This story is over 5 years old.


The Alleged NSA Thief Stole Information Impacting At Least Five US Agencies

On Wednesday, the Department of Justice indicted former NSA contractor Harold Thomas Martin III with willful retention of national defense information.
Image: Carsten Reisinger/Shutterstock

Harold Thomas Martin III, 52, is allegedly behind one of the biggest thefts of US government information ever.  On Wednesday, the Department of Justice indicted Martin, charging him with willful retention of national defense information. The FBI arrested Martin last year.

"The indictment alleges that for as long as two decades, Harold Martin flagrantly abused the trust placed in him by the government by stealing documents containing highly classified information," US Attorney Rod J. Rosenstein said in a statement.


Although we already knew that the former NSA contractor had allegedly stolen a mountain of hard copy documents and digital files, the indictment includes some more specifics on what exactly he supposedly took home, including information concerning the NSA, CIA, and other government agencies.

A section of the indictment titled "relevant government agencies" includes the NSA, Department of Defense, US Cyber Command, the National Reconnaissance Office (NRO), and the CIA. According to the indictment, Martin stole material that impacted or related to all of these agencies.

The NSA material includes a 2014 report that contains foreign cyber intrusion techniques; a 2009 draft of a US Signals Intelligence Directive which outlined specific capabilities related to computer network operations used to defend the country; and even an NSA document "concerning extremely sensitive US planning and operations regarding global terrorists," according to the indictment. Martin also allegedly stole email correspondence from the agency, and one file dates all the way back to 1996. (Since 1993, Martin has been employed by at least seven private companies that worked with the US government, the indictment adds).

As for US Cyber Command—an offensive focused wing of the US' cyber operation—stolen documents dating from 2007 to last year include those discussing gaps in the military's capabilities, and details of specific operations, the indictment reads.


Although only getting one mention each, stolen material concerning the NRO and CIA includes information on the launch of an intelligence gathering satellite, and a 2008 document relating to foreign intelligence collection sources and methods.

However, a former employee of one of the affected agencies told Motherboard that it's hard to gauge the severity of each of these documents.

"It's honestly hard to say how serious they are. It's easy to make any intelligence or operations documents sound serious," the source said.

Although Martin may have taken truly serious documents, there's a chance the government may only be presenting those that it's willing to use as evidence in its case, rather than expose more secrets, even though courts do have mechanisms for handling classified information.

"I would highly doubt that any of these are 'crown jewels', but rather documents that clearly prove he knowingly handled classified documents improperly," they added.

If convicted, Martin faces a maximum sentence of 10 years in prison for each of the 20 counts of willful retention of national defense information, according to the indictment.

The indictment makes no mention of The Shadow Brokers, a hacker or group of hackers that publicly distributed a slew of NSA hacking tools last year. According to an earlier report from the Washington Post, Martin was the prime suspect behind those disclosures.

But as Martin has sat in detention, the Shadow Brokers have continued to post cryptographically signed messages, communicate with this reporter, and dump more hacking tools online.

"TheShadowBrokers no arrested," someone from the group wrote in an encrypted message in December.

Get six of our favorite Motherboard stories every day by signing up for our newsletter .