Arrested contractor may have worked for NSA’s elite cyber spy unit

NSAA United States federal contractor, who remains in detention following his arrest last summer for stealing classified documents, may have worked for an elite cyber espionage unit of the National Security Agency. The man was identified by The New York Times last week as Harold Thomas Martin III, a 51-year-old employee of Booz Allen Hamilton, one of the largest federal contractors in the US. The paper said that, prior to joining Booz Allen Hamilton, Martin served as a US Navy officer for over a decade, where he specialized in cyber security and acquired a top secret clearance. But last August, agents of the Federal Bureau of Investigation raided Martin’s house in Maryland and arrested him on charges of stealing government property and illegally removing classified material.

Media reports suggest that the FBI discovered significant quantities of classified information, some of it dating back to 2006, on a variety of electronic devices that Martin had stored —though apparently not hidden— in his house and car. Another interesting aspect of the case is that there is no proof at this point that Martin actually shared the classified information with a third party. There is some speculation that he may be behind a disclosure of a collection of NSA hacking tools, which were leaked in August of this year by a previously unknown group calling itself “the Shadow Brokers”. But some speculate that Martin may have taken the classified material home so he could write his dissertation for the PhD he is currently undertaking at the University of Maryland’s Information Systems program.

A few days ago, The Daily Beast quoted an unnamed former colleague of Martin who said that the NSA contractor was a member of one of the agency’s elite cyber spy units. The existence of the secretive unit, which is known as the NSA’s Office of Tailored Access Operations, was revealed in June 2013 by veteran NSA watcher Matthew M. Aid. Writing in Foreign Policy, Aid cited “a number of highly confidential sources” in alleging that the NSA maintained a substantial “hacker army” tasked with conducting offensive cyber espionage against foreign targets. More information on NSA’s TAO was provided in January 2014 by German newsmagazine Der Spiegel. If The Daily Beast’s allegations about Martin are accurate, they would explain why anonymous government sources told The Washington Post last week that some of the documents Martin took home “could be expected to cause exceptionally grave damage to the national security of the United States”. The case also highlights the constant tension between security and the privatization of intelligence, which was also a major parameter in the case of Edward Snowden, another Booz Allen Hamilton contractor who defected to Russia in 2013.

Meanwhile, Martin remains in detention. If he is convicted, he will face up to 11 years behind bars.

Author: Joseph Fitsanakis | Date: 10 October 2016 | Permalink

German magazine reveals more information on elite NSA spy unit

NSA headquartersBy JOSEPH FITSANAKIS | intelNews.org
Last June, we reported on the existence of an elite cyberatack unit within the United States National Security Agency (NSA), which operates under the Agency’s Office of Tailored Access Operations. Veteran NSA watcher Matthew M. Aid, who made the initial revelation, said at the time that the Office, known at NSA simply as TAO, maintains a substantial “hacker army” that works in close cooperation with the Central Intelligence Agency (CIA) and the Federal Bureau of Investigation (FBI). Now German newsmagazine Der Spiegel says it viewed internal documents that confirm the existence of TAO as the NSA’s elite operational unit. The publication describes TAO as “something like a squad of plumbers that can be called in when normal access to a target is blocked”. It adds that TAO operatives are routinely detailed to a host of American intelligence agencies to help conduct intelligence operations ranging from traditional espionage to counterterrorism and cyberwarfare. Furthermore, TAO’s personnel, which are allegedly far younger than the average NSA officer, are experts in exploiting the technical deficiencies of the information-technology industry. They have therefore been able to compromise communications hardware and software produced by some of the world’s biggest IT companies and service providers, including Huawei, Cisco and Microsoft. The Spiegel article claims that TAO was established in 1997, several years before the Internet became a prominent engine of economic and cultural activity around the world. Its personnel, which initially consisted of a few select technical experts, was housed at the NSA headquarters in Fort George Meade, Maryland, but “in a separate wing, set apart from the rest of the agency”. Notably, Der Spiegel cites a paper produced by a former TAO unit head, which states that the program has produced “some of the most significant intelligence our country has ever seen” and urges for its continued growth. Read more of this post

Secretive US cyber unit has been spying on China for 15 years

NSA headquartersBy JOSEPH FITSANAKIS | intelNews.org |
A secretive cyberattack unit within the United States National Security Agency (NSA) has been engaged in protracted offensive cyberespionage operations against China for nearly 15 years. The revelation, made this week by veteran NSA watcher Matthew M. Aid, appears to confirm recent allegations made by Chinese government officials that Beijing’s secrets come under regular attack by US government-sponsored hackers. It also agrees with claims made by several intelligence observers, including this blog, that America’s cyber-security posture is not purely defensive. According to Aid’s article, published this past Monday in Foreign Policy, China’s allegations that it has been the target of sustained cyberespionage attacks by the US “are essentially correct”. Citing “a number of highly confidential sources”, Aid alleges that the NSA maintains a substantial “hacker army”. These ‘cyberwarriors’ allegedly operate under the NSA’s Office of Tailored Access Operations, known inside NSA simply as TAO. Its personnel is said to have successfully penetrated the Chinese government’s telecommunications networks and servers since the late 1990s, generating “some of the best and most reliable intelligence information” gained by Washington. It does so through computer network exploitation (CNE) techniques, such as surreptitious hacking, password exploitation, and even by compromising Chinese network security technicians. Aid alleges that TAO works closely with the Central Intelligence Agency (CIA) and the Federal Bureau of Investigation (FBI), through a small “clandestine intelligence gathering unit”. The latter employs CIA and FBI operatives who perform what are known as “off-net operations”, a term that refers to physical break-ins of Chinese and other foreign diplomatic facilities, in order to compromise the security computer hardware. Read more of this post