With Nsa Contractor Martin Arrested, Other Leakers May Withal Live On At Large

(Latest UPDATE: Jan 9, 2017)

Earlier this calendar month nosotros learned the call of a mo individual who stole peak hush-hush documents from the U.S. National Security Agency (NSA). After Edward Snowden admitted doing so publicly inwards June 2013, the FBI has instantly arrested the 51-year old Harold T. Martin III at his dwelling family inwards Maryland.

Martin hoarded lots of classified documents, non exclusively from NSA but also from a issue of other armed forces too intelligence agencies. The FBI is withal comparison them amongst those from the recent Shadow Brokers leak too a arrive at of other NSA leaks from the past times few years, but given what's known now, it seems probable that at to the lowest degree ane other leaker is withal at large.

The family of Harold T. Martin III inwards Glen Burnie, Maryland
(photo: Jose Luis Magana/The Associated Press)

The New York Times reported that when the FBI raided Martin's family on August 27, they institute newspaper documents too many terabytes of highly classified information, fifty-fifty going dorsum the 1990s. At to the lowest degree vi documents were from 2014. It was reported that Martin starting fourth dimension took the classified documents on paper, later on CDs too to a greater extent than of late on pollex drives.

The argue why Harold Martin brought dwelling family too stored such large numbers of peak hush-hush documents isn't yet clarified. One suggestion is that he may lead hold used them for research for his dissertation most "new methods for remote analysis of heterogeneous & cloud computing architectures", which he was working on at the University of Maryland.

Documents from multiple agencies

It should hold upward noted that non everything Martin stole comes from NSA. In the official charges at that spot are no names of the agencies where the documents come upward from, they are exclusively described equally highly classified, including ones that are marked equally Top Secret too Sensitive Compartmented Information (SCI).

> See also: The U.S. Classification System

With the documents going dorsum to the 1990s, he may good lead hold started hoarding them from the places where he worked inwards those days. From 1987 to 2000, Martin served at the U.S. Navy, achieving the compass of lieutenant, but he left active duty inwards 1992.

As the Washington Post found out, he too then took a multifariousness of tech jobs amongst regime contractors, similar at Computer Sciences Corp. (CSC) somewhere inwards the 1990s too later, until 2009, at Tenacity Solutions, for which he worked at the Office of the Director of National Intelligence (ODNI). Over the course of teaching of eighteen years, Martin said that Martin took classified documents non exclusively from NSA, but also from his other workplaces, including ODNI too AT&L.

It's interesting equally good that inwards the charges against Martin, a whole paragraph is dedicated to the at to the lowest degree vi documents from 2014, which are described equally beingness produced "through sensitive regime sources, methods, too capabilities". As signals intelligence is traditionally seen equally the most sensitive capability, mayhap simply these vi documents are from NSA.

The edifice of the Office of the Director of National Intelligence (ODNI)
where Harold Martin worked equally a contractor before 2009
(photo: Microsoft, via Cryptome.org - click to enlarge)

Shadow Brokers investigation

After the "Shadow Brokers" disclosed a large laid of hush-hush NSA hacking tools final August, the FBI began investigating this leak. At the same fourth dimension at that spot was a lot of speculation: was NSA hacked from the outside? Had an NSA hacker been sloppy? Were the tools leaked past times an insider? Maybe the same insider responsible for before leaks that hadn't been attributed to Snowden?

On September 22, it was reported that during the FBI investigation, NSA officials had said that a old means operative had carelessly left the hacking tool files available on a remote computer, where Russian hackers institute them. If that's correct, too then it seems probable that the FBI traced Harold Martin when they were looking for that careless NSA hacker. It has non yet been confirmed that Martin was that individual though.

Harold Martin was working at NSA's hacking sectionalization TAO simply about the fourth dimension when the tools were considered to hold upward left exposed, somewhere after Oct 18, 2013, but a old TAO hacker told the Washington Post that Martin "worked inwards the unit’s front end component subdivision carrying out back upward roles such equally setting upward accounts, non conducting actual operations."

Even if Martin was the human being who left the hacking tools exposed, too then nosotros withal don't know who institute them too published them nether the call Shadow Brokers. It's non real probable that this was done past times Martin himself, equally Shadow Brokers published additional messages on August 28, Oct 1, Oct 15, too Oct 31, when he was already inwards custody. The actual publication tin sack thus hold upward the run of for representative Russian, Iranian or North Korean hackers or fifty-fifty independent hacktivists.

Other sources?

Could Harold Martin also hold upward the origin of earlier leaks, that were non attributed to Edward Snowden? In theory he could lead hold been that "second source" adjacent to Snowden: none of these other leaked documents (like the TAO catalog, XKEYSCORE code, tasking lists too cease reports) are newer than 2015, when Martin left NSA. Contrary to this Martin is described equally real patriotic, which doesn't jibe the fact that these detail leaks were clearly meant to impairment too embarrass the U.S. too NSA.

Also, Martin hasn't (yet) been does not impose universal checks of personnel too their belongings equally they move inwards too leave of absence means buildings. Security guards exclusively comport random checks too occupation their discretion inwards social club to cash inwards one's chips on en create the trust of the employees.

"If y'all lead hold a purse total of stuff, you’re in all likelihood going to acquire stopped" said a old TAO operator to the Post, but, inwards general, "Disneyland has to a greater extent than physical safety checks than nosotros had". This was confirmed past times ii other old NSA employees, proverb that "nobody does steal checks" too that "Anything that could jibe inwards a steal could move out undetected".

It would also lead hold hours to covert every individual leaving NSA buildings, too because the vast bulk of employees acquire through extensive vetting, so there's an inherent amount of faith inwards staff at the agency. Besides checks, NSA facilities volition also lead hold detection gates, but it seems that it was identified a mo too a 3rd leaker likewise Snowden. Many to a greater extent than similar leaks followed too a full list of them was compiled on this weblog inwards Dec 2015 (still beingness updated). As an excerpt of this listing, a short overview of the most of import non-Snowden leaks was published inwards The New York Times final week.

Update #1:

Shortly after this spider web log posting was published, The New York Times came amongst a new report proverb that the book of classified documents Harold Martin had inwards his possesion seems larger than those stolen past times Edward Snowden too fifty-fifty than those of the Panama Papers from 2015.
FBI investigators plainly also institute that the TAO hacking tools were amid Martin's documents, but because he is non real cooperative, it is withal non clear how they came inwards the hands of the mysterious Shadow Brokers, who afterward published them. So far there's no evidence that Martin was hacked or that he sold information.
He seems to lead hold hoarded all these documents inwards social club to acquire improve at his job, equally he is described equally someone who imagined himself a peak spy too an of import instrumentalist inwards the the world of digital espionage.

Update #2:

On Oct 20, it was reported that the FBI had institute the huge amount of 50 terabytes of information at Martin's home, but it is non yet clear how much of that is truly classified. Also found were "hard-copy documents that were seized from diverse locations during the search that contain vi total bankers’ boxes worth of documents" amongst many of the documents marked Secret too Top Secret.
One document was marked Top Secret/SCI too had this additional caveat at the peak of the document: "THIS CONOP [Concept of Operation] CONTAINS INFORMATION CONCERNING EXTREMELY SENSITIVE U.S. PLANNING AND OPERATIONS THAT WILL BE DISCUSSED AND DISSEMINATED ONLY ON AN ABSOLUTE NEED TO KNOW BASIS. EXTREME OPSEC [Operational Security] PRECAUTIONS MUST BE TAKEN" - Martin had no demand to know for this operation.

Update #3:

Harold Martin appeared inwards courtroom for the starting fourth dimension time on Friday, Oct 21. There, his lawyer said that things similar an "unlocked garden shed, stuffed amongst to a greater extent than classified documents than the contractor [...] could e'er read, powerfulness hold upward a symptom of a mental disorder" - too also that keeping peak hush-hush cloth inwards acre sentiment inwards his dwelling family too machine was non the comport of a spy or a political activist.
Although he was charged amongst the relatively tyke criminal offenses of theft of regime holding too unauthorized retentivity of classified material, Martin had to rest inwards jail because he could hold upward a threat to national safety equally investigators couldn't dominion out that he powerfulness lead hold hidden classified information inwards other, yet undisclosed locations.
Even after 7 weeks of investigation, the FBI was withal non able to demonstrate whether Martin gave whatever of his documents to anyone else, nor could they link him to the Shadow Brokers.

Update #4:

Influenza A virus subtype H5N1 legal document filed past times federal prosecutors on Oct 27 SCI compartment SI (Special Intelligence), but so far, the FBI investigation exclusively mentioned real few documents that were classified equally Top Secret/SCI.

On Feb 6, 2017, The Washington Post reported that, according to U.S. officials, Harold Martin allegedly took to a greater extent than than 75 percent of TAO’s library of hacking tools amongst him, which would hold upward an unprecedented safety breach.

Harold T. Martin III was indicted on Feb 8, 2017, on charges of stealing too retaining the largest heist of classified information inwards U.S. history. The documents were taken from U.S. Cyber Command, CIA, National Reconnaissance Office (NRO) too NSA. Martin was non defendant of passing information to foreigners, nor of beingness the origin for the Shadow Brokers publications.