Ex-Employee Suspected Of Leaking CIA Hacking Tools

Uploaded on 2018-05-21 in INTELLIGENCE--USA, GOVERNMENT-Law Enforcement, GOVERNMENT-National, FREE TO VIEW

The US government has identified a suspect in the leak last year of a large portion of the CIA's computer hacking arsenal, the cyber-tools the agency had used to conduct espionage operations overseas, according to interviews and public documents.

But despite months of investigation, prosecutors have been unable to bring charges against the man, who is a former CIA employee being held in a Manhattan jail on unrelated charges.

Joshua Adam Schulte, who worked for a CIA group that designs computer code to spy on foreign adversaries, is believed to have provided the agency's top-secret information to WikiLeaks, federal prosecutors acknowledged in a hearing in January. The anti-secrecy group published the code under the label "Vault 7" in March 2017.

It was one of the most significant leaks in the CIA's history, exposing secret cyber-weapons and spying techniques that might be used against the United States, according to current and former intelligence officials.

Some argued that the Vault 7 disclosures could cause more damage to American intelligence efforts than those by former National Security Agency contractor Edward Snowden. 

He revealed extraordinary details about the capabilities of the United States to spy on computers and phones around the world, but the Vault 7 leaks showed how such spying is actually done, the current and former officials argued.

Schulte, 29, already held without bail in Manhattan on child pornography charges, learned last Friday during a New York court appearance that additional charges were likely to be filed against him in about 45 days from what Assistant US Attorney Matthew Laroche said was a "broader investigation" unrelated to the pornography case.

"Mr Schulte has spent years working to ensure the safety of his country and is deeply saddened to hear that he could face charges of espionage," assistant federal defender Sabrina Shroff said on Tuesday.

At a January hearing, Laroche said Schulte was a target of an ongoing investigation into the theft of tools that were used by the CIA to spy overseas. His defence lawyers have insisted he was not involved.

The US government has all but publicly acknowledged the embarrassing leak from the CIA's Centre for Cyber Intelligence. President Donald Trump told a television host then, "I just want people to know the CIA was hacked, and a lot of things taken".
At January's hearing, Laroche said the material was taken from the CIA during the more than six years that Schulte worked for the agency in various positions, including technical development officer.

"The government immediately had enough evidence to establish that he was a target of that investigation," Laroche said.

"They conducted a number of search warrants on the defendant's residence."

Laroche said he disagreed with Schulte's lawyer at the time, who claimed the search warrants had not yielded anything consistent with the material released by WikiLeaks. "In fact, our investigation is ongoing," Laroche said. "He remains a target of that investigation."

Laroche told US District Judge Paul A. Crotty that the new charges were unlikely for several weeks.

"We're consulting with a lot of folks that are not within our office, so we're moving as quickly as we can on that front," he said.
The cryptic description at Friday's hearing led Shroff, who entered the case in March, to demand more.

"Are they secret charges that I'm not allowed to know about? What are these charges?" Shroff asked, saying she wanted to know of possible charges, whether they be sedition or something else. "Are they charging him with espionage?"

Laroche said it involved an ongoing grand jury investigation and added, "I don't think we have an obligation to disclose it at this time, but we certainly have had discussions with Ms. Shroff about the nature of the underlying investigation". Schulte, of New York, is being held at the Metropolitan Correctional Centre in Manhattan.

Jacob Kaplan, Schulte's attorney at the January hearing, told the court that "the government had full access to his computers and his phone, and they found the child pornography in this case, but what they didn't find was any connection to the WikiLeaks investigation".

Sydney Morning Herald:    Image: Nick Youngson

You Might Also Read:

CIA Malware Unveiled:

CIA Silent About Wikileaks Agency Files:
 

 

« NSA Spies Triple Text and Phone Collection
Secure Encrypted Email Platform PGP Is Not Secure »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ITrust

ITrust

French cybersecurity pure player since 2007. ITrust offers its Cyber expertise services and develops disruptive products in Cyber/Artificial Intelligence.

Bricata

Bricata

Bricata offers industry-leading IPS solutions for enterprise-wide threat prevention and unparalleled situational awareness.

Security University

Security University

Security University is a leading provider of Qualified Hands-On Cybersecurity Education, Information Assurance Training and Certifications for IT and Security Professionals.

Data Security Inc

Data Security Inc

Data Security, Inc. is the leading American manufacturer and supplier of hard drive degaussers, magnetic tape degaussers as well as hard drive and solid state destruction devices.

Cytellix

Cytellix

Cytellix is an industry-standards-based, managed cybersecurity service provider, specializing in proactive behavioral analytics and situational awareness of an organization’s cyber posture.

Alacrinet

Alacrinet

Alacrinet is an IT and cyber security consultancy. From penetration testing to fully managed MSSP, our team is focused on knowing the latest threats, preventing vulnerabilities, and providing value.

CyberPeace Foundation

CyberPeace Foundation

CPF is a think tank of cybersecurity and policy experts with the vision of pioneering Cyber Peace Initiatives to build collective resiliency against CyberCrimes and global threats of cyber warfare.

DoControl

DoControl

DoControl gives organizations the automated, self-service tools they need for SaaS applications data access monitoring, orchestration, and remediation.

Yogosha

Yogosha

Yogosha is a crowdsourced cybersecurity platform enabling a win-win collaboration with the most talented hackers to detect and fix vulnerabilities on your most critical systems.

Luta Security

Luta Security

Luta Security implements a holistic approach to advance the security maturity of governments and organizations around the world.

ELLIO Technology

ELLIO Technology

ELLIO Technology is a cybersecurity company that reduces alert overload, improves incident response, and helps security teams target serious attackers who pose a real threat.

Davinsi Labs

Davinsi Labs

Davinsi Labs helps companies achieve Digital Service Excellence with specialized Security Intelligence and Service Intelligence solutions.

SoftForum

SoftForum

SoftForum is a company specializing in next-generation information security solutions in the Quantum-Resistant-Cryptography (PQC) field.

FTI Consulting

FTI Consulting

FTI Consulting is a global business advisory firm dedicated to helping organizations manage change, mitigate risk and resolve disputes.

MARS Suite

MARS Suite

MARS Suite is your all-in-one solution for cyber protection & compliance. Cybersecurity and risk management is what we do best. And we’re making it simple and easy.

Phone Monitoring Service

Phone Monitoring Service

Phone Monitoring Service provides cyber security services, ethical hacking services, social media hacking services in the USA, Canada, Europe.