NSA contractor thought to have stolen classified material the old-fashioned way: on paper
Harold T. Martin III is accused of stealing mounds of classified information from the government for at least a decade, and investigators also believe some of the information was taken the old-fashioned way - by walking out of the workplace with printed-out papers he had hidden, according to US officials.
The case against Martin, which was unsealed last week, raises new questions about whether the National Security Agency and other agencies are doing enough to detect and prevent their sensitive data from leaving the secure confines of government offices.
While investigators believe much of Martin’s material was removed before stringent controls were imposed in the wake of 2013 disclosures linked to former NSA contractor Edward Snowden, some feel the system still failed.
When investigators searched Martin’s home, they seized several terabytes of data, which Martin stored on dozens of computers and other devices, and thousands of pages of documents, according to the officials, who spoke on the condition of anonymity to discuss an open case. Investigators are still exploring whether he was connected in any way to the online leak of some of the NSA’s most powerful hacking tools in August.
“Someone was able to walk out the front door with a whole bunch of stuff from NSA,” said one congressional aide. “That’s not supposed to happen.”
Martin has been charged with theft of government property and unauthorised removal of classified materials. His attorney has said there is “no evidence” that he intended to betray his country. Martin previously worked in the Navy - he left active duty in 1992 - before taking a variety of tech jobs with government contractors, according to records and people who knew him.
In an interview, the head of the office responsible for setting policies aimed at deterring data loss said he thought the existing controls were sufficient. The question, said William Evanina, director of the National Counterintelligence and Security Center, is whether the controls were being successfully implemented.
“I don’t believe there’s anything new that we have to incorporate,” said Evanina, who declined to comment on the ongoing investigation of Martin. “We just have to do a better job to see that what we already have in place is working effectively.”
The NSA did not respond to a request for comment.
Martin worked at the NSA from 2012 to 2015. He was an employee of intelligence contractor Booz Allen Hamilton, which had also employed Snowden.
For some portion of that time, Martin was in the world’s most elite hacker shop: the NSA’s Tailored Access Organisation, according to a former member of the group. One former TAO hacker said that Martin worked in the unit’s front office carrying out support roles such as setting up accounts, instead of conducting actual operations.
Officials have not said how, precisely, they think Martin was able to take information home.
The NSA, like other agencies, does not impose universal checks of personnel and their belongings as they enter and leave agency buildings. Security guards conduct random checks and use their discretion.
“If you have a bag full of stuff, you’re probably going to get stopped,” said a former TAO operator. But, in general, the employee said, “Disneyland has more physical security checks than we had.”