Earlier this month we learned the name of a second person who stole top secret documents from the US National Security Agency (NSA). After Edward Snowden admitted doing so publicly in June 2013, the FBI has now arrested the 51-year old Harold T. Martin III at his home in Maryland.
Martin hoarded lots of classified documents, not only from NSA but also from a number of other military and intelligence agencies. The FBI is still comparing them with those from the recent Shadow Brokers leak and a range of other NSA leaks from the past few years, but given what’s known now, it seems likely that at least one other leaker is still at large.
The house of Harold T. Martin III in Glen Burnie, Maryland
(photo: Jose Luis Magana/The Associated Press)
The New York Times reported that when the FBI raided Martin’s house on August 27, they found paper documents and many terabytes of highly classified information, even going back the 1990s. At least six documents were from 2014. It was reported that Martin first took the classified documents on paper, later on CDs and more recently on thumb drives.
The reason why Harold Martin brought home and stored such large numbers of top secret documents isn’t yet clarified. One suggestion is that he may have used them forresearch for his dissertation about “new methods for remote analysis of heterogeneous & cloud computing architectures”, which he was working on at the University of Maryland.
Documents from multiple agencies
It should be noted that not everything Martin stole comes from NSA. In the official charges there are no names of the agencies where the documents come from, they are only described as highly classified, including ones that are marked as Top Secret and Sensitive Compartmented Information (SCI).
With the documents going back to the 1990s, he may well have started hoarding them from the places where he worked in those days. From 1987 to 2000, Martin served at the US Navy, achieving the rank of lieutenant, but he left active duty in 1992.
As the Washington Post found out, he then took a variety of tech jobs with government contractors, like at Computer Sciences Corp. (CSC) somewhere in the 1990s and later, until 2009, at Tenacity Solutions, for which he worked at the Office of the Director of National Intelligence (ODNI).
In 2009, Harold Martin started to work for Booz Allen Hamilton, for which he was a contractor at NSA from 2012 to 2015, when Booz transferred him to the Pentagon’s Office of Acquisition, Technology and Logistics (AT&L), which is responsible for often highly sensitive and classified procurement programs. There he stayed until the moment of his arrest last August.
Officials have meanwhile said that Martin took classified documents not only from NSA, but also from his other workplaces, including ODNI and AT&L.
It’s interesting as well that in the charges against Martin, a whole paragraph is dedicated to the at least six documents from 2014, which are described as being produced “through sensitive government sources, methods, and capabilities”. As signals intelligence is traditionally seen as the most sensitive capability, maybe just these six documents are from NSA.
The building of the Office of the Director of National Intelligence (ODNI)
where Harold Martin worked as a contractor before 2009
(photo: Microsoft, via Cryptome.org – click to enlarge)
Shadow Brokers investigation
After the “Shadow Brokers” disclosed a large set of secret NSA hacking tools last August, the FBI began investigating this leak. At the same time there was a lot of speculation: was NSA hacked from the outside? Had an NSA hacker been sloppy? Were the tools leaked by an insider? Maybe the same insider responsible for earlier leaks that hadn’t been attributed to Snowden?
On September 22, it was reported that during the FBI investigation, NSA officials had said that a former agency operative had carelessly left the hacking tool files available on a remote computer, where Russian hackers found them. If that’s correct, then it seems likely that the FBI traced Harold Martin when they were looking for that careless NSA hacker. It has not yet been confirmed that Martin was that person though.
Harold Martin was working at NSA’s hacking division TAO around the time when the tools were considered to be left exposed, somewhere after October 18, 2013, but a former TAO hacker told the Washington Post that Martin “worked in the unit’s front office carrying out support roles such as setting up accounts, not conducting actual operations.”
Even if Martin was the man who left the hacking tools exposed, then we still don’t know who found them and published them under the name Shadow Brokers. It’s not very likely that this was done by Martin himself, as Shadow Brokers published additional messages on August 28, October 1 and October 15, when he was already in custody. The actual publication can therefore be the work of for example Russian, Iranian or North Korean hackers or even independent hacktivists.
Could Harold Martin also be the source of earlier leaks, that were not attributed to Edward Snowden? In theory he could have been that “second source” next to Snowden: none of these other leaked documents (like the TAO catalog, XKEYSCORE code, tasking lists and end reports) are newer than 2015, when Martin left NSA. Contrary to this Martin is described as very patriotic, which doesn’t fit the fact that these particular leaks were clearly meant to harm and embarrass the US and NSA.
Also, Martin hasn’t (yet) been charged with espionage or the attempt to provide classified information to a third party or a foreign government – which doesn’t seem something the US government would leave out or keep secret after the recent and unprecedented statement in which the Office of the Director of National Intelligence accused Russia of hacking the Democratic National Committee (DNC) and other political organizations.
Should the FBI investigation confirm that Harold Martin was only responsible for leaking the NSA hacking tools (after which unknown others published them) and that none of his documents were provided to foreign intelligence agencies or showed up in the earlier revelations, then there’s most likely yet another leaker from inside NSA.
The Shadow Brokers leak standing alone and not related to the earlier non-Snowden leaks is of some importance, because only among the stuff published by the Shadow Brokers there are files with a date (October 18, 2013) after the day that Snowden left NSA (May 20, 2013).
This means that when Harold Martin is the initial source of the Shadow Brokers files, we can no longer exclude the possibility that the earlier leaks do come from the Snowden trove. If that would be the case, then someone with access to them went rogue and had them published on his own account. But it should also be noted that both Glenn Greenwald and Bruce Schneier explicitly said that some of these leaked documents did not come from Snowden.
The more likely option is therefore that there’s still another leaker at large, someone with a more evil intent than Harold Martin and Edward Snowden – a conclusion which is not very comforting and which also raises questions about NSA’s internal security…
Some NSA buildings at the Friendship Annex (FANX) complex near Baltimore
(photo: live.com, via Cryptome.org – click to enlarge)
NSA’s internal security measures
The NSA’s hacking division TAO, where Harold Martin worked for some time, isapparently not located in the well-known NSA headquarters building at Fort Meade, but in one or more leased office buildings outside, one of them at an office complex calledFriendship Annex (FANX) near Baltimore. TAO also has units at NSA’s four Cryptologic Centers across the US.
Entrance to the highly secured TAO headquarters building is strictly controlled: one has to go through an imposing steel door, protected by armed guards, and entrance is only possible after entering a six-digit code and passing a retinal scanner to ensure that only specially cleared individuals are allowed in.
Such security measures are more aimed at keeping outsiders out, than at insiders in. And when it comes to finding inside moles of hostile foreign intelligence agencies, the NSA is also said to have a rather bad track record. The Manning and Snowden leaks made NSA painfully aware of this and so preventive insider-threat detection programs were put in place.
It’s not clear whether these new systems failed in the case of Harold Martin, or that they simply weren’t yet implemented at the TAO location where he worked – anti-leak software that was designed by Raytheon to “spot attempts by unauthorized people to access or download data” was also not yet installed at the NSA facility in Hawaii when Snowden was working there.
Tracking what employees are doing inside is one thing, checking what they take out is another. But according to The Washington Post, the NSA (like other agencies) does notimpose universal checks of personnel and their belongings as they enter and leave agency buildings. Security guards only conduct random checks and use their discretion in order to keep en build the trust of the employees.
“If you have a bag full of stuff, you’re probably going to get stopped” said a former TAO operator to the Post, but, in general, “Disneyland has more physical security checks than we had”. Additionally, NSA facilities will have detection gates, but it seems that it was easier for Snowden to walk out with his thousands of documents than many would have thought.
As former NSA general counsel Rajesh De explained, it is unlikely “you’re going to be able to stop every incident of somebody taking documents if they’re determined to do so. But the real question is how quickly can you detect it, how quickly can you mitigate the harm of any such incident.”
An old sign inside the NSA headquarters building
showing what kind of items are not allowed in.
(screenshot from a documentary about NSA)
Harold Martin stole a lot of classified documents from multiple military and intelligence agencies where he worked over the past 20 years, with maybe just a small number from NSA. The still ongoing FBI investigation has to make clear whether Martin was responsible for exposing the TAO hacking tools.
If not, then there has to be yet another careless NSA employee, but then it’s also still possible that the hacking tools came from a source responsible for a range of earlier leaks. So far it seems that Martin isn’t the source of those earlier leaks, which means that the so-called “second source” is still at large.
The case of Harold Martin also made clear that security measures at NSA, and other US agencies, were not as strict and tight as outsiders would have expected: even for someone without a strong ideological or financial drive like Martin it was apparently not that difficult to regularly walk out with top secret documents.
Many things have not yet been confirmed or clarified, but at least the Shadow Brokers leak and the subsquent arrest of Harold Martin created more awareness among the American public of the fact that there have been more leaks than just those from Snowden.
In August 2014, Bruce Schneier was probably one of the first who identified a second and a third leaker besides Snowden. Many more similar leaks followed and a full listof them was compiled on this weblog in December 2015 (still being updated). As an excerpt of this listing, a short overview of the most important non-Snowden leaks was published in The New York Times last week.
Shortly after this blog posting was published, The New York Times came with a new report saying that the volume of classified documents Harold Martin had in his possesion is larger than those stolen by Edward Snowden and even than those of the Panama Papers from 2015.
FBI investigators apparently also found that the TAO hacking tools were among Martin’s documents, but because he is not very cooperative, it is still not clear how they came in the hands of the mysterious Shadow Brokers, who subsequently published them. So far there’s no evidence that Martin was hacked or that he sold information.
He seems to have hoarded all these documents in order to get better at his job, as he is described as someone who imagined himself a top spy and an important player in the world of digital espionage.
On Thursday, October 20, government lawyers said they would prosecute Harold Martin under the Espionage Act because of stealing classified information. The FBI found the huge amount of 50 terabytes of data at his home, but it is not yet clear how much of that is classified. Also foundwere “hard-copy documents that were seized from various locations during the search that comprise six full bankers’ boxes worth of documents” with “Many of the documents marked ‘Secret’ and ‘Top Secret,’ also bear special handling caveats. The information stolen by the Defendant also appears to include the personal information of government employees”.
Links and Sources
– John Schindler: It’s Time to Rename NSA the National INsecurity Agency
– The Washington Post: NSA contractor thought to have taken classified material the old-fashioned way
– Daily Beast: Democrats Say WikiLeaks Is a Russian Front, U.S. Intelligence Isn’t So Sure
– Defense One: Data-Theft Arrest Shows that Insider Threat Remains Despite Post-Snowden Security Improvements
– John Schindler: Has the Russian Mole inside NSA finally been arrested?
– New York Times: N.S.A. Suspect Is a Hoarder. But a Leaker? Investigators Aren’t Sure.
– The Cipher Brief: First on The Cipher Brief: Snowden’s Boss Shares Lessons Learned
Leak Detection, Leak Down Test, Leak Down Tester, Leak Detector, Leak Definition, Leak In Spanish, Leak Detection Pump, Leak Seal, Leak Stopper, Leakforums, Leak And Sons Funeral Home, Leak Alarm, Leak Ap Gov, Leak Amniotic Fluid, Leak Alert, Leak Around Chimney, Leake And Watts, Leek And Potato Soup, Leaked Albums, Leak At Water Meter, Leak B Gone, Leak Bros, Leak Barrier, Leak Base, Leak Bali, Leak Barrier Ms300, Leak Busters, Leak Behind Shower, Leak Behind Wall, Leak Before Break, Leak Channels, Leakcanary, Leak Crossword Clue, Leak Check, Leak Channels Definition, Leak Controller, Leak Code, Leak Catcher, Leak City, Leak Ceiling, Leak Detection, Leak Down Test, Leak Down Tester, Leak Detector, Leak Definition, Leak Detection Pump, Leak Detection Equipment, Leak Doctor, Leak Definition Government, Leak Defense System, Leak Ender 2000, Leak En Espanol, Leak Eliminators, Leaked Early, Leak Electric, Leak Experts, Leak En Francais, Leak Early Album, Leak Exhaust, Leak Emoji, Leakforums, Leak Freeze, Leek Food, Leak Finders, Leak Fix, Leakfrog, Leak Fixer, Leak Fix Spray, Leaked Forms, Leak Famous.com, Leak Gopher, Leak Guard, Leak Gif, Leak Geeks, Leak Guard Protection, Leaky Gut, Leak Garbage Disposal, Leak Guardian, Leak Girl, Leak Gopher Vs Fortrezz, Leak Heart Valve, Leak House Of Cards, Leak Hunters, Leak Hack, Leak Hose, Leek Hustle, Leak House Of Cards Season 5, Leak Head Gasket, Leek Hunting, Leek Herb, Leak In Spanish, Leak In Ceiling, Leak In Roof, Leak In Radiator, Leak In Basement, Leak In Pool, Leak In Tire, Leak In Basement Wall, Leak In The Boat, Leak In Heart, Leek Jack, Leak Jones, Leak Jet, Leak Jokes, Leak Jacob, Leek Jack Campus Girl, Leek Jack Lyrics, Leak Journalism, Leak James Comey, Leek Jack Age, Leak Kingdom, Leak King, Leak Kitchen Faucet, Leek Knife, Leak Kitchen Sink, Leak Kanseng, Leak Kitchen Sink Drain, Leak Khan Bombak Sne, Leak K Channels, Leaky Kohler Faucet, Leak Lock, Leak Live, Leak Like A Siv, Leak Locators, Leak Less, Leak Like A Sieve, Leak Location Services, Leak Light, Leak Lock Sds, Leak League Of Legends, Leak Meaning, Leak Masters, Leak Memory Chapel, Leak Meme, Lake Mead, Leak Music, Leak Master Roofing, Leak Movie, Leak Memorial, Leak Meaning In Hindi, Leak No More, Leak News, Leak No More For Dogs, Leak Nutrition, Leak Near Me, Leak No More Reviews, Leak No More York Pa, Leak Near Water Meter, Leaked Nsa, Leak No Stallin, Leak Off Test, Leak Out, Leak Oil, Leak Of Information, Leek Onion, Leak On Ceiling, Leak Of Orange Is The New Black, Leak On Roof, Leak Out Meaning, Leak Or Leakage, Leak Project, Leak Proof Underwear, Leak Proof, Leak Proof Travel Bottles, Leak Proof Containers, Leek Plant, Leak Proof Tape, Leak Proof Water Bottle, Leak Proof Bag, Leak Project Youtube, Leak Quotes, Leek Quiche, Leak Quizlet, Leek Quiche Recipes, Leek Quinoa, Leek Quiche Bacon, Leek Quiche Healthy, Leek Quiche Crustless, Leek Quiche Epicurious, Leek Quiche Allrecipes, Leak Repair, Leak Repair Tape, Leak Rate Calculator, Leak Rate, Leak Reddit, Leek Recipes, Leak Rate Units, Leak Rate Conversion, Leak Repair Spray, Leak Repair Putty, Leek Soup, Leak Seal, Leak Stopper, Leak Synonym, Leak Stop, Leak Sealer, Leek Spin, Leak Seal Tape, Leak Squad, Leak Source, Leak Test, Leak Tape, Leak Tester, Leak Threads, Leak Tamer, Leak Tech, Leak Tec, Leak Tools, Leak Test Solution, Leak Tracing Powder, Leak Under Sink, Leak Under Car, Leak Urine, Leak Under Toilet, Leak Under Slab, Leak Under Bathroom Floor, Leak Under Dishwasher, Leak Under Washer, Leak Under Toilet Tank, Leak Under House, Leak Video, Leek Vegetable, Leak Valve, Leak Veggie, Leek Veggie, Leek Vs Onion, Leek Vs Scallion, Leek Vegetable Soup, Leak Vrf To Global, Leak Or Leakage, Leak Wizard, Leak Water, Leak Website, Leak Wall House Rockingham Nc, Leak Week, Leaked White House, Leaked Winner, Leak Washington Post, Leak Water Heater, Leak Wrap, Leak Xenforo, Leak Xur, Leak Xbox One, Leak Xur 3 April, Leak You, Leak Your Ex, Leak Youtube, Leak Your Number, Leak Year, Leak You Up And Down, Leak Young Og Project, Leak Leaky, Leak Make Your Future Bleak, Liveleak Youtube, Leak Zip, Leak Z10, Leak Z4, Leak Zelda, Leak Zimbabwe, Leak Zhang Ziyi, Leak Zelda Wii U, Leak Zombies, Zircon Leak Alert, Zero Leak Gold, Nsa Jobs, Nsa Director, Nsa Softball, Nsa Meaning, Nsa Careers, Nsa Definition, Nsa Headquarters, Nsa Surveillance, Nsa Spying, Nsa Internships, Nsa Acronym, Nsa Address, Nsa Advisor, Nsa Agent, Nsa Alabama, Nsa Annapolis, Nsa Agent Salary, Nsa Arc, Nsa Approved Shredders, Nsa Agreement, Nsa Building, Nsa Bahrain, Nsa Budget, Nsa Bethesda, Nsa Baseball, Nsa Badge, Nsa Benefits, Nsa Building Nyc, Nsa Budget 2016, Nsa Backdoor, Nsa Careers, Nsa Chief, Nsa Colorado, Nsa Crane, Nsa Cyber Security, Nsa Conference, Nsa Csfc, Nsa Cae, Nsa Crypto Challenge, Nsa Css, Nsa Director, Nsa Definition, Nsa Data Center, Nsa Day Of Cyber, Nsa Director Salary, Nsa Data Collection, Nsa Domestic Surveillance, Nsa Datasheet, Nsa Deputy Director, Nsa Datasheet Is Called, Nsa Employment, Nsa Edward Snowden, Nsa Exploits, Nsa Employees, Nsa Email, Nsa Evaluated Products List, Nsa Echelon, Nsa Emblem, Nsa Encryption, Nsa Eternal Blue, Nsa Fastpitch, Nsa Florida Youth, Nsa Fort Meade, Nsa Flynn, Nsa Florida, Nsa Friend, Nsa Facebook, Nsa Fort Gordon, Nsa Foia, Nsa Facts, Nsa Georgia, Nsa Glassdoor, Nsa Government, Nsa Grindr, Nsa Github, Nsa Gift Shop, Nsa Game, Nsa Grants, Nsa Gif, Nsa Guy, Nsa Headquarters, Nsa Head, Nsa Hacking Tools, Nsa Hawaii, Nsa Hampton Roads, Nsa Hacked, Nsa History, Nsa Hiring Process, Nsa Hacking Tools Leaked, Nsa Headquarters Address, Nsa Internships, Nsa Industries, Nsa Intelligence Analyst, Nsa Indiana, Nsa Influence 2017, Nsa Iad, Nsa Ias 2017, Nsa India, Nsa Illinois, Nsa Insurance, Nsa Jobs, Nsa Juice Plus, Nsa Job Openings, Nsa Jobs Utah, Nsa Jobs Salary, Nsa Jokes, Nsa Job Requirements, Nsa Jurisdiction, Nsa Jobs In Md, Nsa Japan, Nsa Keywords, Nsa Kunia, Nsa Kc, Nsa Key, Nsa Kentucky, Nsa Kmi, Nsa Kankakee, Nsa Korea, Nsa Kaspersky, Nsa Keith Alexander, Nsa Leaker, Nsa Logo, Nsa Leak, Nsa Locations, Nsa Listening, Nsa Leader, Nsa Login, Nsa Leadership, Nsa Language Analyst, Nsa Leaked Tools, Nsa Meaning, Nsa Meme, Nsa Media, Nsa Meet, Nsa Mid South, Nsa Mike Rogers, Nsa Museum, Nsa Mcmaster, Nsa Maryland, Nsa Mission Statement, Nsa News, Nsa Naples, Nsa Name Generator, Nsa North, Nsa Number, Nsa Norfolk, Nsa Nyc, Nsa Nashville, Nsa Nursing, Nsa New Orleans, Nsa Orlando, Nsa Opm Test, Nsa Online Test, Nsa Offices, Nsa Obama, Nsa Organization, Nsa Operational Interview, Nsa Only, Nsa Org Chart, Nsa Of 1947, Nsa Prism, Nsa Police, Nsa Panama City, Nsa Police Officer, Nsa Phone Number, Nsa Philadelphia, Nsa Pay Scale, Nsa Play, Nsa Polygraph, Nsa Purpose, Nsa Quantum Computer, Nsa Quotes, Nsa Qualifications, Nsa Quantum, Nsa Quizlet, Nsa Questions, Nsa Qualifier, Nsa Quantum Computer Farm, Nsa Quartet, Nsa Quiz, Nsa Rogers, Nsa Requirements, Nsa Rules, Nsa Recruiting, Nsa Relationship, Nsa Rule Book, Nsa Ransomware, Nsa Russia, Nsa Responsibilities, Nsa Reno, Nsa Softball, Nsa Surveillance, Nsa Spying, Nsa Slang, Nsa Salary, Nsa Stands For, Nsa Soccer, Nsa Softball Rules, Nsa Scholarship, Nsa Scandal, Nsa Texas, Nsa Tournaments, Nsa Tools, Nsa Trump, Nsa Tao, Nsa Tools Leaked, Nsa Twitter, Nsa Tinder, Nsa Test, Nsa Training, Nsa Utah, Nsa Urban, Nsa Usa, Nsa Utah Facility, Nsa Unmasking, Nsa Utah Jobs, Nsa Unconstitutional, Nsa Umpire, Nsa Under Obama, Nsa Uniform, Nsa Vs Cia, Nsa Visitor Center, Nsa Virginia, Nsa Vs Fbi, Nsa Vs Cia Vs Fbi, Nsa Virus, Nsa Visitor Control Center, Nsa Vpn, Nsa Vanilla, Nsa Violation Of Privacy, Nsa Wiki, Nsa Whistleblower, Nsa Washington, Nsa Wiretapping, Nsa Website, Nsa Water Filter, Nsa Watchlist, Nsa World Series, Nsa Wikileaks, Nsa Wannacry, Nsa Xkeyscore, Nsa Xbox One, Nsa Xeno World Qualifier, Nsa Xkeyscore Download, Nsa Xcode, Nsa Xbox Live, Nsa Xeno Tournament, Nsa Xkeyscore Presentation, Nsa X, Nsa X Files, Nsa Youtube, Nsa Yogurt, Nsa Young Investigator Grant, Nsa Youth Florida, Nsa Yearly Budget, Nsa Yottabyte, Nsa Youth Program, Nsa Youth, Nsa Yellow Dots, Nsa Yakima, Nsa Zero Day, Nsa Zip Code, Nsa Zeus, Nsa Zimmermann Telegram, Nsa Zimbabwe, Nsa Za, Nsa Zero Day Exploit, Nsa Zyxel, Nsa Zero Division, Nsa Zone Store