Perhaps the NSA needs to keep a closer eye on its contractors. Three years after Edward Snowden absconded with highly classified materials and embarrassed the agency and the Obama administration with revelations about domestic and foreign surveillance, another Booz Allen Hamilton employee allegedly made off with more of the NSA’s crown jewels. This time, though, the FBI caught the suspect:
The F.B.I. secretly arrested a National Security Agency contractor in recent weeks and is investigating whether he stole and disclosed highly classified computer codes developed to hack into the networks of foreign governments, according to several senior law enforcement and intelligence officials. …
The information believed stolen by this contractor — who like Mr. Snowden worked for the consulting firm Booz Allen Hamilton, which is responsible for building and operating many of the agency’s most sensitive cyberoperations — appears to be different in nature from Mr. Snowden’s theft.
The contractor arrested in recent weeks is suspected of taking the highly classified “source code” developed by the agency to break into computer systems of adversaries like Russia, China, Iran and North Korea. Two officials said that some of the information the contractor is suspected of taking was dated.
The DoJ released a statement later giving the broad strokes of the indictment (via Gizmodo):
— Mark Berman (@markberman) October 5, 2016
The DoJ notes that the information in possession of Harold Thomas Martin III included TOP SECRET/SCI information, involving compartmented programs with their own higher levels of security above TS. Note well that the initial charges are theft of government property and “unauthorized removal and retention of classified materials by a government employee or contractor.” At least for the moment, there is no allegation of specific espionage, but savvy readers will recall that Hillary Clinton had TS/SCI information in her private e-mail server and communicated it through unauthorized channels. At the same time that Comey has been defending his decision to recommend no action for Hillary for removing and retaining such information, the FBI has been holding Martin for the same thing.
Of course, the context might be a little different in this case, as The Hill’s Katie Bo Williams explains:
The arrest comes less than two months after hackers attempted to auction off what they claim is the source code to a vaunted, likely state-sponsored hacking group many believe is affiliated with the NSA.
There is no definitive proof the auction is genuine, but security researchers say files released to prove the code’s authenticity appear valid. The hacking group, known as the Shadow Brokers, has yet to conclude the bidding.
Those files, however, were last updated in October 2013 — before the “production” of the six classified documents in the Martin arrest.
One has to hope the two cases are related. Otherwise, we have two moles at the NSA and/or its contractors, and only one suspect in custody of which we’re aware. If Martin’s the suspect in the auction case, they may have had to wait until they could link him to other stolen material before they could move, or Martin might have just gotten sloppy. If they can link him to the sale of the code, then the DoJ can escalate this to explicit espionage (18 USC 794), which at least theoretically carries the death penalty as a potential outcome, but life imprisonment would be the likeliest sentence.
If they aren’t related, though, a conviction on 18 USC 793 carries a potential ten-year sentence. All they need to do is prove intent. Isn’t that right, James Comey? If they can’t prove intent (despite the clear language in 18 USC 793 (f) that specifically eliminates that requirement), then no prosecutor would take this case. At least, that’s what we’ve been told.
In the meantime, maybe it’s time for a little more scrutiny at Booz Allen Hamilton, eh?