Prosecutors Say Contractor Stole 50 Terabytes of NSA Data (zdnet.com) 90
An NSA contractor siphoned off dozens of hard drives' worth of data from government computers over two decades, prosecutors will allege on Friday. From a ZDNet report: The contractor, Harold T. Martin III, is also accused of stealing thousands of highly classified documents, computers, and other storage devices during his tenure at the agency. It's not known exactly what Martin allegedly stole, but a report from The New York Times on Wednesday suggests that the recently-leaked hacking tools used by the agency to conduct surveillance were among the stolen cache of files. Prosecutors will on Friday charge Martin with violating the Espionage Act. If convicted, he could face ten years in prison on each count. The charges, news of which was first reported by The Washington Post, outline a far deeper case than first thought, compared to the felony theft and a lesser misdemeanor charge of removal and retention of classified information revealed in an unsealed indictment last month.
Are you sure? (Score:1)
Are you sure it's not the Russian spies who did it? They seem to be responsible for just about everything lately...
Re: Are you sure? (Score:1)
Russian spies, Chinese spies, Israeli spies, patriotic American whistleblowers, American thieves with unknown motivations, careless NSA operatives, five-eyes allies (and all their Russian spies, Chinese spies etc), they all have access. Don't worry though, your data is safe with us.
Re: (Score:2)
50 Terabytes per 20 Years (Score:2)
It's their job, isn't it? (Score:4, Funny)
> It seems everybody who works for the NSA these days is stealing data illicitly.
To be fair, isn't that their job?
Re: (Score:1)
More like vote trump and face death by firing squad
Oh brother (Score:5, Interesting)
First there was Snowden, now this.
50TB of data stolen? OK, so they caught the guy, but, if he had been a bit less greedy, perhaps he would have gotten away with it.
Seriously, how can anyone trust the NSA to do the right thing (respect human rights, rule of law, due process, yadda yadda yadda) after these two... ahem... "incidents" is beyond me. Is everyone asleep at the wheel at Fort Meade?
And here is something even more disturbing: if a contractor can do this, what makes you think other people at NSA can't do this, for, you know... "fun" and profit?
Quis custodiet ipsos custodes?
Re:Oh brother (Score:5, Funny)
He should have moved all that classified data through a private email server, then it would just be considered careless with no charges brought forward.
Re: (Score:2)
Re: (Score:3)
And you know what, we have no idea if this guy even is the ShadowBrokeer. All the "evidence" is totally classified for national security purposes. This guy might totally be railroaded. Hell, this guy may not even exist! This might be a whole media campaign just to keep the fear going. We really have no fucking idea.
Re: (Score:2)
No, he should be fine. I hear Hillary! is representing him.
Re:Oh brother (Score:5, Insightful)
Well, he supposedly did this over the course of 20 years. However....
That actually means the problem is worse. How, over the course of 20 years, did no one notice this? I mean, let's say he had two week's vacation every year, he's still absconding with 50 Gigs of data a week for 20 years. (On average, and assuming that the 50 Terabyte estimate is accurate.)
Okay, sure you can get a cheap USB drive that has 128 or 256 Gigs of space on it, but 20 years ago? A shitload of ZIP disks? Physically removing the hard drives?
And the sad thing is, probably half the people who should have caught this have already retired.
Re: (Score:1)
I mean, most likely, as larger storage media became commercially available, he probably stepped up his game. I can't imagine how you could sneak 50 ZIP disks in and out of an NSA facility weekly and not get caught much sooner.
Re: (Score:2)
Re:Oh brother (Score:5, Funny)
He smuggled Bernoulli disks hidden out of the NSA in his rectum. And before you say it, yes it nearly killed him.
Re: (Score:3)
> He smuggled Bernoulli disks hidden out of the NSA in his rectum. And before you say it, yes it nearly killed him.
Someone should send them a tip to check out Mr. Goatse as a potential accomplice.
Re: (Score:1)
Re: (Score:3)
Re: (Score:2)
Did if for twenty years, without getting caught. Than that data was going from one supposedly secure location to another actually secure location. For that period of time without getting busted, very likely a corporate spy and at a guess they were paid by their own corporation to steal that information from the US government for analysis by the multi-national corporation executive team and that corporation was using additional contractors to cover up any accidental exposure, so they are very likely looking
Re: (Score:1)
That's the whole problem here. It should have been apparent to everyone, a long time ago already now, that all of the NSA's fear-mongering self justifications are transparently obviously the excuses of the actual villains they claim to be protecting us from, and the NSA was only ever about creating excuses and situations for these types of breaches to take place. Anyone who thinks otherwise is hopelessly naive and probably unwittingly being victimized daily by identity harvesters.
Re: (Score:2)
Guy on the internet thinks classified leaks is a new problem. News at 11. https://en.wikipedia.org/wiki/... [wikipedia.org]
You are so wrong. Re:Oh brother (Score:4, Insightful)
No.
FIRST was this (and who knows what else). THEN there was Snowdon. This is important.
One of the arguments in favour of Snowdon being an honourable whistleblower was this:
If he was malicious, he would have quietly stilen the data and sold it to the highest bidder. Like this guy did. And Snowdon didn't.
One of the (many) arguments in favour of Snowdon is that if he could *so easily* collect that information undetected, then other, malicious people could be doing so. And so it turns out. Snowdon alerted us to the weaknesses of the NSA security practices (amongst many other nobler services).
Vindication. Again. It tastes sweet. But not as sweet as a pardon.
Re: (Score:2)
First there was Snowden, now this.
50TB of data stolen? OK, so they caught the guy, but, if he had been a bit less greedy, perhaps he would have gotten away with it.
He's nothing like Snowden. I heard on the radio that this guy was some kind of obsessive hoarder, hence the massive amount of stuff. He never shared any data with anybody, he just "wanted it". Could be bullshit from his lawyer, but then again, we all know people who are like this, to one degree or another.
The same government that wants backdoors (Score:5, Insightful)
The NSA... the agency responsible for keeping government secrets actually secret... can't keep its own systems secured. This same government wants unfettered access to all encrypted systems, and already has the ability to tap any phone anywhere in the US from the comfort of their living room sofa. Not scary at all. Nope.
Re: (Score:3)
We don't know this.
We don't know how he got access to the files - perhaps he was authorized to? Remember, Snowden's files were everything he had a legal right to access in the course of his
You should assume any computer newer than 2009... (Score:1)
Or ~2013 for AMD (Although the old AMD hardware is still 'fresh' on the market until next year.)
AM3/C32/G34 are all pre-SEE but anything LGA11xx or LGA2011+ on the Intel side has had signed management engine firmware since Sandy Bridge. Given the list of countries involved in R&D for it, you should assume Israel, the US, and potentially many of their allies have known exploits if not custom tools to gain remote access to any x86 computer hardware newer than that point. Basically all modern motherboards
Quis custodiet ipsos custodes? (Score:3, Funny)
Apparently tons of people, if the last years is any indication.
15 Second Explanation. (Score:2)
NSA: Well, we can't get Snowden, but it would sure be swell if we could get SOMEONE.
Martin: *Waves* Hi! I'm still living in the States!
NSA: Yes, you'll do nicely.
So what are these CISSP "cyberwarriors" doing? (Score:5, Insightful)
I sometimes attend IT-related conferences, a few in the infosec space. And inevitably a few people from government contractors and agencies show up (on the taxpayers' dime) and rail against encryption, Apple, Snowden, or anything that makes operating the surveillance state difficult for them.
But between Snowden, the Russians, this guy, and OPM, what's left to steal? Why are we paying these assholes -- especially the ones working for contractors who've sucked on the federal tit for decades -- six-figure salaries to sit around Northern Virginia and shit on the Bill of Rights all day long?
This entire thing's a joke. They spy on us, and then can't secure the shit they uncover. Read Congress's recent report on the OPM debacle to see how fucked we are.
Re: (Score:2)
What I don't get is why joining the NSA isn't something like getting a really well paid job combined with being in the military.
Pay them really well, so well they would have to think 3 times about not joining. Like 4x a similar pay rate that you'd find in a top-tier city for an equivalent job. Make working conditions really nice -- free high-end restaurant quality dining on premises with a room service option for people who wanted to work through a meal hour, super nice office spaces, the whole experience
Re: (Score:2)
Is the budget situation not already so?
Re: (Score:2)
There is an increasing amount of evidence that Snowden still works for the CIA. He's the only one including this guy and Manning, who hasn't been caught (which just feels super suspicious .. that combined with him criticizing Russia on Twitter .. while in Russia .. supposedly).
I don't think the Snowden story is real. I think it's most likely propaganda. And if that's fake, who is to say there is any legitimacy to this story either?
We live in 1984, just less totalitarian and more Brave New World (with all th
The NSA complaining about stolen data? (Score:2)
Talk about rich irony deposits..
dilbert (Score:2)
http://dilbert.com/strip/2013-... [dilbert.com]
Re: (Score:2)
500 Million Pages (Score:1)
they allowed it (Score:1)
NSA should be charged for allowing it to continue for 2 decades
Stolen Wrong Verb (Score:2)
Which NSA employees also face prosecution? (Score:2)
Who at the NSA will also face prosecution for such poor access controls that a *contractor* (not even a full employee) could steal 50TB of "highly classified documents" unnoticed?
I have full admin rights to every system at my employer, and even with those admin rights, I could not steal data unnoticed. A few times a month I trip an alarm in my normal work and have to justify my actions to our compliance group.
And we don't even store classified documents, just run of the mill business documents for our custo
Re: (Score:2)
Internally the NSA don't have an alarm for that. Nobody could do any gov work if "alarms" or encryption got installed at that level and had to be cleared every few hours.
Everything is decrypted and reduced to plain text. Thats the mission to decrypt and read, sort and index. The select humans allowed in to read and search the material are the "security".
The idea is to allow the NSA workers
Re: (Score:2)
re "A few times a month I trip an alarm in my normal work and have to justify my actions to our compliance group."
Internally the NSA don't have an alarm for that. Nobody could do any gov work if "alarms" or encryption got installed at that level and had to be cleared every few hours.
Why not? If private companies are expected to have access controls and adequate auditing for sensitive data and face fines for data breaches, then why isn't the NSA held to the same standard when they have access to much more sensitive data? if a private company has a breach, it can face multi-million dollar fines. What's the punishment when the NSA (who has access to far more data than many people prefer) loses that data because they can't be bothered to secure it out of "convenience". When a hospital has
Re: (Score:2)
Thats the big question. Encrypt and tell all the workers they are not trusted at any level and all have to get permission/keys everyday?
That breaks down that esprit de corps, comradery or respect and excellence.
How can you steal data which does not exist? (Score:1)
It would be illegal to spy on Americans in their own country, therefore such data can't exist.
Qui custode custodi?
It's OK, he's a Hillary contributor! (Score:1)
Just concerned that she wasn't getting enough data from the NSA, as she always complains in her emails....
The bigger question... (Score:2)
The bigger question is: what did he do with all this data?
Stash it in his basement? As insurance for something?
Use it for blackmail?
Sell it to foreign spies?
Leak select items to the press?
He certainly did not publish it wholesale or we would have heard about it.
He reportedly stole NSA Hacking Tools (Score:2)
According to reports he stole NSA Hacking Tools, so does that mean the NSA has sent details on the exploits their tools use to the various Software Developers so that they can fix their code?