit.
Few details are available about this new incident, but this seems very different. Officials say "source code," in other words the actual software, was "stolen."
Snowden acquired and leaked documentation, not apps. He did not sell the leaked content.
From the little information reported so far, this case sounds more like someone trying to sell so-called "cyberweapons." We don't know yet. But a second breach involving the same contractor, Booz, blowing the lid on goods from the NSA, in less than 3 years? Super bad and embarassing for both NSA and Booz.
Obvious follow-up question: is the stolen source code referenced here the Shadow Broker hacking tools? https://t.co/IlA0WCNJes
— Julian Sanchez (@normative) October 5, 2016
Arrest "in recent weeks," stolen code was "dated" and used for network hacking. If that's not Shadow Brokers, it's a hell of a coincidence.
— Julian Sanchez (@normative) October 5, 2016
The information believed stolen by this contractor — who like Mr. Snowden worked for the consulting firm Booz Allen Hamilton, which is responsible for building and operating many of the agency's most sensitive cyberoperations — appears to be different in nature from Mr. Snowden's theft.
The contractor arrested in recent weeks is suspected of taking the highly classified "source code" developed by the agency to break into computer systems of adversaries like Russia, China, Iran and North Korea. Two officials said that some of the information the contractor is suspected of taking was dated.
Here's how the DOJ press release announcing the arrest of Harold Thomas Martin III describes what he did. pic.twitter.com/AXDNYSzLSg
— Eric Geller (@ericgeller) October 5, 2016
Here's how the criminal complaint describes the NSA contractor's response. pic.twitter.com/TCExbnoDPl
— Eric Geller (@ericgeller) October 5, 2016
"N.S.A. Contractor Arrested in Possible New Theft of Secrets" (nytimes.com)
