On Monday June 18th, 2018 the Department of Justice charged former CIA engineer Joshua Schulte with stealing classified documents. Among the 13-count indictment Schulte faces 9 counts of theft of classified national defense information, 3 counts of receipt, possession, and transportation of child pornography and one count of criminal copyright infringement. Investigators allege finding one classified document on his personal computer. Investigators allegedly discovered over 10,000 images of child pornography on Schulte’s personal computer,.

Schulte has been detained for several months on child pornography charges, with the theft of classified information charges coming in the most recent indictment. Schulte faces up to 135 years in federal prison.

In 2016, Schulte was employed by the CIA, during this time he allegedly stole classified information from the computer network at the CIA and transmitted the information to Organization-1.  Organization-1 has not been formally confirmed as the organization WikiLeaks although several news outlets identified the organization as such.

During his time at the CIA Schulte reportedly altered a U.S. Intelligence Agency computer system between March and June of 2016, allowing him access and enabling him to deny access to other individuals. He also was able to delete records of his activities within the system.

In March of 2017, Wikileaks began publishing information about the various CIA hacking tools. The information that was shared contained documents regarding hacking tools used by intrusion teams at the CIA to conduct surveillance of foreign assets.

The U.S. government has not publicly acknowledged the leak from the CIA’s Center for Cyber Intelligence. I May of 2017, WikiLeaks has released the full 8,000-plus page disclosure on the hacking capabilities of the CIA, they said it was “the largest ever publication of confidential documents on the agency.”

Schulte is the fourth individual charged with leaking classified information during the Trump Administration.

In June of 2017 a former National Security Agency (NSA) contractor, Reality Winner was arrested for leaking classified information. The information that she leaked was an NSA document detailed how Russian hackers targeted U.S. voting software supplier during the 2016 election. Reality sent the document to the news site Intercept that detailed an NSA report showing how Russian hackers had target over 120 election officials in the days leading up to November 2016 election.

Winner’s reported motive was political, expressing anger that the organization’s TVs were set to Fox News when she had requested Al Jazeera. She also believed that the information that was in the report was known to the public. Reality had used social media to express multiple negative views regarding President Trump, promoting the distribution of classified information and expressing support for United States opponents, including the Iranian government. Winner was also a follower on twitter of both Edward Snowden, and WikiLeaks.

WikiLeaks is an organization that facilitates the anonymous leaking of classified information from governments around the world. It was founded in 2006 by Julian Assange, computer programmer and hacker.  WikiLeaks has published thousands of classified documents from the United States government and was the primary publisher of data stolen by former CIA and NSA contractor Edward Snowden.

Snowden, a former CIA employee and ex-contractor for the National Security Agency (NSA) leaked over 1.5 million classified NSA documents. Snowden resides in Moscow after being granted asylum by Russia in 2013. If brought back to the United States he faces over a 900-year prison sentence.

In March 2018 Terry Albury, an FBI agent in the Minneapolis field office was charged with leaking classified information to the Intercept, as well keeping classified information within his home. Albury sent documents about an unidentified middle east country. Albury’s motive was reportedly related to his position as the only African-American FBI field agent in Minnesota, and to publish what he considered systematic biases within the FBI.

Earlier this month Senate Intelligence Committee security director James Wolfe was indicted on three charges of lying to the FBI during the investigation into unauthorized disclosures of classified information. He allegedly passed classified information on to three different reporters. One has been identified as Ali Watkins from the New York Times.  Wolfe reportedly passed information to Watkins during a three-year romantic relationship.

All of the individuals that have leaked information have been insider threats., which remains a major security concern for U.S. agencies. A study conducted by the Secret Service and Carnegie Mellon found that 60 percent of individuals were aware of technical security measures on the computers, and 57 percent used computers to hide or delete the records of their behavior.

The government needs to work harder at spotting potential insider threats before they can do damage to the national security of the United States. Possible insider threats characteristics that employers should be on the lookout for include: financial need, vulnerability to blackmail, reduced loyalty to the United States, lack of empathy, and intolerance of criticism.

Insider threats are a concern that the government and U.S. defense and intelligence contracting firms need to take seriously. This requires a return to the basic of counterintelligence, with an emphasis on identifying disgruntled employees, and employees susceptible to blackmail.  One simple thing that can be instituted is monitoring of credit reports for employees. This will help provide early warning to identify employees at risk of blackmail or selling classified information. The intelligence community does not necessarily require extreme measures to identify insider threats, but must return to basics to be successful.

 

Please Share: