Incident & Breach Response , Managed Detection & Response (MDR) , Security Operations
Ex-NSA Contractor Harold Martin Hit With 9-Year SentencePleaded Guilty to Stealing Files From NSA, CIA, US Cyber Command
The curious case of Harold Thomas Martin III appears to have come to a close, although some questions pertaining to the case remain unanswered, at least in public.
Martin, 54, is a former government contractor who pleaded guilty to stealing classified and secret material from the U.S. National Security Agency, the CIA, the U.S. Cyber Command and other defense agencies.
See Also: Live Webinar | Breaking Down Security Challenges so Your Day Doesn’t Start at 3pm
On Friday, the Navy veteran was sentenced to serve nine years in prison by U.S. District Judge Richard D. Bennett, according to the U.S. Justice Department.
"Harold Martin was entrusted with some of the nation's most sensitive information," says Assistant Attorney General for National Security John C. Demers. "Instead of respecting the trust given to him by the American people, Martin violated that trust and put our nation's security at risk. This sentence will hold Martin accountable for his dangerous and unlawful actions."
Over the course of 20 years, Martin worked as a contractor for seven government agencies and held several top secret clearances that gave him access to classified material that not only included physical documents, but also computer files and data, the Justice Department said.
Starting in the late 1990s and continuing to Aug. 31, 2016, when the FBI raided his home, Martin took data and material marked secret and kept these documents and files in his home and sometimes in his car, according to federal authorities. The investigation of Martin was led by the Justice Department, together with the FBI's counterintelligence unit and the U.S. Attorney's Office for the Northern District of Maryland.
Prosecutors say that at the time of his arrest, Martin was working for Booz Allen Hamilton and also completing a Ph.D. at the University of Maryland (see: Former US Contractor Indicted in Theft of Classified Material).
In 2017, a federal grand jury indicted Martin on 20 counts of theft of classified material.
Four months ago, Martin pleaded guilty to federal charges of willful retention of national defense information.
On Friday, he received a nine-year sentence, to be followed by three years of parole.
Breach of Trust
While the government has released some facts about the charges against Martin and the sentence against him, many other details of the case either remain unknown or restricted information. For example, the FBI has never publicly stated why the former contractor took home classified and secret material or if he shared it with anyone.
The material that Martin took home varied widely. From the NSA, for example, he took one document containing material about foreign cyber issues as well as a list of targets. Other NSA documents he took included emails, status updates and a user's guide for an "intelligence-gathering tool," according to the 2017 indictment against him.
Prosecutors say Martin also stole similar material from the CIA, U.S. Cyber Command and the U.S. National Reconnaissance Office.
The case against Martin began several years after federal prosecutors and the U.S. intelligence community had begun dealing with the fallout from former NSA contractor Edward Snowden's 2013 leaks. Information that was eventually published included tens of thousands of documents that demonstrated how U.S. citizens and foreigners were regularly monitored as part of mass surveillance dragnets (see: How Did Snowden Breach NSA Systems?).
In March 2017, WikiLeaks also published a host of CIA material as part of what it dubbed the "Vault7" leaks. Leaked information included hacking tools and malware used by the agency (see: WikiLeaks Dumps Alleged CIA Malware and Hacking Trove).
Officials have not tied Martin to Snowden or WikiLeaks.
No Shadow Brokers Connection Highlighted
Some analysts have speculated that Martin may have passed stolen NSA and CIA material to the Shadow Brokers, a mysterious group tied to a leak of tools from the "Equation Group," which the U.S. government has confirmed was the National Security Agency (see: Canceled: Crowdfunding to Pay Shadow Brokers for Exploits).
One of these NSA-developed exploits, called EternalBlue, was used by the developers of WannaCry to make the ransomware wormable and more rapidly spread. That was despite the NSA having given Microsoft a heads-up on the flaw in Windows SMB_v1, in advance of EternalBlue being leaked, based on a list of tools Shadow Brokers said they were planning to release. Microsoft rushed out security updates, but by the time WannaCry hit, many systems remained unpatched (see: After 2 Years, WannaCry Remains a Threat).
Prosecutors have never tied Martin's case to the Shadow Brokers - at least in public - and other theories might also explain how the group obtained information on the NSA's attack tools (see: Spy Whose Files Were Plucked by Kaspersky Pleads Guilty).
Martin apparently retained the material he took at his home. One of his attorneys tells the New York Times that Martin kept the material for study purposes to get better at his job.
Federal prosecutors say they want Martin's case to serve as a cautionary lesson for others. "For nearly 20 years, Harold Martin betrayed the trust placed in him by stealing and retaining a vast quantity of highly classified national defense information entrusted to him," says U.S. Attorney Robert K. Hur. "This sentence, which is one of the longest ever imposed in this type of case, should serve as a warning that we will find and prosecute government employees and contractors who flagrantly violate their duty to protect classified materials."
Executive Editor Mathew Schwartz contributed to this report.