Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
United States Government Privacy

Prosecutors Say Contractor Stole 50 Terabytes of NSA Data (zdnet.com) 90

An NSA contractor siphoned off dozens of hard drives' worth of data from government computers over two decades, prosecutors will allege on Friday. From a ZDNet report: The contractor, Harold T. Martin III, is also accused of stealing thousands of highly classified documents, computers, and other storage devices during his tenure at the agency. It's not known exactly what Martin allegedly stole, but a report from The New York Times on Wednesday suggests that the recently-leaked hacking tools used by the agency to conduct surveillance were among the stolen cache of files. Prosecutors will on Friday charge Martin with violating the Espionage Act. If convicted, he could face ten years in prison on each count. The charges, news of which was first reported by The Washington Post, outline a far deeper case than first thought, compared to the felony theft and a lesser misdemeanor charge of removal and retention of classified information revealed in an unsealed indictment last month.
This discussion has been archived. No new comments can be posted.

Prosecutors Say Contractor Stole 50 Terabytes of NSA Data

Comments Filter:
  • by Anonymous Coward

    Are you sure it's not the Russian spies who did it? They seem to be responsible for just about everything lately...

    • by Anonymous Coward

      Russian spies, Chinese spies, Israeli spies, patriotic American whistleblowers, American thieves with unknown motivations, careless NSA operatives, five-eyes allies (and all their Russian spies, Chinese spies etc), they all have access. Don't worry though, your data is safe with us.

    • Ssssh, his real name is Garold Timofeyevich Martinov...
  • Oh brother (Score:5, Interesting)

    by Noryungi ( 70322 ) on Thursday October 20, 2016 @03:19PM (#53117683) Homepage Journal

    First there was Snowden, now this.

    50TB of data stolen? OK, so they caught the guy, but, if he had been a bit less greedy, perhaps he would have gotten away with it.

    Seriously, how can anyone trust the NSA to do the right thing (respect human rights, rule of law, due process, yadda yadda yadda) after these two... ahem... "incidents" is beyond me. Is everyone asleep at the wheel at Fort Meade?

    And here is something even more disturbing: if a contractor can do this, what makes you think other people at NSA can't do this, for, you know... "fun" and profit?

    Quis custodiet ipsos custodes?

    • Re:Oh brother (Score:5, Insightful)

      by Kierthos ( 225954 ) on Thursday October 20, 2016 @03:40PM (#53117825) Homepage

      Well, he supposedly did this over the course of 20 years. However....

      That actually means the problem is worse. How, over the course of 20 years, did no one notice this? I mean, let's say he had two week's vacation every year, he's still absconding with 50 Gigs of data a week for 20 years. (On average, and assuming that the 50 Terabyte estimate is accurate.)

      Okay, sure you can get a cheap USB drive that has 128 or 256 Gigs of space on it, but 20 years ago? A shitload of ZIP disks? Physically removing the hard drives?

      And the sad thing is, probably half the people who should have caught this have already retired.

      • I mean, most likely, as larger storage media became commercially available, he probably stepped up his game. I can't imagine how you could sneak 50 ZIP disks in and out of an NSA facility weekly and not get caught much sooner.

      • It's probably because the NSA has likely had a 'vacuum everything up' approach for its entire existence. If they've always got more data than they can sort through, it's going to be easy to sneak something out. The NSA probably scoops up that much data in a day.
      • by rtb61 ( 674572 )

        Did if for twenty years, without getting caught. Than that data was going from one supposedly secure location to another actually secure location. For that period of time without getting busted, very likely a corporate spy and at a guess they were paid by their own corporation to steal that information from the US government for analysis by the multi-national corporation executive team and that corporation was using additional contractors to cover up any accidental exposure, so they are very likely looking

    • That's the whole problem here. It should have been apparent to everyone, a long time ago already now, that all of the NSA's fear-mongering self justifications are transparently obviously the excuses of the actual villains they claim to be protecting us from, and the NSA was only ever about creating excuses and situations for these types of breaches to take place. Anyone who thinks otherwise is hopelessly naive and probably unwittingly being victimized daily by identity harvesters.

    • by bongey ( 974911 )

      Guy on the internet thinks classified leaks is a new problem. News at 11. https://en.wikipedia.org/wiki/... [wikipedia.org]

    • by waynemcdougall ( 631415 ) <slashdot@codeworks.gen.nz> on Thursday October 20, 2016 @06:18PM (#53118967) Homepage

      No.

      FIRST was this (and who knows what else). THEN there was Snowdon. This is important.

      One of the arguments in favour of Snowdon being an honourable whistleblower was this:

      If he was malicious, he would have quietly stilen the data and sold it to the highest bidder. Like this guy did. And Snowdon didn't.

      One of the (many) arguments in favour of Snowdon is that if he could *so easily* collect that information undetected, then other, malicious people could be doing so. And so it turns out. Snowdon alerted us to the weaknesses of the NSA security practices (amongst many other nobler services).

      Vindication. Again. It tastes sweet. But not as sweet as a pardon.

    • by sudon't ( 580652 )

      First there was Snowden, now this.

      50TB of data stolen? OK, so they caught the guy, but, if he had been a bit less greedy, perhaps he would have gotten away with it.

      He's nothing like Snowden. I heard on the radio that this guy was some kind of obsessive hoarder, hence the massive amount of stuff. He never shared any data with anybody, he just "wanted it". Could be bullshit from his lawyer, but then again, we all know people who are like this, to one degree or another.

  • by ebunga ( 95613 ) on Thursday October 20, 2016 @03:23PM (#53117717)

    The NSA... the agency responsible for keeping government secrets actually secret... can't keep its own systems secured. This same government wants unfettered access to all encrypted systems, and already has the ability to tap any phone anywhere in the US from the comfort of their living room sofa. Not scary at all. Nope.

    • by tlhIngan ( 30335 )

      The NSA... the agency responsible for keeping government secrets actually secret... can't keep its own systems secured. This same government wants unfettered access to all encrypted systems, and already has the ability to tap any phone anywhere in the US from the comfort of their living room sofa. Not scary at all. Nope.

      We don't know this.

      We don't know how he got access to the files - perhaps he was authorized to? Remember, Snowden's files were everything he had a legal right to access in the course of his

    • Or ~2013 for AMD (Although the old AMD hardware is still 'fresh' on the market until next year.)

      AM3/C32/G34 are all pre-SEE but anything LGA11xx or LGA2011+ on the Intel side has had signed management engine firmware since Sandy Bridge. Given the list of countries involved in R&D for it, you should assume Israel, the US, and potentially many of their allies have known exploits if not custom tools to gain remote access to any x86 computer hardware newer than that point. Basically all modern motherboards

  • by nospam007 ( 722110 ) * on Thursday October 20, 2016 @03:32PM (#53117765)

    Apparently tons of people, if the last years is any indication.

  • NSA: Well, we can't get Snowden, but it would sure be swell if we could get SOMEONE.
    Martin: *Waves* Hi! I'm still living in the States!
    NSA: Yes, you'll do nicely.

  • by Anonymous Coward on Thursday October 20, 2016 @03:47PM (#53117895)

    I sometimes attend IT-related conferences, a few in the infosec space. And inevitably a few people from government contractors and agencies show up (on the taxpayers' dime) and rail against encryption, Apple, Snowden, or anything that makes operating the surveillance state difficult for them.

    But between Snowden, the Russians, this guy, and OPM, what's left to steal? Why are we paying these assholes -- especially the ones working for contractors who've sucked on the federal tit for decades -- six-figure salaries to sit around Northern Virginia and shit on the Bill of Rights all day long?

    This entire thing's a joke. They spy on us, and then can't secure the shit they uncover. Read Congress's recent report on the OPM debacle to see how fucked we are.

    • by swb ( 14022 )

      What I don't get is why joining the NSA isn't something like getting a really well paid job combined with being in the military.

      Pay them really well, so well they would have to think 3 times about not joining. Like 4x a similar pay rate that you'd find in a top-tier city for an equivalent job. Make working conditions really nice -- free high-end restaurant quality dining on premises with a room service option for people who wanted to work through a meal hour, super nice office spaces, the whole experience

    • by SumDog ( 466607 )

      There is an increasing amount of evidence that Snowden still works for the CIA. He's the only one including this guy and Manning, who hasn't been caught (which just feels super suspicious .. that combined with him criticizing Russia on Twitter .. while in Russia .. supposedly).

      I don't think the Snowden story is real. I think it's most likely propaganda. And if that's fake, who is to say there is any legitimacy to this story either?

      We live in 1984, just less totalitarian and more Brave New World (with all th

  • Talk about rich irony deposits..

  • It wasn't 50 Terabytes of data, it was drives that were capable of storing 50 Terabytes of data or 500 million pages of documents. By extrapolation, 50 terabytes can hold 500 million pages. SO they are charging him with the max. It doesn't mean there was that much info, there could be 1 document on the drive. He had like a dozen drives. But he had stuff sitting in plain site in his car, so didn't look like he cared to protect it. Not sure why it took so long to catch him.
  • NSA should be charged for allowing it to continue for 2 decades

  • Does the NSA still have those files? Then they weren't stolen, they were copied.
  • Who at the NSA will also face prosecution for such poor access controls that a *contractor* (not even a full employee) could steal 50TB of "highly classified documents" unnoticed?

    I have full admin rights to every system at my employer, and even with those admin rights, I could not steal data unnoticed. A few times a month I trip an alarm in my normal work and have to justify my actions to our compliance group.

    And we don't even store classified documents, just run of the mill business documents for our custo

    • by AHuxley ( 892839 )
      re "A few times a month I trip an alarm in my normal work and have to justify my actions to our compliance group."
      Internally the NSA don't have an alarm for that. Nobody could do any gov work if "alarms" or encryption got installed at that level and had to be cleared every few hours.
      Everything is decrypted and reduced to plain text. Thats the mission to decrypt and read, sort and index. The select humans allowed in to read and search the material are the "security".
      The idea is to allow the NSA workers
      • by hawguy ( 1600213 )

        re "A few times a month I trip an alarm in my normal work and have to justify my actions to our compliance group."

        Internally the NSA don't have an alarm for that. Nobody could do any gov work if "alarms" or encryption got installed at that level and had to be cleared every few hours.

        Why not? If private companies are expected to have access controls and adequate auditing for sensitive data and face fines for data breaches, then why isn't the NSA held to the same standard when they have access to much more sensitive data? if a private company has a breach, it can face multi-million dollar fines. What's the punishment when the NSA (who has access to far more data than many people prefer) loses that data because they can't be bothered to secure it out of "convenience". When a hospital has

        • by AHuxley ( 892839 )
          Re "You said they already only allow a select group of people have access to the data and that's their security model, now you say that the way to fix the problem is to only allow access to trusted staff? Who is this "select group" if it's not "trusted staff"? A select group of untrusted staff?"
          Thats the big question. Encrypt and tell all the workers they are not trusted at any level and all have to get permission/keys everyday?
          That breaks down that esprit de corps, comradery or respect and excellence.
  • It would be illegal to spy on Americans in their own country, therefore such data can't exist.

    Qui custode custodi?

  • by Anonymous Coward

    Just concerned that she wasn't getting enough data from the NSA, as she always complains in her emails....

  • The bigger question is: what did he do with all this data?
    Stash it in his basement? As insurance for something?
    Use it for blackmail?
    Sell it to foreign spies?
    Leak select items to the press?

    He certainly did not publish it wholesale or we would have heard about it.

  • According to reports he stole NSA Hacking Tools, so does that mean the NSA has sent details on the exploits their tools use to the various Software Developers so that they can fix their code?

"Pok pok pok, P'kok!" -- Superchicken

Working...