While civil libertarians are always challenged by surveillance hawks who assure us our data is safely held by the NSA and that we have nothing to fear if we’ve done nothing wrong or followed the law, there is still the possibility that our data that they’ve collected, or sensitive national security information, is stolen by rogue intelligence workers or foreign agents and hackers.
An example of this is former NSA contractor Harold Martin. Martin was accused by the US government of stealing classified information over a period of 20 years while working at different defense companies, and from US Cyber Command, the CIA, and the National Reconnaissance Office. He was taken into custody in August 2016. At that time, he was working for Booz Allen Hamilton.
According to The Globe and Mail, authorities “seized 50 terabytes of data from Martin’s home, which officials said could be the biggest theft of classified information in US history.” Martin is scheduled to plead guilty to the data theft and now faces up to 10 years in prison, but could still be tried for the remaining 19 counts in the indictment for the documents he stole.
The contractor had worked on highly classified projects involving government computer systems, which means he had various security clearances that “routinely provided him access to top-secret information.” According to Politico, Martin “spent several years working in the NSA’s elite hacking unit, known as Tailored Access Operations.”
While investigators suspected that his NSA heist “led to a public disclosure of US hacking tools released online by a group calling itself the Shadow Brokers,” prosecutors never formally accused him of helping the group. His defense suspects that the government is more concerned about having the sensitive details about the capabilities of the NSA and other US intelligence agencies made public by a trial.
But this isn’t all we should be worried about from rogue NSA employees. Another NSA employee who worked in the TAO unit pleaded guilty earlier in December to bringing classified information to his home. This information was then hacked and stolen by Russians who compromised his Kaspersky antivirus software on his personal computer. As pointed out by Wired, one would think that those working on developing advanced hacking tools would know better than to put classified data at risk by transporting it to their homes.
Moreover, it is quite ironic for the government to be concerned about criminals learning hacking techniques and security strategy from leaks inside its own agencies after it asked Apple to hand over information about how to hack into the phones of terrorists. The company had warned that doing so would compromise the security of its customers.