Home Tags Top-secret

Tag: top-secret

WikiLeaks doc dump reveals CIA tools for infecting air-gapped PCs

Brutal Kangaroo jumps network breaks, according to leaked classified info WikiLeaks has published online more top-secret documents it has obtained from the CIA describing the agency's hacking tools.

This time the dossier details software codenamed Brutal Kangaroo that agents can use to infect targets' air-gapped computers with malware.…

NSA Report: Russian Military Hackers Targeted US Voting Software, Election Officials

Top-secret NSA report leaked by now-arrested federal contractor to journalists shows levels to which Russian hacking machine targeted US election.

Ex-NSA contractor Harold Martin indicted: He spent ‘up to 20 years...

US prosecutors list dossiers and code allegedly swiped Former Booz Allen Hamilton contractor Harold Thomas Martin III allegedly stole secret and top-secret software and documents from American intelligence agencies for up to 20 years.

That's according to a federal grand jury indictment revealed today.…

WikiLeaks to US government: Stop leaking secrets!

Enlarge / Julian Assange's Wikileaks is shocked—shocked—that someone would leak secrets for political reasons.Ben Stansall/AFP via Getty Images reader comments 200 Share this story On Thursday, NBC News broadcast a report claiming to have exclusive details from the top-secret version of the intelligence community report on Russian hacking and information warfare activities delivered to President Barack Obama—a report scheduled to be delivered by intelligence officials to President-elect Donald Trump today. The NBC report followed a Washington Post report based on information from anonymous “US officials” about intercepted communications between Russian leaders celebrating Donald Trump’s election as a victory. The NBC report drew an instant rebuke via Twitter from Trump. WikiLeaks, which has previously published leaked highly classified US intelligence data, cried foul over the leaks. How did NBC get "an exclusive look into the top secret report he (Obama) was presented?" Who gave them this report and why? Politics! — Donald J. Trump (@realDonaldTrump) January 6, 2017 The Obama admin/CIA is illegally funneling TOP SECRET//COMINT information to NBC for political reasons before PEOTUS even gets to read it. — WikiLeaks (@wikileaks) January 6, 2017 The parade of leaks regarding the US intelligence assessment about Russian hacking is notable given the Obama administration’s past crackdown on leaks, which has included a record number of prosecutions against those leaking information to journalists. The leaks are likely motivated by Trump’s frequent dismissal of official intelligence community statements regarding the alleged involvement of the Russian government in the hacking and dissemination of information from the Democratic National Committee and the Clinton campaigns. According to the NBC report, the 50-plus page classified version of the intelligence community report details Russian digital espionage operations dating as far back as 2008, including the breach of e-mail systems at the White House, State Department, the Joint Chiefs of Staff, and US corporations, in addition to the attacks focused on the DNC and the Hillary Clinton presidential campaign. Those details would present a more complete picture of the various "threat groups" lumped into the recent FBI/Department of Homeland Security Joint Analysis Report as "Grizzly Steppe." President Obama has not yet received the report, but he was given a briefing on its contents on Thursday. A final Top Secret, Compartmented Information version of the report will be delivered to cleared members of the administration and the Trump transition team today; Congress will receive a classified version of the report on Monday, and an unclassified version is expected to be made public early next week. Early today, in an interview with the New York Times, Trump referred to the intelligence community's focus on the Russian hacking a politically-motivated attack against him. Referencing the breach of the Office of Personnel Management, Trump said, “China, relatively recently, hacked 20 million government names, How come nobody even talks about that? This is a political witch hunt.”

Trump says CIA report that Russia helped his electoral win is...

Enlarge / US President-elect Donald Trump speaks during the USA Thank You Tour December 9, 2016 in Grand Rapids, Michigan.Don Emmert / Getty Images News reader comments 145 Share this story President-elect Donald Trump has continued to flaunt reported assessments by the CIA that the Russian government specifically helped his campaign win the presidential election, calling them "ridiculous." One of Trump’s top advisors, Kellyanne Conway, also dubbed them "laughable and ridiculous" on CBS’s "Face the Nation" on Sunday. On Friday evening, The Washington Post reported that the CIA has "concluded in a secret assessment that Russia intervened in the 2016 election to help Donald Trump win the presidency, rather than just to undermine confidence in the US electoral system, according to officials briefed on the matter." Shortly after the Post published, the Presidential Transition Team sent out a statement to Ars and other media on Friday at 9:35pm ET, essentially mocking the intelligence community: These are the same people that said Saddam Hussein had weapons of mass destruction. The election ended a long time ago in one of the biggest Electoral College victories in history. It’s now time to move on and "Make America Great Again." On Saturday, The New York Times quoted Gen. Michael Hayden, the former director of the National Security Agency and the CIA under President George W. Bush, as expressing shock that Trump would so wantonly dismiss the opinion of the intelligence community. "To have the president-elect of the United States simply reject the fact-based narrative that the intelligence community puts together because it conflicts with his a priori assumptions—wow," he said. In October 2016, just a month before the election, the Office of the Director of National Intelligence and the Department of Homeland Security publicly said that Russian-led "thefts and disclosures are intended to interfere with the US election process." Check the record book On Fox News Sunday, Trump made his "ridiculous" remark, calling the report "just another excuse." "I don’t believe it," he said. "I don’t know why—and, I think it’s—they talked about all sorts of things. Every week it’s another excuse. We had a massive landslide victory, as you know, in the electoral college. I guess the final numbers are down to 306 and she was at a very low number." Trump did not win the electoral college by a "landslide." Electoral records show that his margin of victory in the electoral college was 46th out of 56 elections. "If you look at the story and you take a look at what they said, 'there’s great confusion, nobody really knows,'" Trump continued. "And hacking is very interesting. Once they hack, if you don’t catch them in the act, you’re not going to catch them. They have no idea if it’s Russia or China, or somebody. It could be somebody sitting in a bed someplace. They have no idea." During the same interview, Trump also reportedly said that as president he would not receive the top-secret President’s Daily Briefing. Currently, the president-elect is reportedly only receiving it once a week. Trump continued in his interview with Fox News Sunday that Vice President-elect Mike Pence, would receive the PDB in his place, largely because Trump finds it too repetitive. "You know, I’m, like, a smart person," he said. "I don’t have to be told the same thing in the same words every single day for the next eight years." "Now, there will be times where it might change," he said in the interview with Fox News Sunday host Chris Wallace. "I mean, there will be some very fluid situations. I'll be there not every day, but more than that. But I don't need to be told, Chris, the same thing every day, every morning — same words. 'Sir, nothing has changed. Let's go over it again.' I don't need that." Sound the alarm Also on Sunday, a bipartisan group of four senators, including Sen. John McCain (R-Arizona), the chair of the Senate’s Armed Services Committee, released a joint statement saying that "reports of Russian interference in our election should alarm every American." The statement continued: Congress’s national security committees have worked diligently to address the complex challenge of cybersecurity, but recent events show that more must be done. While protecting classified material, we have an obligation to inform the public about recent cyberattacks that have cut to the heart of our free society. Democrats and Republicans must work together, and across the jurisdictional lines of the Congress, to examine these recent incidents thoroughly and devise comprehensive solutions to deter and defend against further cyberattacks. This cannot become a partisan issue. The stakes are too high for our country. We are committed to working in this bipartisan manner, and we will seek to unify our colleagues around the goal of investigating and stopping the grave threats that cyberattacks conducted by foreign governments pose to our national security. The press contact listed, Dustin Walker, did not immediately respond to Ars’ request for comment.

Disgraced IT worker stole confidential Expedia e-mails even after he left

EnlargeKlaus with K reader comments 1 Share this story A former IT specialist at Expedia has admitted he used his privileged position to access executives' e-mails in an insider stock-trading scheme that netted almost $330,000 in illegal profits, p...

“He’s not Edward Snowden,” lawyers for accused NSA contractor tell judge

EnlargePaul J. Richards / Getty Images News reader comments 47 Share this story Defense attorneys representing Harold Martin, the former National Security Agency contractor accused of stealing a vast quantity of classified materials, have asked a more senior judge to review the decision that kept their client in federal custody. On Tuesday, Martin’s federal public defenders filed a “motion to review detention order,” asking US District Judge Richard D.

Bennett to overrule his more junior colleague’s decision last Friday to keep Martin behind bars. In August, when Martin was arrested, investigators seized 50 terabytes' worth of data and many other printed and classified documents from Martin’s home in suburban Maryland.
If all of this data was indeed classified, it would be the largest such heist from the NSA, far larger than what former contractor Edward Snowden took. During last week's hearing, James Wyda, one of Martin’s lawyers, told US Magistrate Judge A.

David Copperthite that his client “is not Edward Snowden. He's not someone who, due to political ideas or philosophical ideas or moral principles, thinks he knows better than everybody else.” However, Wyda did not put forward a clear argument as to why his client was found with so much classified material in his home and his car. In the Tuesday filing, Wyda again argued for Martin’s release, saying, “The only consideration before the Court will be whether there is a ‘serious risk’ that Mr. Martin will fail to appear for court appearances if he is released.” Risky business Prior to the October 21 detention hearing, prosecutors told US Magistrate Judge A.

David Copperthite that Martin, who held top-secret clearance while he was a contractor at Booz Allen Hamilton, could flee the US or perhaps be targeted or abducted by a foreign power.

The feds also noted that they would be seeking to prosecute him under the Espionage Act. (Martin was fired from his job and was stripped of his clearance once his criminal prosecution surfaced.) Judge Copperthite found the government’s arguments convincing, calling Martin’s release a “serious risk to the public" and ordering him to remain in custody pending trial. In the new filing, Wyda reiterated his earlier arguments to Judge Bennett, underscoring that his client would continue to make appearances before the court, as he has “strong ties” to Maryland, the state where Martin lives and where the NSA is based. The lawyer concluded: For these and other reasons that will be discussed at a hearing on this motion, Mr. Martin respectfully requests release pending trial subject to any conditions the Court finds appropriate to reasonably assure his appearance in Court, such as 24-7 electronic home monitoring, no use of computers or the Internet, no firearms, no alcohol, and an alcohol monitoring device. Judge Bennett will hold a hearing on the matter this Friday, October 28, at 2:30pm ET in federal court in Baltimore.

Defense team: “No evidence” NSA contractor “intended to betray his country”

EnlargeUlrich Baumgarten / Getty Images News reader comments 41 Share this story The federal public defenders for Harold Martin, the former National Security Agency contractor accused of stealing a large amount of highly classified data and documents, asked the judge to release their client on bail in a late Thursday evening court filing. Earlier on Thursday, prosecutors told US Magistrate Judge Beth P. Gesner that Martin is a flight risk and should be kept in custody. In their own filing, the government argued that Martin, who held top-secret clearance while he was a contractor at Booz Allen Hamilton, is a flight risk. The feds noted that they would be seeking to prosecute him under the Espionage Act. (Martin was fired from his job and was stripped of his clearance once his criminal prosecution surfaced.) In the three-page response, Martin’s lawyers, James Wyda and Deborah Boardman, argued that Martin “does not pose a serious risk of flight.” They note that in a slew of similar cases, including those that involved Gen. David Petraeus and former high-level NSA official Thomas Drake, the accused was not detained pending trial. The defense team continued: The government concocts fantastical scenarios in which Mr. Martin—who, by the government’s own admission, does not possess a valid passport—would attempt to flee the country. Mr. Martin’s wife is here in Maryland. His home is here in Maryland. He has served this country honorably as a lieutenant in the United States Navy, and he has devoted his entire career to serving his country. There is no evidence he intended to betray his country. The government simply does not meet its burden of showing that no conditions of release would reasonably assure Mr. Martin’s future appearance in court. For these reasons, and additional reasons to be discussed at the detention hearing, Mr. Martin should be released on conditions pending trial. Martin is set to appear before Judge Gesner Friday afternoon in Baltimore. UPDATE 4:27pm ET: According to WJZ reporter Mike Hellgren, the judge ordered Martin to remain in custody. Defense attorney James Wyda characterized his client as "a hoarder."

NSA Contractor Over 20 Years Stole More Than 50 Terabytes Of...

Harold Martin, now in custody, is a risk to himself and others if freed from custody, a US prosecutor warns in a detailed filing in the case. When law enforcement officials stumbled upon a cache of firearms while executing a search warrant on the premises of Harold Martin, the National Security Agency (NSA) contractor recently arrested for stealing classified information, his very distraught wife asked for the weapons to be removed from her home. She was afraid that he would use them to kill himself if he "thought it was all over," US Attorney Rod Rosenstein said in a pretrial motion that paints a troubling if somewhat incomplete picture of the man behind what could arguably be the biggest-ever case of insider theft. Rosenstein's motion, filed in the US District Court for the District of Maryland this week, urges the court not to release Martin from pretrial custody. It uses his wife's concerns of self-inflicted harm and a litany of other reasons as a basis for the request. The 12-page legal brief alleges that in the 20 years between 1996 and 2016 that Martin worked with government, he stole a staggering 50 terabytes of data in digital form and an additional six banker's boxes full of printed documents. It is unclear why Martin’s alleged theft of classified as well as unclassified data over such an extended period of time was never spotted. The apparent fact that he was able to continue illegally accessing data even after Snowden's data theft prompted a government-wide security overhaul, also is sure to raise new alarms about the effectiveness of that overhaul. A lot of the data he allegedly stole was marked Secret or Top Secret and at least some of it is what the government considers as information of national defense and national security import. For instance, one of the classified documents allegedly in Martin's possession was marked "Top Secret/Sensitive Compartmented Information" ("TS/SCI") and pertained to specific operational plans against a known US enemy, Rosenstein said. Martin's cache of stolen data is also believed to have included information on top-secret hacking tools developed by US intelligence agencies, the New York Times reported this week, citing unnamed sources. The staggering volume of data that was allegedly found in Martin's possession would appear to make his theft even bigger than Edward Snowden's heist. "The Defendant was in possession of an astonishing quantity of marked classified documents which he was not entitled to possess," Rosestein noted in somewhat of an understatement. "Many of the marked documents were lying openly in his home office or stored in the backseat and trunk of his vehicle." Martin regularly carried highly sensitive data in his vehicle and routinely parked it in his driveway because he didn’t have an enclosed garage, the filing revealed. Even the 50,000 gigabytes of digital information that he is believed to have stolen could be a conservative estimate, Rosenstein’s legal brief said, noting that each gigabyte offers enough space for storing 10,000 pages of text and images. The legal document shows that Martin's alleged illegal behavior began in 1996 when he abused his access to classified information while serving in the US Naval Reserves. Between then and his arrest on August 27, Martin worked at several government agencies including the National Security Agency, as an employee for seven different private contractors. With his security clearance, Martin worked on highly classified and specialized projects and signed numerous non-disclosure agreements acknowledging the sensitive nature of his work and his commitment not to abuse his access to sensitive data. "The Defendant's decades of criminal behavior were in flagrant violation of his many promises and oaths, as well as the law," Rosenstein said. The motion called attention to Martin's enrollment in a Ph.D program in information security at the time of his arrest, and of his several advanced degrees and expertise in areas like encryption, anonymization, and secure-communication. Such skills would make it easy for Martin to access and transmit information to others that he may have stored online, Rosenstein said in arguing against Martin's release from custody. "As a trusted insider, the Defendant was able to defeat myriad, expensive controls placed on that information," and he has the skill to transfer all of the stolen information electronically and make it available to others if he was given access to the Internet, the prosecuting attorney noted. The motion does not make clear what Martin's motives might have been. But it makes clear that there's enough evidence to suggest that Martin either illegally shared or planned to share the data with others. For example, the 10 firearms recovered from his home included an "AR-style tactical rifle and a pistol-grip shotgun with a flash suppressor." In addition, he had a loaded handgun in his car in violation of state law. If Martin had stolen it for his own edification as claimed, there would have been little reason to "arm himself as though he ere trafficking in dangerous contraband," Rosenstein argued. Similarly, a printed email chain marked "Top Secret" recovered from Martin's car had handwritten notes on the back of the document describing classified technical operations and appear intended "for an audience outside of the Intelligence Community." 'Prime Target' The extensive publicity the case has received guarantees that every foreign counterintelligence agency knows Martin has access to highly sensitive data either hidden in physical locations, cyberspace, or stored in his head, the filing said. "This makes the Defendant a prime target, and his release would seriously endanger the safety of the country and potentially even the Defendant himself," Rosenstein said. Related stories   Jai Vijayan is a seasoned technology reporter with over 20 years of experience in IT trade journalism. He was most recently a Senior Editor at Computerworld, where he covered information security and data privacy issues for the publication. Over the course of his 20-year ... View Full Bio More Insights

Feds seized 50TB of data from NSA contractor suspected of theft

The National Security Operations Center at NSA, photographed in 2012—the nerve center of the NSA's "signals intelligence" monitoring.National Security Agency reader comments 81 Share this story In a new Thursday court filing, federal prosecutors expanded their accusations against a former National Security Agency contractor.

Federal investigators seized at least 50 terabytes of data from Harold Thomas Martin III, at least some of which was "national defense information." If all of this data was indeed classified, it would be the largest such heist from the NSA, far larger than what former contractor Edward Snowden took. Prosecutors also said that Martin should remain locked up and noted that he will soon be charged with violations of the Espionage Act.

That law, which dates back nearly a century, is the same law that was used to charge Chelsea Manning and Snowden, among others.
If convicted, violators can face the death penalty. United States Attorney Rod Rosenstein and two other prosecutors laid out new details in the case against Martin, whose arrest only became public earlier this month. Martin had been a contractor with Booz Allen Hamilton and possessed a top-secret clearance. The new filing states that Martin also took “six full bankers’ boxes” worth of paper documents, many which were marked “Secret” or “Top Secret.” The documents date from between 1996 through 2016. “The weight of the evidence against the Defendant is overwhelming,” court document plainly state. The documents continue: For example, the search of the Defendant’s car revealed a printed email chain marked as “Top Secret” and containing highly sensitive information.

The document appears to have been printed by the Defendant from an official government account. On the back of the document are handwritten notes describing the NSA’s classified computer infrastructure and detailed descriptions of classified technical operations.

The handwritten notes also include descriptions of the most basic concepts associated with classified operations, as if the notes were intended for an audience outside of the Intelligence Community unfamiliar with the details of its operations. The government also presents new biographical information about Martin, noting that he has “obtained advanced educational degrees and has taken extensive government training courses on computer security, including in the areas of encryption and secure communications.” Martin allegedly used a “sophisticated software tool which runs without being installed on a computer and provides anonymous Internet access, leaving no digital footprint on the Machine,” and he tried “to run operating systems on his machines that would not leave any forensic evidence of his computer activities.” That could suggest Martin was using TAILS or another USB-bootable operating system in conjunction with Tor or a VPN. While the new filing does not specifically mention it, the New York Times reported Wednesday that Martin may have been involved in the “Shadow Brokers” dump of NSA exploits. As the Times reported: But so far, the investigators have been frustrated in their attempt to prove that Mr. Martin deliberately leaked or sold the hacking tools to the Shadow Brokers or, alternatively, that someone hacked into his computer or otherwise took them without his knowledge. While they have found some forensic clues that he might be the source, the evidence is not conclusive, according to a dozen officials who have been involved in or have been briefed on the investigation. The former NSA contractor is accused of owning 10 guns, only two of which were registered, including an “AR-style tactical rifle.” Martin’s wife, Deborah Shaw, was “very upset to learn about the Defendant’s arsenal.” According to the new court filing, Shaw asked all the firearms to be removed from her home, and they were taken away by the FBI. Among the documents seized, investigators found a letter sent in 2007 to Martin’s colleagues, in which he criticizes the government’s information security practices and refers to those same co-workers as “clowns.” Martin is set to appear before US Magistrate Judge Beth P.

Gesner for a detention hearing on Friday at 2:15pm ET in Baltimore.

Arrested NSA contractor may have hoarded secrets to work from home

reader comments 89 Share this story Investigators have little doubt that a National Security Agency contractor arrested in August hoarded mountains of classified material, but so far they've found no evidence that he leaked anything to anyone, The New York Times reported Friday. Still, even if Harold T. Martin III didn't intentionally leak anything, federal officials remain highly concerned. Martin's home computers had "minimal security protection," leaving open the possibility, however remote, that hackers broke in and stole data that could compromise vital national security programs.

As the NYT reported: "Let’s just say he’s only a psycho hoarder and he keeps this stuff with his old copies of National Geographic and his collection of lunchboxes," said an administration official, who also asked not to be named. "That’s still extremely troubling to anyone in national security, because people like that don’t keep track of where things are or with whom they are talking." In Mr. Martin’s case, the official said, the sloppy handling "is particularly worrisome—we are talking sources and methods, tactics, techniques and procedures.

Those are the things we guard most closely." On seven occasions in the last three years, top-secret information has leaked from the NSA, raising concerns that leakers remain at large in a post-Edward Snowden agency. Martin's former wife portrayed her ex-husband, a former Navy officer, as a loyal US patriot who probably took the material so he could work on it at home.

The hoarding occurred over years.

At first, material was snuck out on paper, then on CDs, and eventually on thumb drives. A former PhD mentor at the University of Maryland, Baltimore County, where Martin was a PhD candidate, also portrayed Martin as dedicated and thoughtful.

But the mentor also said Martin seemed to believe his research into offensive computer security was under-appreciated on a campus where students and faculty had little understanding of the military. Over the past few years, two leaks in particular have concerned officials. One involved techniques the NSA uses to penetrate targeted computers even when they're not connected to the Internet.

Another published by WikiLeaks identified eavesdropping targets and included transcripts of intercepted communications from American allies.
So far, investigators are skeptical that the information came from Martin, but they are continuing to look for connections. Listing image by NSA

FBI arrests an NSA contractor suspected of stealing hacking tools

The FBI has arrested a U.S. government contractor for allegedly stealing classified documents, possibly including hacking tools. Harold Thomas Martin III, 51, has been charged with stealing government materials, including top secret information, the U.S.

Department of Justice said on Wednesday. Martin, who held a top-secret national security clearance, allegedly took six classified documents produced in 2014. "These documents were produced through sensitive government sources, methods, and capabilities, which are critical to a wide variety of national security issues," the DOJ said.  Reportedly, Martin is a contractor for the NSA and was arrested on suspicion for disclosing classified computer code that can hack foreign governments, according to The New York Times. Martin reportedly worked for Booz Allen Hamilton -- which also employed noted leaker Edward Snowden. Booz Allen Hamilton, a consulting firm that maintains NSA infrastructure, has declined to comment about Martin. Martin was originally arrested on Aug. 27, more than a week after anonymous hackers, called the ShadowBrokers, publicly leaked hacking tools that may belong to the NSA.
Sample files of those tools appear to be dated most recently to 2013. It's unclear if Martin's arrest is in any way connected.

But some security experts have been speculating an NSA insider may have been behind the ShadowBrokers leak.

The sample files of those hacking tools actually work and may be worth a small fortune.  Martin initially denied he had stolen any material when interviewed by investigators, but later admitted he had taken them and knew he had no authorization to do so, according to the DOJ's criminal complaint. Martin's attorney, however, has reportedly said there's no evidence proving his client betrayed the U.S.  "What we do know is that Hal Martin loves his family and his country he served," James Wyda, a federal public defender, told the Baltimore Sun. Hard-copy documents and digital information related to the stolen materials were found in Martin's home in Maryland and his vehicle, the DOJ alleged. If convicted, Martin could face 10 years in prison for theft of government property and another year for unauthorized removal of classified materials.   The NSA has not immediately responded for comment.