Mediaboss Marketing

The National Security Agency contractor who federal authorities say took top secret information from the NSA is being described as "more weirdo than whistleblower," senior officials told ABC News.

Harold Martin, 51, was arrested in late August in what neighbors described as a dramatic FBI raid, but it was not until Wednesday that his curious case was revealed in a criminal complaint. In court documents, the FBI says Martin took home physical documents and information stored on digital devices, some of which was sensitive compartmented information (SCI), the highest level of classification.

It was information that the FBI said, if made public, would "reasonably be expected to to cause exceptionally grave damage to the national security of the United States." In all, the Department of Justice said investigators seized "thousands of pages of documents and dozens of computer or other digital storage devices and media" that held "many terabytes of information."

Although Martin worked at Booz Allen Hamilton, the same contractor for whom Edward Snowden worked, and was apparently able to slip through the NSA's security with highly sensitive information, as Snowden did in 2013, officials said overnight that that appears to be where the similarities between the two end.

It is unclear why Martin, a Navy veteran, allegedly removed so much sensitive information from his workplace and allegedly stored it in his home, nearby woodsheds or his vehicle, but he has not been charged with espionage indicating to some former officials that this case may not be as serious as Snowden's. The Department of Justice said Tuesday that if convicted, Martin could face up to 11 years in prison one year for unauthorized removal of classified material and 10 years for theft of government property. Snowden, however, could face a far harsher prison sentence, should he return to the U.S. from Moscow; the U.S. government has said the death penalty will not be sought.

"It's not a repeat of Snowden, but it is another insider," Chris Inglis, a former NSA deputy director, told ABC News Wednesday. "It could be quite harmful, but [so far] it's not as malicious or nefarious."

Jim Wyda, a public defender assigned to Martin, said there is "no evidence Hal Martin intended to betray his country."

"What we do know is that Hal Martin loves his family and his country. He served our nation honorably in the United States Navy, and he has devoted his entire career to serving and protecting America. We look forward to defending Hal Martin in court," Wyda said.

Regardless of Martin's intentions, the incident is another embarrassment for the NSA, coming three years after Snowden made off with a cache of data that exposed dozens of NSA surveillance programs. It is unclear whether Martin purportedly absconded with his data before or after post-Snowden security reforms were put in place.

"When you download this kind of top secret information off the NSA network into your own computer or into a thumb drive, alarms should go off. Apparently they didn't," said former White House cybersecurity adviser and current ABC News consultant Richard Clarke.

Martin's former employer, Booz Allen, released a statement Wednesday saying the company fired one of its employees, without identifying Martin, after learning of his arrest and that the firm continues to work with law enforcement.

The federal complaint complaint says Martin was interviewed by federal agents in late August and, when "confronted with specific documents, admitted he took documents and digital files from his work assignment to his residence and vehicle that he knew were classified." He allegedly said he knew what he had done was wrong.

Go here to see the original:
NSA Contractor Who Allegedly Stole Top Secret Info 'More ...

The National Security Agency (NSA) headquarters in Fort Meade, Maryland. Handout / Getty Images

A federal criminal complaint unsealed Wednesday said a search of Martin's home and car turned up a trove of documents and digital files a "large percentage" of them with highly classified information, some labeled Top Secret of Sensitive Compartmented Information.

"We take that type of conduct very seriously," Assistant Attorney General John Carlin said at the CNBC Cambridge Cyber Summit, declining to discuss any motive for the theft.

"When you are a government employee you swear an oath to protect the information, knowing the damage revealing sources and methods can do to our ability to protect ourselves against foreign threats."

The criminal complaint said that among the classified material found in Martin's home and car, six documents were obtained from sensitive intelligence and appear to date to 2014 six months after the NSA was rocked by Snowden's leaks.

"These documents were produced through sensitive government sources, methods and capabilities, which are critical to a wide variety of national security issues," the complaint said. "The disclosure of the documents would reveal those sensitive sources, methods and capabilities."

Martin submitted to an interview after the materials were seized at first denying he took the documents and files and later admitting it when confronted with specific documents, the complaint said.

"Martin states that he knew what he had done was wrong and that he should not have done it because he knew it was unauthorized," the complaint said.

Martin's attorneys, Jim Wyda and Deborah Boardman, said in a statement that there is no evidence their client is a traitor.

"What we do know is that Hal Martin loves his family and his country. He served his nation honorably in the U.S. Navy as a lieutenant and he has devoted his entire career to protecting his country," they said.

A neighbor of Martin said he was shocked when teams of law-enforcement officials in camouflage and wielding rifles descended on the working-class Baltimore suburb in August and hauled away garbage bags full of material.

"I thought World War III had started," the neighbor, Murray Bennett, said.

He said Martin, who is divorced, had lived next door for more than a decade. He drove an old Chevy and "was a decent sort or seemed like it."

"We would pass out Halloween candy together," Bennett said. "Now Halloween is coming out and I guess I won't have anyone to hand out candy with."

The U.S. Navy confirmed that Martin served from 1987 to 2000, achieving the rank of lieutenant. Booz Allen did not say how long Martin had worked there but said he was fired after the arrest and that it is cooperating with authorities.

Martin was arrested for Driving Under the Influence in Maryland in 2006. He was put on probation and ordered to pay a fine.

He and his wife divorced in 2010, according to court records. She now lives out of state.

The complaint did not spell out how investigators came to suspect Martin. After the Snowden affair, the NSA installed a host of new tools designed to monitor employee behavior on its networks, but it's unclear if those played a role in this case.

At the Cyber Summit, Carlin declined to say how long investigators believe the theft had been going on.

"I don't think we can ever be satisfied with [our security measures]," he said. "We need to learn from each experience about how we can best protect [our systems]."

One former senior U.S. cybersecurity officials said he had heard talk of an urgent investigation into the theft of NSA documents.

"We'd heard for weeks that there was another insider at the NSA, a Snowden-like character,'' said the former official, who spoke on the condition of anonymity because of his ongoing security contracting work.

"I don't think anyone has any idea yet how much damage has been done. They will do a complete evaluation of what he had access to," said the former official.

Original post:
NSA Contractor Harold Martin Busted in Alleged Theft of ...

WASHINGTON A House intelligence committee report issued Thursday condemned Edward Snowden, saying the National Security Agency leaker is not a whistleblower and that the vast majority of the documents he stole were defense secrets that had nothing to do with privacy.

The Republican-led committee released a three-page unclassified summary of its two-year bipartisan examination of howSnowdenwas able to remove more than 1.5 million classified documents from secure NSA networks, what the documents contained and the damage their removal caused to U.S. national security.

Snowdenwas an NSA contract employee when he took the documents and leaked them to journalists who revealed massive domestic surveillance programs begun in the aftermath of the 9/11 attacks. The programs collected the telephone metadata records of millions of Americans and examined emails from overseas.Snowdenfled to Hong Kong, then Russia, to avoid prosecution and now wants a presidential pardon as a whistleblower.

Rep. Devin Nunes, R-Calif., chairman of the committee, saidSnowdenbetrayed his colleagues and his country.

"He put our service members and the American people at risk after perceived slights by his superiors," Nunes said in a statement. "In light of his long list of exaggerations and outright fabrications detailed in this report, no one should take him at his word. I look forward to his eventual return to the United States, where he will face justice for his damaging crimes."

Snowdeninsists he has not shared the full cache of 1.5 million classified documents with anyone. However, the report notes that in June, the deputy chairman of the Russian parliament's defense and security committee publicly conceded that "Snowdendid share intelligence" with his government.

Ben Wizner,Snowden'sattorney at the American Civil Liberties Union, blasted the report, saying it was an attempt to discredit a "genuine American hero."

"After years of investigation, the committee still can't point to any remotely credible evidence that Snowden'sdisclosures caused harm," Wizner said. "In a more candid moment, the NSA's former deputy director, who was directly involved in the government's investigation, explicitly said he didn't believe Snowdenhad cooperated with either China or Russia."

Snowden'srevelations about the agency's bulk collection of millions of Americans' phone records set off a fierce debate that pit civil libertarians concerned about privacy against more hawkish lawmakers fearful about losing tools to combat terrorism. Democrats and libertarian-leaning Republicans pushed through a reauthorization of the USA Patriot Act last year that ended the program.

There was little evidence that the phone records or other surveillance programsSnowdenrevealed ever thwarted an attack.

Snowdenis seeking a presidential pardon because he says he helped his country by revealing secret domestic surveillance programs. Separately, all members of the committee sent a bipartisan letter to President Barack Obama urging him not to pardonSnowden.

"The vast majority of what he took has nothing to do with American privacy," said Rep. Adam Schiff of California, the ranking Democrat on the House intelligence committee.

"The majority of what he took has to do with military secrets and defense secrets," Schiff said in an interview Thursday for C-SPAN's "Newsmakers." ''I think that's very much at odds with the narrative that he wants to tell that he is a whistleblower."

The Obama administration has urgedSnowdento return to the U.S. and face trial. Justice Department spokesman Marc Raimondi has said "there is no question his actions have inflicted serious harms on our national security."

The committee report says that he was a "disgruntled employee who had frequent conflicts with his managers."

Publicly revealing classified information does not qualify someone as a whistleblower, the report said. The committee "found no evidence thatSnowdentook any official effort to express concerns about U.S. intelligence activities to any oversight officials within the U.S. government, despite numerous avenues for him to do so."

According to the committee,Snowdenbegan mass downloads of classified material two weeks after he was reprimanded for engaging in a spat with NSA managers. The committee also describedSnowdenas a "serial exaggerator and fabricator."

"A close review ofSnowden'sofficial employment records and submissions reveals a pattern of intentional lying," the report said. "He claimed to have left Army basic training because of broken legs when in fact he washed out because of shin splints. He claimed to have obtained a high school degree equivalent when in fact he never did. "

The report saidSnowdenclaimed to have worked for the CIA as a senior adviser, when he was a computer technician.

"He also doctored his performance evaluations and obtained new positions at NSA by exaggerating his resume and stealing the answers to an employment test," the report said.

Speaking by video link from Moscow,Snowdensaid Wednesday that whistleblowing "is democracy's safeguard of last resort, the one on which we rely when all other checks and balances have failed and the public has no idea what's going on behind closed doors."

The 33-year-old addressed a New York City news conference where advocates from the American Civil Liberties Union, Human Rights Watch and Amnesty International announced an online petition drive to urge Obama to pardonSnowdenbefore he leaves office. The supporters calledSnowdena hero for exposing the extent of government surveillance by giving thousands of classified documents to journalists.

The report was released one day ahead of Friday's opening of director Oliver Stone's film "Snowden."

Read the original post:
Congressional report slams NSA leaker Edward Snowden

Edward Snowden exaggerated his resume, stole test answers and failed training on U.S. surveillance law before he copied an estimated 1.5 million classified documents from the National Security Agency, according to a summary of a House Intelligence Committee report released Thursday.

The committee unanimously adopted the investigative report a day before Oliver Stones Snowden premieres in movie theaters. The film apparently portrays the former NSA contractor as a heroic whistle-blower.

Civil liberties advocates have launched a national publicity campaign calling on President Obama to pardon Snowden, who has been accused of espionage, before he leaves office.

Committee members sent a bipartisan letter to Obama urging him not to pardon Snowden.

The House report provides new details about Snowdens background, and calls into question his self-declared motivations and his work at the NSA before he fled to China and then Russia, where he now lives.

It describes him as a serial exaggerator and fabricator.

Contrary to Snowdens self-portrayal as a principled whistle-blower, the committee said in a statement, he was a disgruntled employee who had frequent conflicts with his managers and was reprimanded shortly before he began downloading the trove of NSA documents.

Release of the digital documents to media groups in 2013 did severe damage to U.S. national security, compromising the intelligence communitys anti-terror efforts and endangering the security of the American people as well as active-duty U.S. troops, the committee said.

The release also led to a public debate about U.S. intelligence powers, and new restrictionson how far the NSA can go in surveillance of U.S. citizens.

Committee members said their two-year investigation found most of the files Snowden took had no civil liberties concerns, but instead revealed spying programs against adversaries and allied governments.

Edward Snowden is no hero hes a traitor who willfully betrayed his colleagues and his country, Rep. Devin Nunes (R-Tulare), the committee chairman, said in a statement.In light of his long list of exaggerations and outright fabrications detailed in this report, no one should take him at his word.

Rep. Adam Schiff (D-Burbank), ranking member of the committee, said the investigation found that Snowdens claims that he acted to defend Americans privacy were self serving and false and that he did profound damage to national security.

While those disclosures did spark a useful public debate, the collateral damage has been extraordinary, Schiff said.

Snowden disputed how he was characterized by the committee, writing on Twitter that "Congress spent two years writing a report to discourage you from going to see" Stone's film.

"Their report is so artlessly distorted that it would be amusing if it weren't such a serious act of bad faith," Snowden wrote.

The 36-page investigative report remains classified, but a three-page summary released by the committee shows that Snowden failed an internal training for NSA employees on Section 702 of surveillance law, which targets foreign Internet traffic.

Part of that training, lawmakers concluded, included privacy provisions in place to protect the rights of U.S. citizens from data collected inadvertently while the NSA vacuumed up online data.

After reviewing Snowden's employment records, the panel found he had engaged in what the summary called a "pattern of intentional lying.

Snowden "obtained new positions at NSA by exaggerating his resume and stealing the answers to an employment test," the summary states.

He claimed to have left [Army] basic training because of broken legs when in fact he washed out because of shin splints, it says. He claimed to have obtained a high school degree equivalent when in fact he never did. He claimed to have worked for the CIA as a senior advisor, which was a gross exaggeration of his entry-level duties as a computer technician. He also doctored his performance evaluations and obtained new positions at NSA by exaggerating his resume and stealing the answers to an employment test.

Snowden has lived openly as a fugitive in Russia since June2013, frequently giving interviews and appearing at conferences via video hookups.

Intelligence officials have said that material he leaked helped Russia and China protect themselves from U.S. surveillance, and taught terrorist groups such as Islamic State to better hide their tracks.

The House report is based on hundreds of secret documents and dozens of briefings with intelligence officials.

The committee concluded that Snowden is not a whistle-blower because he did not try to raise his civil liberties concerns through official channels or with Congress, andmost of the data he stole from NSA computers was not related to privacy concerns.

The report does not outline specific damage to national security but lawmakers said the disclosures exacerbated and accelerated existing trends in the use of encrypted messages by adversaries and terrorist groups.

Lawmakers also expressed concern that intelligence officials have not done enough to prevent future thefts.The Department of Defense has reviewed all 1.5 million documents Snowden removed, but the intelligence community has not conducted such a comprehensivereview.

The government has spent hundreds of millions of dollars and will eventually spend billions to mitigate the damagecaused by the leaks, the committee concluded.

The American Civil Liberties Union, Amnesty International, Human Rights Watch and other organizations have urged Obama to pardon Snowden.

The rest is here:
With 'Snowden' set to open, House panel calls former NSA ...

The Office of Tailored Access Operations (TAO) is a cyber-warfare intelligence-gathering unit of the National Security Agency (NSA). It has been active since at least circa 1998.[1][2] TAO identifies, monitors, infiltrates, and gathers intelligence on computer systems being used by entities foreign to the United States.[3][4][5][6] The NSA terms these activities "computer network exploitation".

TAO is reportedly "now the largest and arguably the most important component of the NSA's huge Signals Intelligence Directorate (SID)[7] (SIGINT), consisting of more than 1,000 military and civilian computer hackers, intelligence analysts, targeting specialists, computer hardware and software designers, and electrical engineers."[1]

A document leaked by former NSA contractor Edward Snowden describing the unit's work says[not in citation given] TAO has software templates allowing it to break into commonly used hardware, including routers, switches, and firewalls from multiple product vendor lines".[8] According to The Washington Post, TAO engineers prefer to tap networks rather than isolated computers, because there are typically many devices on a single network.[8]

TAO's headquarters are termed the Remote Operations Center (ROC) and are based at the NSA headquarters at Fort Meade, Maryland. TAO also has expanded to NSA Hawaii (Wahiawa, Oahu), NSA Georgia (Fort Gordon, Georgia), NSA Texas (San Antonio, Texas), and NSA Colorado (Buckley Air Force Base, Denver).[1]

Since 2013, the head of TAO is Rob Joyce, a 25-plus year employee who previously worked in the NSA's Information Assurance Directorate (IAD). In January 2016, Joyce had a rare public appearance when he gave a presentation at the Usenixs Enigma conference. [9]

In the Remote Operations Center, 600 employees gather information from around the world.[10][11] Their motto is "Your data is our data, your equipment is our equipment - anytime, any place, by any legal means."

Details[citation needed] on a program titled QUANTUMSQUIRREL indicate NSA ability to masquerade as any routable IPv4 or IPv6 host. This enables an NSA computer to generate false geological location and personal identification credentials when accessing the Internet utilizing QUANTUMSQUIRREL.[15]

The NSA ANT catalog is a 50-page classified document listing technology available to the United States National Security Agency (NSA) Tailored Access Operations (TAO) by the Advanced Network Technology (ANT) Division to aid in cyber surveillance. Most devices are described as already operational and available to US nationals and members of the Five Eyes alliance. According to Der Spiegel, which released the catalog to the public on December 30, 2013, "The list reads like a mail-order catalog, one from which other NSA employees can order technologies from the ANT division for tapping their targets' data." The document was created in 2008.[16] Security researcher Jacob Appelbaum gave a speech at the Chaos Communications Congress in Hamburg, Germany, in which he detailed techniques that the simultaneously published Der Spiegel article he coauthored disclosed from the catalog.[16]

The TAO has developed an attack suite they call QUANTUM. It relies on a compromised router that duplicates internet traffic, typically HTTP requests, so that they go both to the intended target and to an NSA site (indirectly). The NSA site runs FOXACID software which sends back exploits that load in the background in the target web browser before the intended destination has had a chance to respond (it's unclear if the compromised router facilitates this race on the return trip). Prior to the development of this technology, FOXACID software made spear-phishing attacks the NSA referred to as spam. If the browser is exploitable, further permanent "implants" (rootkits etc.) are deployed in the target computer, e.g. OLYMPUSFIRE for Windows, which give complete remote access to the infected machine.[17] This type of attack is part of the man-in-the-middle attack family, though more specifically it is called man-on-the-side attack. It is difficult to pull off without controlling some of the Internet backbone.[18]

There are numerous services that FOXACID can exploit this way. The names of some FOXACID modules are given below:[19]

By collaboration with the British Government Communications Headquarters (GCHQ) (MUSCULAR), Google services could be attacked too, including Gmail.[20]

Finding machines that are exploitable and worth attacking is done using analytic databases such as XKeyscore.[21] A specific method of finding vulnerable machines is interception of Windows Error Reporting traffic, which is logged into XKeyscore.[22]

QUANTUM attacks launched from NSA sites can be too slow for some combinations of targets and services as they essentially try to exploit a race condition, i.e. the NSA server is trying to beat the legitimate server with its response.[23] As of mid-2011, the NSA was prototyping a capability codenamed QFIRE, which involved embedding their exploit-dispensing servers in virtual machines (running on VMware ESX) hosted closer to the target, in the so-called Special Collection Sites (SCS) network worldwide. The goal of QFIRE was to lower the latency of the spoofed response, thus increasing the probability of success.[24][25][26]

COMMENDEER [sic] is used to commandeer (i.e. compromise) untargeted computer systems. The software is used as a part of QUANTUMNATION, which also includes the software vulnerability scanner VALIDATOR. The tool was first described at the 2014 Chaos Communication Congress by Jacob Appelbaum, who characterized it as tyrannical.[27][28][29]

QUANTUMCOOKIE is a more complex form of attack which can be used against Tor users.[30]

According to a 2013 article in Foreign Policy, "TAO has become increasingly accomplished at its mission, thanks in part to the high-level cooperation it secretly receives from the 'big three' American telecom companies (AT&T, Verizon and Sprint), most of the large US-based Internet service providers, and many of the top computer security software manufactures and consulting companies."[36] A 2012 TAO budget document claims that these companies, on TAO's behest, "insert vulnerabilities into commercial encryption systems, IT systems, networks and endpoint communications devices used by targets".[36] A number of US companies, including Cisco and Dell, have subsequently made public statements denying that they insert such back doors into their products.[37]Microsoft provides advance warning to the NSA of vulnerabilities it knows about, before fixes or information about these vulnerabilities is available to the public; this enables TAO to execute so-called zero-day attacks.[38] A Microsoft official who declined to be identified in the press confirmed that this is indeed the case, but said that Microsoft can't be held responsible for how the NSA uses this advance information.[39]

Link:
Tailored Access Operations - Wikipedia, the free encyclopedia