NSA Contractor Arrest Renews Focus on Risk Posed by Insiders

  • Complaint says theft could cause ‘grave damage’ to security
  • Lawyer says ex-Booz Allen employee never betrayed his country

For the third time in three years, the U.S. National Security Agency is under scrutiny for its handling of government secrets, particularly its reliance on outside contractors employed by Booz Allen Hamilton Holding Corp.

Harold Martin, a contractor with the consulting company, told investigators that he took home documents and digital files containing highly classified data, storing much of it in his car and house, according to a complaint released Wednesday. His arrest in August came three years after Edward Snowden -- another Booz Allen employee at the NSA -- fled the U.S. and disclosed details of government surveillance programs before going into exile in Russia.

While the Snowden breach led to changes at the NSA and other intelligence agencies to keep insiders from stealing sensitive information, Martin’s arrest is prompting questions from analysts and U.S. lawmakers about whether the measures were enough. In August, hacking tools apparently designed by the NSA -- the largest of 17 federal intelligence agencies -- to breach foreign governments and organizations were leaked on the internet.

QuickTake Cybersecurity

“I applaud the FBI for making an arrest, but it is painfully clear that the intelligence community still has much to do to institutionalize reforms designed to protect in advance the nation’s sources and methods from insider threats,” said Representative Adam Schiff, the top Democrat on the House Intelligence Committee.

Baltimore Suburb

Martin lives in the Baltimore suburb of Glen Burnie, in a 1 1/2-story home with blue siding and a brick chimney. A “Beware of Dog” sign stands outside the home and a teal Chevrolet, which a neighbor says is Martin’s, sits in the driveway. A Redfin web page for the home, built in 1956, estimates its value at $283,000. Martin and his wife were “very friendly” but not particularly social, neighbor Dawn Dincher said.

On the day of his arrest in August, Martin’s street was filled with unmarked police cars and armed men in vests and camouflage, Dincher said.

“The day they arrested him, he was so pale as a ghost,” Dincher said. “I’m sure it had to do with the flash grenade they used to get in their house.”

‘Exceptionally Grave’

Without providing details of the data Martin allegedly brought home or when he did it, the FBI said in the complaint disclosed Wednesday that the information could cause "exceptionally grave damage” to national security if it were disseminated, according to a criminal complaint by the Justice Department.

Questions about Martin’s motivation and whether he was working for a foreign government or improperly bringing home files for use there were fueled by the initial decision not to charge him with espionage. Instead, the contractor currently faces a maximum sentence of one year in prison for the unauthorized removal and retention of classified materials and ten years in prison for theft of government property.

“There’s no evidence that Hal Martin has betrayed his country,” James Wyda, a federal public defender in Maryland who’s representing Martin, said in a statement. “What we do know is that Hal Martin loves his family and his country. He served our nation honorably in the United States Navy, and he has devoted his entire career to serving and protecting America. We look forward to defending Hal Martin in court."

‘Total Cooperation’

Booz Allen said it fired the worker, whom it didn’t name, and is cooperating with law enforcement.

"When Booz Allen learned of the arrest of one of its employees by the FBI, we immediately reached out to the authorities to offer our total cooperation in their investigation, and we fired the employee," the company said Wednesday in a regulatory filing. "There have been no material changes to our client engagements as a result of this matter."

The FBI’s complaint “alleges that among the classified documents found in the search were six classified documents obtained from sensitive intelligence and produced by a government agency in 2014," according to a Justice Department statement. "These documents were produced through sensitive government sources, methods and capabilities, which are critical to a wide variety of national security issues. The disclosure of the documents would reveal those sensitive sources, methods and capabilities."

Insider Threats

White House spokesman Josh Earnest told reporters that the government has taken steps since Snowden’s disclosures to better guard government secrets, including creating a National Insider Threat Task Force to protect against insiders leaking sensitive information and improving background checks. The number of people with access to classified information has been reduced by 17 percent in the last few years, he said.

That view was echoed by Mike Gelles, Deloitte Consulting LLP’s federal practice director who spent 20 years at the Navy Criminal Investigative Service and recently wrote the book "Insider Threat: Prevention, Detection, Mitigation and Deterrence."

"NSA, in particular, has a very mature program",” Gelles said. “While this is a little bit alarming, one might also think about applauding the efforts" of NSA, since Martin was caught, he added. Nevertheless, “it highlights the fact that this is an issue that the government and the private sector have to continue to address as these types of incidents will only continue,” he said.

‘Brand Image’

Since being hired to help the U.S. Navy in preparations for what would become World War II, Booz Allen has become a powerful force in the world of defense and intelligence contracting. The McLean, Virginia-based company said in a May 19 regulatory filing that it took in $1.3 billion, or about 23 percent of its revenue, from intelligence clients in the 2016 fiscal year.

Booz Allen rebounded on Thursday, rising 2.4 percent to $31.04 at noon New York time. Shares fell a 3.8 percent a day earlier, the most since Jan. 27, after the news broke. Analyst Brian Gesuale with Raymond James Financial Inc. raised the company Thursday morning to “outperform” from "market perform.”

While the company may face a “brand image” problem over the latest incident, the impact on the company isn’t clear, Cai von Rumohr, a Cowen & Co. analyst, said in a note to clients Wednesday. After Snowden’s revelations, the company “didn’t face any litigation, lose any contracts, or have any direct impact” on revenue, wrote von Rumohr, who also rates the company “outperform.”

Security screening for workers handling classified information is typically the responsibility of government agencies, including the Pentagon and the Office of Personnel Management.

Martin’s arrest follows months of evidence that the government, as well as the private sector and political organizations, aren’t doing enough to protect themselves from outside hacking and internal breaches.

Hacking Tools

In August, files of high-tech hacking tools believed to have been developed by the NSA were posted online by a group that called itself ShadowBrokers. Part of that breach included about 300 megabytes of tools and techniques to infiltrate computer systems’ firewalls, according to Kaspersky Lab, a software security firm. On the day of the leak, much of the NSA’s public website was down.

The leak stumped cybersecurity experts, who speculated that Russia, China or an NSA insider could be responsible. Because time-stamps on the files dated to 2013, some of the software weaknesses could have since been fixed. Officials are investigating whether Martin was linked to that breach.

“This was not supposed to happen again,” James Lewis, a cybersecurity specialist and senior vice president at the Center for Strategic and International Studies in Washington, said Wednesday of the latest case. Most of those who work with intelligence agencies “are highly motivated and very patriotic and wouldn’t do this. But you only need one and that’s where they’re having trouble.”

    Before it's here, it's on the Bloomberg Terminal.