NSA Contractor Arrested for Stealing Classified Information

The NSA has another contractor who stole classified documents. It's a weird story: "But more than a month later, the authorities cannot say with certainty whether Mr. Martin leaked the information, passed them on to a third party or whether he simply downloaded them." So maybe a potential leaker. Or a spy. Or just a document collector.

My guess is that there are many leakers inside the US government, even more than what's on this list from last year.

EDITED TO ADD (10/7): More information.

Posted on October 7, 2016 at 6:07 AM • 27 Comments

Comments

Myron FlapdoodleOctober 7, 2016 7:35 AM

From a description of his house it sounds like hoarding behavior.

I hope he gets counseling after they hang him.

WillOctober 7, 2016 7:59 AM

They haven't said if the documents were *only* things he was personally working on, or vast quantities of documents he had no business accessing.

Maybe this guy only took things he personally worked on or made, and he was collecting to be able to show future generations and historians when he got old and the need for secrecy diminished?

Earl KillianOctober 7, 2016 10:33 AM

Isn't using the word "stole" in your post overly judgemental? One would need to know the motive to know whether this was theft or something else. I wouldn't call Snowden's actions theft, for example, because his was whistle blowing. By saying "another" you also suggest Snowden was stealing rather than revealing criminality to journalists.

CallMeLateForSupperOctober 7, 2016 11:39 AM

Earl Killian
"One would need to know the motive to know whether this was theft or something else."

Well, I think any "something else" would need to be very big, very unusual, e,g, exfiltrating classified as part of a fed. pen test. We haven't heard any fed stand up that defense for Martin.

Motive probably is irrelevant here. Assuming reports are true, he removed classified material from a secure location, without authorization. He kept the stuff at home for an extended period, so this wasn't a case of "Oops, I forgot I had this; better return it tomorrow."

I think he's down for misappropriating. Remains to be seen if Justice puts a full-court press on making an espionage case.

Dan HOctober 7, 2016 2:22 PM

Snowden isn't a whistleblower, he is a traitor. His only problem is not being a political elite like Hillary, then his crimes would have been covered up by the DoJ and White House.

Somebody AnonOctober 7, 2016 3:06 PM

Some additional info about this:

Investigators have little doubt that a National Security Agency contractor arrested in August hoarded mountains of classified material, but so far they've found no evidence that he leaked anything to anyone, The New York Times reported Friday.

http://www.nytimes.com/2016/10/07/us/politics/nsa-suspect-is-a-hoarder-but-a-leaker-investigators-arent-sure.html

http://arstechnica.com/tech-policy/2016/10/nsa-leaks-suspect-portrayed-as-a-hoarder-with-minimal-home-computer-security/

FenichelOctober 7, 2016 3:37 PM

@DanH & CallMeLateForSupper

Motive and intent have been confused in some discussion of the Espionage Act, the charge of treason, Ed Snowden, Harold Martin, and Hillary Clinton.

Treason is defined in Article III Section 3 of the U.S. Constitution:

Treason against the United States, shall consist only in levying war against them, or in adhering to their enemies, giving them aid and comfort.
The "adhering ... comfort" part defines motive: a traitor must have wanted to benefit an enemy to the detriment of the U.S. Many acts of public servants and of ordinary citizens might be seen to have given aid and comfort to enemies (e.g., committing war crimes, making xenophobic statements, other miscellaneous acts causing the U.S. to come into international disrepute), but these are not treasonous acts unless they are motivated by the goal of achieving those zero-sum effects. If DanH believes that Snowden, Martin, or Clinton is a traitor, he must be drawing on non-public information about their behavior or about the Constitution.

Most laws, including the Espionage Act, specifically exclude motive. They often require intent (you are not guilty of speeding if your accelerator jams), but motive, if it comes into play at all, may come up at sentencing (you are guilty of speeding, but you were bringing a sick child to the hospital).

Motive and intent seem to have been deliberately confounded in Comey's statements about Hillary Clinton's server. He asserted that her motive (convenience) was not criminal on its face. That was an irrelevance. She intended to have her own server: that's it, she violated the Espionage Act. So did Snowden, and so, it seems, did Martin.

Snowden has said that he would return to face trial if the Espionage Act allowed him to present a whistleblowing defense to the jury. Under the Espionage Act, no such defense could be offered. If the Act were amended to allow such a defense, it would offer no possible out to Clinton or Martin. Could it be drafted so as to prevent abuse by other violators? At https://dash.harvard.edu/bitstream/handle/1/12786017/Benkler.pdf?sequence=3, there's a long discussion of how such an amendment might work.

Rolf WeberOctober 7, 2016 4:46 PM

So far it is not clear whether Martin actually leaked anything. I doubt.

There is only one confirmed leaker of top secret documents: Snowden. And I would be very surprised if Snowden was not the source for Merkelphone, the ANT catalog, XKeyScore code, intercepts published by Wikileaks, and the drone papers. The 2nd, 3rd and so on leakers are baseless speculations. Much more likely is that there is only one Ed.

Sancho_POctober 7, 2016 6:01 PM

@Fenichel

Thanks for clarification and the link, very interesting.
Unfortunately it is the reality, the motive is always first, often already considered at the first contact with LE. So most won’t have a bad feeling when Comey talks about motive and not the facts - but should.
And when “someone” decides to try anyone for the Espionage Act I see the motive also before the fact checking, being implied in the accusation.

Cows in SpaceOctober 7, 2016 7:00 PM

from http://arstechnica.com/tech-policy/2016/10/nsa-leaks-suspect-portrayed-as-a-hoarder-with-minimal-home-computer-security/


Martin's former wife portrayed her ex-husband, a former Navy officer, as a loyal US patriot who probably took the material so he could work on it at home. The hoarding occurred over years. At first, material was snuck out on paper, then on CDs, and eventually on thumb drives.


A former PhD mentor at the University of Maryland, Baltimore County, where Martin was a PhD candidate, also portrayed Martin as dedicated and thoughtful. But the mentor also said Martin seemed to believe his research into offensive computer security was under-appreciated on a campus where students and faculty had little understanding of the military.

Given details like these, he sounds like a typical scholar, collecting stuff that looks interesting and taking it home to study it later. Poor dude. Similar cases are probably a dime a dozen.

The wholly unsubstantiated "leaker" narrative smacks of US presidential-election year fearmongering. Dilute news about real leaks, with consequential content (eg, DNC emails), with a more recent, contentless, non-story onto which threatened parties can impose a more convenient narrative.

And make the arrest a real heavy one, with all the paramilitary trimmings, as an implicit threat against any actual potential leakers.

P/KOctober 7, 2016 7:12 PM

With Martin not being a likely candidate for the earlier leaks, NSA really seems to have (had) a big problem securing itself against such insider threats. It also means there is or was at least one other leaker inside the agency.

Here's my full list of the earlier leaks that were not attributed to Snowden: http://electrospaces.blogspot.com/2015/12/leaked-documents-that-were-not.html

Most of the most serious leaks seem to come from a source that must be quite hostile to the US. Another set of documents may come from a more friendly source inside US military intelligence.

TedOctober 7, 2016 7:43 PM

@Cows in Space

Given details like these, he sounds like a typical scholar, collecting stuff that looks interesting and taking it home to study it later. Poor dude. Similar cases are probably a dime a dozen.

I would consider reading Bruce’s 2005 post on A.G. Tolkachev, the Russian electronics engineer (and spy) who photographed thousands of top-secret documents for the CIA by taking them home on lunch hour. His espionage was estimated to have saved the US more than $2 billion in weapons research and development.

Here’s a review of the book 'The Billion Dollar Spy’ from the New York Times.

Bedwetting KompromatOctober 8, 2016 1:55 PM

there are many leakers inside the US government

My guess is the government knows and lies about this when defending its ability to defend the Kompromat databases it collects.

Bruce SchneierOctober 9, 2016 12:02 PM

"Isn't using the word 'stole' in your post overly judgemental? One would need to know the motive to know whether this was theft or something else. I wouldn't call Snowden's actions theft, for example, because his was whistle blowing. By saying 'another' you also suggest Snowden was stealing rather than revealing criminality to journalists."

Maybe.

I guess I don't think of "stole" as judgmental. he took the stuff without permission -- that's stealing. I would have no problem describing what Snowden did as stealing, even though he stole the information in order to reveal illegal behavior on the part of the NSA.

ab praeceptisOctober 9, 2016 12:51 PM

Bruce Schneier

Somewhat funny but in the end irrelevant, that whole "stolen or not stolen" discussion.

You are right. Snowden took something which to take was clearly illegal. On the other hand what he took/stole was proof of illegal actions by his "victims" and, from what we learned, it seems credible that he *had* to steal it because legal ways ("talking to nsa's whisteblowing department") were either not available or just plain senseless.

I personally wouldn't call it "stealing" (but maybe more neutrally "taking away") but that's not the question anyway, here. Your blog isn't a lawyers blog and hence the side we should be interested in is the technical issues like nsa's security as well as what we learned from Snowden.

We should, in a way, act like pathologists. Maybe the dead body came here due to an innocent cardiac problem, maybe it came due to murder. Whatever, now it's on the table and our job isn't to play lawyer or hudge but to cut the body open and to examine it.

I would therefore suggest that we should refrain from "legal guilt" questions.

My InfoOctober 9, 2016 1:54 PM

"... whether he simply downloaded them ..."

You mean from a classified computer system to an unclassified computer system?
That is technically when the crime occurred. These people are trained how to handle this stuff, and willfully and intentionally breaking the rules amounts to willfully and intentionally leaking the information to the enemy.

Is it really that easy? Can they just walk out of the building with stacks of documents, CD-ROMs, and USB thumb drives? Just drive home from the NSA or other secured facility with a bulging briefcase?

"highly classified computer code developed by the agency to hack into the networks of foreign governments."

This partly explains the intersection of classified and unclassified computer systems, but not the documents, files, and so on found in the suspect's personal possession.

Even without intentional leaks, the claims of being able to use highly classified code to hack into unclassified and/or hostile computer systems without disclosing the code or methods are highly suspect.

Let's stay sober and lay off the Booz.

brown man's burdenOctober 9, 2016 3:33 PM

Strictly speaking Snowden acted out of necessity as a human rights defender: in defense of Article 19 freedom to seek and obtain information, of Article 17 freedom from privacy interference, and of Article 21 freedom of association. He acted without official permission to exercise our right to an effective remedy; to publicly protest against impunity for clandestine state crime; and to access and communicate with international bodies with general or special competence to receive and consider communications on matters of human rights and fundamental freedoms.

http://www.ohchr.org/Documents/Issues/Defenders/CommentarytoDeclarationondefendersJuly2011.pdf

Ab praeceptis' suggestion to avoid questions of legal guilt accords with treaty bodies' approach. These avoid 'quasi-judicial' proceedings to stress suasive development assistance and capacity-building, that is, getting the minimal standards of the civilized world through the thick skulls of military apes. The process is best compared to weaning a lost tribe of cannibals off cooking and eating their captives' dicks.

meta.x.gdbOctober 9, 2016 4:19 PM


The technically correct term is still stealing.

Whether you are stealing because you have a mental illness, or trying to blow the whistle on high crimes, or selling your secrets for ill-gotten gains, is an issue for the sentencing phase of the discussion.

Which is something that I wish people were more clear on. Like torture. If you torture a suspect to get information about a bomb that's about to go off like some Jack Bauer character, then you are guilty of torture and need to go on trial and if found guilty, convicted of torture. If you truly are a hero and saved a thousand innocent people with your actions, then perhaps you can be treated well during the sentencing, maybe even get a Presidential pardon. You don't get to go back and decide torture is not really a crime.

D.EOctober 9, 2016 5:22 PM

@meta.x.gdb

The state accused Snowden not of theft but of the political crime of espionage. Political crimes are the state's way of attacking human rights it's trying to suppress: espionage is the state's name for the right to information freedom; sedition is the state's name for the right of free expression; treason is the state's name for the right to solidarity. Snowden legally secured asylum in Russia because extradition is not justified for political crimes. Your torture example is correct, and torturers certainly must suck it up and tell it to the judge, but that's a special case. Torture is one of the gravest crimes in universal jurisdiction. Espionage is rightly suspect as a state's way of punishing a political enemy. So there's no reason for Snowden to sit in a non-independent US court under illegitimate municipal law. He is protected by the supreme law of the land and international law.

ab praeceptisOctober 9, 2016 5:23 PM

brown man's burden

Just to avoid misunderstandings: I certainly didn't want to tell Bruce Schneier what's right and what's wrong for his blog. I merely thought that there was already enough bad blood on both sides with the "he's a hero" vs "he's an evil thief and traitor" factions.

Whatever he may be and however each of us wants to perceive or judge what Snowden did - the results are here and they are smack in the middle of the scope of this blog and the interest of most of us here.

So I suggested - constructively - to limit ourselves (possibly with a little push from Bruce Schneier, or host) to the technical aspects and to those legal or political aspects that are within or next to our scope here.

(In kind anyone is interested: For me Snowden is somewhere in between a potential hero and a thief but my major interest is the security aspects)

CuriousOctober 10, 2016 12:50 PM

In the recent congress hearings, the FBI actually sat there and actually refused to agree that it was basically criminal to move secret documents from a secure location to a non secure location. So, I think in some respect, theft is perhaps not as clear an idea as Bruce want to make of it as a philosophical idea, if the FBI is going to take on a relativistic attitude to things as they seem to do.

Wesley ParishOctober 11, 2016 4:34 AM

FWVVLIW, I've been rereading Linebarger's Psychological Warfare. In it, pg 54, he makes a point, a criticism, and almost a complaint about overclassification of documents. The point he makes concerning temptation is once everything including the kitchen sink is classified, the people who have the authorization for these documents will be tempted to leak them to show just how high up in the pecking order they are.

He was writing about Washington DC c. 1941-45.

At this moment the US is not at war; it is engaged in a series of low-level conflicts rather like the British Indian Empire on the North-West Frontier, and the British Empire in Iraq in the 1920s, etc. It is also engaged in some rather futile great-power posturing, illustrating Jorge Lius Borges' trenchant criticism of Argentina and the UK in the war for the Falklands Islands/Islas Malvinas: "A couple of bald men fighting over a comb."

I suspect these "classified documents" could be declassified on the front page of the NY Times and no one would be the wiser, particularly not the Russians or the Chinese - maybe they'd be mildly bemused in the Philipines, or maybe even in Uganda or the Gambia or Equatorial Guinea, but the Russians and Chinese'd yawn themselves silly ...

Psychological Warfare, pg 54: (1) Classification should be kept to an absolute minimum. No information should be classified unless there are genuinely strong reasons for supposing that it would benefit the enemy.[...](2) [...] It is unsound procedure to give certain individuals a higher level of information than others, since the privileged individuals will be tempted to display their inside knowledge, and the underprivileged individuals will be goaded by unwholesome, resentful and acute curiosity.

ManningdelaOctober 11, 2016 9:33 AM

Exactly. In the US the government classifies information not to keep it from the enemy but to keep it from their subject population.

My InfoOctober 12, 2016 9:17 AM

@Manningdela

In the US the government classifies information not to keep it from the enemy but to keep it from their subject population.

I agree with this to a certain extent. Certainly if an enemy nation-state wants access to certain information it is impossible to keep it away from them without keeping it away from the "subject population."

However, there are certain lower levels of classification such as "FOUO" or "Confidential" or the like for information that cannot reasonably be claimed to cause grave harm to the security or interests of the U.S. if released. These classifications are nevertheless (over-)used to avoid embarrassing public officials. In effect, this is like saying, "We know our enemies will obtain access to this information in any case, but we just don't want our voting constituents to have it, because then we'd be embarrassed and/or voted out of office."

Then there is other information (that pertains more to individuals rather than national security) which is not "classified" but supposedly protected by other federal laws such as HIPAA, banking privacy, etc. http://ojp.gov/ovc/pubs/ID_theft/idtheftlaws.html These laws are by and large toothless and unenforced against the current organized crime regime.

As far as privacy from the federal government goes, before I'd worry about the NSA, I'd go after lower-hanging fruit such as employees of the Social Security Administration, U.S. Postal Service, Internal Revenue Service, and so on who might be tempted to sell or disclose our private or personal information for profit, just like ISPs and internet advertising networks do.

And if you're on this forum, you bet your local cops are reading over your shoulder everything you do on your computer.

rOctober 16, 2016 10:53 AM

I get the funny feeling this guy was maybe one of THE developers behind the source that was leaked, if that's true I do sympathize with him wanting to take HIS work home or having 'proof of work' whether it would be legal or not.

But, OPM kind've opens a whole can of worms on how information might've left some home-brewers possession without the feds being able to figure it out.

And that's far fetched.

If those exploits were early developmental versions, like something he built in his off-time to feed his obsession it may explain the bugginess.

Source code is easy to watermark, it's called versioning.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.