Tech by VICE

FBI Arrests NSA Contractor on Suspicion of Leaking Hacking Tools

This comes after 'The Shadow Brokers' dumped a cache of NSA tools online.

by Joseph Cox
Oct 5 2016, 5:12pm

Image: ShutterStock

The FBI recently arrested an NSA contractor suspected of stealing classified material, the Department of Justice announced on Wednesday. A preemptive report from the New York Times indicated that the contractor might have stolen source code for NSA hacking tools.

Harold Thomas Martin III, age 51, from Maryland, is charged with theft of government property and unauthorized removal and retention of classified materials.

On August 27, search warrants were executed at Martin's home. According to the DOJ press release, much of the material taken from Martin's residence and vehicle had markings indicating that it was classified information of the United States, including Top Secret and Sensitive Compartmented Information (SCI).

These included six classified documents, created by a government agency in 2014, that "were produced through sensitive government sources, methods, and capabilities, which are critical to a wide variety of national security issues," the press release reads.

The arrest comes shortly after a hacker or group of hackers, calling themselves The Shadow Brokers, distributed NSA exploits that can be used, among other things, to take over popular hardware firewalls.

The New York Times, reported that a contractor who worked for Booz Allen Hamilton, the corporate giant that NSA whistleblower Edward Snowden also worked for, had been arrested. It wasn't immediately apparent if that report and this DOJ announcement were in fact talking about one and the same arrest.

In August, The Shadow Brokers dumped a slew of NSA exploits and hacking tools, including for gaining access to Cisco and Huawei firewalls. The hackers said they would release more code to the highest bidder of an online auction, or in exchange for 1 million bitcoins (around $568 million).

Just last weekend, someone supposedly representing The Shadow Brokers complained that no one was taking the auction seriously. That message was delivered in broken English, which linguistic experts said might have been faked by a native English speaker.

Motherboard recently sent several messages to The Shadow Brokers through various channels, but has not received a response.

Former NSA staffers previously told Motherboard that a rogue insider could have been behind the disclosure of the hacking tools. In September, Reuters reported that an investigation into the leak was focusing on the theory that one of the NSA's operatives accidentally left the tools on a remote server, which Russian hackers then found.

However, it has not been confirmed that this recent arrest, and the case of The Shadow Brokers, are directly connected.

Snowden, after reading the New York Times report, tweeted: "This is huge. Did the FBI secretly arrest the person behind the reports NSA sat on huge flaws in US products?"

The NSA and the FBI did not immediately respond to a request for comment, and a spokesperson for Booz Allen Hamilton said that the company does not have comment at this time.

When confronted by investigators with specific documents, Martin admitted he took the materials to his home and vehicle, according to the complaint filed against him.

"Martin stated that he knew what he had done was wrong and that he should not have done it because he knew it was unauthorized," the complaint reads.

Martin faces a maximum of one year in prison for the unauthorized removal and retention of classified materials, and ten years in prison for theft of government property.

Get six of our favorite Motherboard stories every day by signing up for our newsletter.