NSA contractor arrest highlights challenge of insider threat

WASHINGTON (AP) — The arrest of a former National Security Agency contractor accused of stealing classified information represents the second known case since 2013 of a government contractor being publicly accused of removing secret data from the intelligence agency.

The latest case comes as the NSA has worked to reform security after the Edward Snowden disclosures, especially in regard to insider threats.

Harold Thomas Martin III, 51, of Glen Burnie, Maryland, was arrested by the FBI in August, after federal prosecutors say he illegally removed highly classified information and stored the material in his home and car. A defense attorney said Martin did not intend to betray his country.

The arrest was not made public until Wednesday, when the Justice Department unsealed a criminal complaint that accused Martin of having been in possession of top-secret information that could cause “exceptionally grave danger” to national security if disclosed.

It’s not yet clear when the documents were removed. But the fact that Snowden and Martin — both working for Booz Allen Hamilton as contractors for NSA — were accused of leaving the NSA with highly classified documents raises questions about the effectiveness and adequacy of the intelligence agency’s internal security controls. The NSA, which put security upgrades into place following the Snowden disclosures, has declined to comment.

“One key thing we don’t have visibility into now is how he was caught, because that would provide some insight into whether the reforms that were put in post-Snowden were effective or not, or their relative efficacy,” said Rajesh De, who was the NSA’s general counsel when the Snowden story broke. Snowden’s 2013 theft of documents that were leaked to journalists revealed the NSA’s bulk collection of millions of Americans’ phone records.

Rep. Adam Schiff of California, the senior Democrat on the House Permanent Select Committee on Intelligence, said in a statement that “it is painfully clear that the intelligence community still has much to do to institutionalize reforms designed to protect (U.S. government secrets) from insider threats.”

White House spokesman Josh Earnest said the federal government has made important changes since Snowden’s disclosures. He said the government has reduced the number of people who need security clearances by 17 percent and has enhanced the quality of background checks. And as more information about another contractor accused of removing secret data is learned, the Obama administration won’t hesitate to enact additional reforms

Martin’s arrest appears to illustrate the difficulty of guarding against an insider threat given that employees, by virtue of their clearance level and jobs, must be entrusted with the nation’s secrets.

It’s unlikely, given the thousands of people in the intelligence community, “you’re going to be able to stop every incident of somebody taking documents if they’re determined to do so. But the real question is how quickly can you detect it, how quickly can you mitigate the harm of any such incident,” De said.

Adm. Mike Rogers, who heads the NSA, has repeatedly spoken since 2013 about efforts the agency has taken to ensure that such a thing doesn’t happen again. He has said the agency tried to strike a balance so as to not overly upset workers who are law-abiding citizens with aggressive internal security mechanisms.

Among the classified documents found with Martin, the FBI said, were six that contain sensitive intelligence — meaning they were produced through sensitive government sources or methods that are critical to national security — and date back to 2014. All the documents were clearly marked as classified information, according to an FBI affidavit.

The complaint does not specify which documents Martin is alleged to have taken. He was arrested around the same time U.S. officials acknowledged an investigation into a cyber leak of purported hacking tools used by the NSA. That toolkit consists of malicious software intended to tamper with firewalls, the electronic defenses protecting computer networks. Those documents were leaked by a group calling itself the “Shadow Brokers.” The complaint does not reference that group or allege a link to Martin.

The New York Times first reported the arrest of a NSA contractor who worked for Booz Allen Hamilton. Booz Allen said in a statement that after learning of the arrest of one of its employees, it contacted law enforcement authorities to offer its cooperation and fired the worker.

At Martin’s home, investigators found stolen property valued at “well in excess of $1,000,” the complaint said.

“Martin at first denied, and later when confronted with specific documents, admitted he took documents and digital files from his work assignment to his residence and vehicle that he knew were classified,” the affidavit says. “Martin stated that he knew what he had done was wrong and that he should not have done it because he knew it was unauthorized.”

He has been in custody since his arrest in August. The complaint charges him with unauthorized removal and retention of classified materials and theft of government property.

“There is no evidence that Hal Martin intended to betray his country,” his public defenders, James Wyda and Deborah Boardman, said in a statement. “What we do know is that Hal Martin loves his family and his country. He served honorably as a lieutenant in the United States Navy, and he has devoted his entire career to serving his country. We look forward to defending Hal Martin in court.”

Dinah Winnick, director of communications at the University of Maryland, Baltimore County, confirmed that Martin is a student in the university’s information systems graduate program. The university has a partnership with the NSA, which gives students prospects for jobs, training and scholarship support. Martin enlisted in the U.S. Navy in 1987 and left the service in 2000, the Navy said.

In 2013, journalists relying on classified documents taken by Snowden revealed the NSA’s bulk collection phone records and spurred a national debate on privacy and national security.

Rogers has said that since those revelations, he’s repeatedly reminded the workforce of their agreement to never divulge the sensitive information they’ve been given access to. In prior comments, Rogers has said security isn’t just about technical and insider threat preparation, but also about ensuring professional behavior.

“At times, I have some people telling me, `Hey, what this should show you is you can’t trust contractors,’ ” said Rogers, in a speech at Stanford University in 2014, noting that some of the biggest compromises of information came from direct U.S. employees. “This idea that you can’t trust contractors, I just don’t think I’m concerned about the long-term implications of that.”

(Copyright (c) 2016 The Associated Press. All Rights Reserved. This material may not be published, broadcast, rewritten, or redistributed.)


blog comments powered by Disqus