Stories
Slash Boxes
Comments

SoylentNews is people

posted by on Tuesday February 07 2017, @03:47PM   Printer-friendly
from the just-borrowed-for-a-while dept.

On Monday, The Washington Post reported one of the most stunning breaches of security ever. A former NSA contractor, the paper said, stole more than 50 terabytes of highly sensitive data. According to one source, that includes more than 75 percent of the hacking tools belonging to the Tailored Access Operations. TAO is an elite hacking unit that develops and deploys some of the world's most sophisticated software exploits.

Attorneys representing Harold T. Martin III have previously portrayed the former NSA contractor as a patriot who took NSA materials home so that he could become better at his job. Meanwhile, investigators who have combed through his home in Glen Burnie, Maryland, remain concerned that he passed the weaponized hacking tools to enemies. The theft came to light during the investigation of a series of NSA-developed exploits that were mysteriously published online by a group calling itself Shadow Brokers.

[...] An unnamed US official told the paper that Martin allegedly hoarded more than 75 percent of the TAO's library of hacking tools. It's hard to envision a scenario under which a theft of that much classified material by a single individual would be possible.

Source:

https://arstechnica.com/tech-policy/2017/02/former-nsa-contractor-may-have-stolen-75-of-taos-elite-hacking-tools/


Original Submission

Related Stories

"Biggest Ransomware Attack in History" Hits Around 100 Countries, Disrupts UK's NHS 88 comments

NSA-created cyber tool spawns global ransomware attacks

From Politico via Edward Snowden via Vinay Gupta:

Leaked alleged NSA hacking tools appear to be behind a massive cyberattack disrupting hospitals and companies across Europe, Asia and the U.S., with Russia among the hardest-hit countries.

The unique malware causing the attacks - which has spread to tens of thousands of companies in 99 countries, according to the cyber firm Avast - have forced some hospitals to stop admitting new patients with serious medical conditions and driven other companies to shut down their networks, leaving valuable files unavailable.

The source of the world-wide digital assault seems to be a version of an apparent NSA-created hacking tool that was dumped online in April by a group calling itself the Shadow Brokers. The tool, a type of ransomware, locks up a company's networks and holds files and data hostage until a fee is paid. Researchers said the malware is exploiting a Microsoft software flaw.

Thoughts on a similar scenario were published by the Harvard Business Review two days before this incident.

One or more anti-virus companies may have been hacked prior to WannaCrypt infecting 75000 Microsoft Windows computers in 99 countries. First, anti-virus software like Avast fails to make HTTP connections. Second, five million of ransomware emails are rapidly sent. Although many centralized email servers were able to stem the onslaught, many instances of anti-virus software had outdated virus definitions and were defenseless against the attack. Indeed, successful attacks were above 1%. Of these, more than 1% have already paid the ransom. Although various governments have rules (or laws) against paying ransom, it is possible that ransoms have been paid to regain access to some systems.

Also, file scrambling ransomware has similarities to REAMDE by Neal Stephenson. Although the book is extremely badly written, its scenarios (offline and online) seem to come true with forceful regularity.

Further sources: BBC (and here), Russia Today, DailyFail, Telegraph, Guardian.

Telefónica reportedly affected. NHS failed to patch computers which affected US hospitals in 2016. 16 divisions of the UK's NHS taken offline with aid of NSA Fuzzbunch exploit. The fun of a public blockchain is that ransom payments of £415,000 have been confirmed. Cancellation of heart surgery confirmed. Doctors unable to check allergies or prescribe medication. Patient access to emergency treatment denied in part due to hospital telephone exchange being offline.

It also appears that one of the affected parties refused to answer a Freedom of Information request in Nov 2016 about cyber-security due to impact on crime detection. Similar parties provided responses to the same request.

Former NSA Employee Nghia Pho Pleads Guilty to Willful Retention of National Defense Information 11 comments

A former National Security Agency employee who worked at Tailored Access Operations has pleaded guilty to willful retention of national defense information, the same charge Harold T. Martin III faces:

A former National Security Agency employee admitted on Friday that he had illegally taken from the agency classified documents believed to have subsequently been stolen from his home computer by hackers working for Russian intelligence.

Nghia H. Pho, 67, of Ellicott City, Md., pleaded guilty to one count of willful retention of national defense information, an offense that carries a possible 10-year sentence. Prosecutors agreed not to seek more than eight years, however, and Mr. Pho's attorney, Robert C. Bonsib, will be free to ask for a more lenient sentence. He remains free while awaiting sentencing on April 6.

Mr. Pho had been charged in secret, though some news reports had given a limited description of the case. Officials unsealed the charges on Friday, resolving the long-running mystery of the defendant's identity.

Mr. Pho, who worked as a software developer for the N.S.A., was born in Vietnam but is a naturalized United States citizen. Prosecutors withheld from the public many details of his government work and of the criminal case against him, which is linked to a continuing investigation of Russian hacking.

Related: "The Shadow Brokers" Claim to Have Hacked NSA
The Shadow Brokers Identify Hundreds of Targets Allegedly Hacked by the NSA
Former NSA Contractor May Have Stolen 75% of TAO's Elite Hacking Tools
NSA Had NFI About Opsec: 2016 Audit Found Laughably Bad Security
Reality Winner NSA Leak Details Revealed by Court Transcript


Original Submission

Former NSA Contractor Harold Martin Indicted 24 comments

Days after the Washington Post reported on the hoarding of Tailored Access Operations tools by Harold T. Martin III, a federal grand jury has indicted the former NSA contractor:

A federal grand jury has indicted a former National Security Agency contractor on 20 counts of willful retention of national defense information.

According to prosecutors, Harold "Hal" Martin took a slew of highly classified documents out of secure facilities and kept them at his home and in his car. Earlier this week, the Washington Post reported that among those materials, Martin is alleged to have taken 75 percent of the hacking tools that were part of the Tailored Access Operations, an elite hacking unit within NSA.

The indictment outlines 20 specific documents that he is accused of having taken, including "a March 2014 NSA leadership briefing outlining the development and future plans for a specific NSA organization."

Previously: NSA Contractor Harold Martin III Arrested
NSA Contractor Accused of "Stealing" Terabytes of Information, Charged Under Espionage Act
The Shadow Brokers Identify Hundreds of Targets Allegedly Hacked by the NSA


Original Submission

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 0) by Anonymous Coward on Tuesday February 07 2017, @03:58PM

    by Anonymous Coward on Tuesday February 07 2017, @03:58PM (#464108)

    Circle of trust, right? See that whole thing about making sure users only have rights and accesses they need and not sharing logins and passwords.... that applies only to everyone else. To the authorities that are supposed to be security - they don't have to obey the same plebian rules, since they have to get things done.

    • (Score: 4, Informative) by driverless on Wednesday February 08 2017, @01:49AM

      by driverless (4770) on Wednesday February 08 2017, @01:49AM (#464402)

      Didn't we do this one a couple of months ago? The govt is telling us that he may possibly have stolen XYZ, allegedly killed Jimmy Hoffa, and is rumoured to have caused the GFC. If you look at what he actually, provably did, it's that he took some stuff home that he shouldn't have while in all other aspects being a patriotic citizen. Since it looks like the govt is going to have a tough time throwing the book at him as they'd like to, every month or two we get another planted story telling us that he's secretly Doctor Doom, Lex Luthor, and Galactus rolled into one. With all claims prefixed by "allegedly", "apparently", and "may have", sourced to "unnamed officials".

  • (Score: 5, Insightful) by Anonymous Coward on Tuesday February 07 2017, @04:04PM

    by Anonymous Coward on Tuesday February 07 2017, @04:04PM (#464112)

    This is a real life example of why backdoored encryption is VERY bad idea.
    Imagine they had mandated by law that everyone had to use backdoored encryption. The NSA would likely be one of the parties with the master key. Imagine this guy had sold that master key. Now anyone can use the government access to decrypt anything encrypted by law abiding citizens.

    • (Score: 2) by dyingtolive on Tuesday February 07 2017, @04:15PM

      by dyingtolive (952) on Tuesday February 07 2017, @04:15PM (#464122)

      The teenage-nihilist-in-his-thirties part of me that just wants to watch the world burn would be okay with that, actually.

      The slightly more mature part of me cringes at the idea though.

      --
      Don't blame me, I voted for moose wang!
      • (Score: 2) by istartedi on Tuesday February 07 2017, @08:35PM

        by istartedi (123) on Tuesday February 07 2017, @08:35PM (#464265)

        That's because teenage nihilists usually have a negative net worth. Mature adults
        usually have some assets.

        • (Score: 3, Interesting) by bob_super on Tuesday February 07 2017, @09:44PM

          by bob_super (1357) on Tuesday February 07 2017, @09:44PM (#464305)

          Isn't it wonderful how people are tamed by the idea that they have something to lose (tangible or not)?

        • (Score: 3, Interesting) by edIII on Tuesday February 07 2017, @09:49PM

          by edIII (791) Subscriber Badge on Tuesday February 07 2017, @09:49PM (#464311)

          Assets are not what make you beholding and slaved to those above.

          You were speaking about DEBT.

          • (Score: 1) by istartedi on Wednesday February 08 2017, @12:43AM

            by istartedi (123) on Wednesday February 08 2017, @12:43AM (#464379)

            Huh? First, I didn't mean to imply that assets make you "beholding
            and slaved to those above". I see how you might infer that though--people
            who have something to lose are "invested in the system". If the country
            "goes sour" they may look at what the alternatives are and feel trapped.

            Debt is literally the exact opposite of what I said; but I think I can see
            how you might have made that inference also--some people have illusory
            assets like a house that they actually owe a lot of money on. I think it's hyperbolic
            and diminishing the problem of real slaves to use the word "slavery" outright;
            but the phrase "debt slave" and "wage slave" is what you're talking about
            and it's a real thing.

            That's not what I was talking about though. If you have no assets recorded
            in a database, if you're living paycheck-to-paycheck or heavily in debt then "watching
            it all burn" is appealing. Your debts would be wiped out. OTOH, if you have assets
            recorded in databases, then you want those databases to be secure. I wasn't speaking
            so much to the social issues of how we feel about the economic system, more to
            the consequences of losing data integrity to those at different positions within that system.

            • (Score: 0) by Anonymous Coward on Wednesday February 08 2017, @03:57AM

              by Anonymous Coward on Wednesday February 08 2017, @03:57AM (#464428)

              ediii doesn't care what you meant
              your words triggered him
              so he had to get his generic rant out

    • (Score: 2) by sgleysti on Tuesday February 07 2017, @06:28PM

      by sgleysti (56) on Tuesday February 07 2017, @06:28PM (#464191)

      This sounds like the plot for a science fiction novel. Does anyone know if such a novel has been written? I would gladly buy a (used) copy.

    • (Score: 0) by Anonymous Coward on Tuesday February 07 2017, @06:29PM

      by Anonymous Coward on Tuesday February 07 2017, @06:29PM (#464194)

      That is why physical access to the backdoor is requiered. (Device in hand)
      Backdoooring thru the internet is bad ... unless the "internet" is proprietary network
      extending into your bedroom, toilet ... like maybe those dead-end networks with a
      gazillion users (your big enduser serving isps) ... then you are using
      "their" device anway ... or rather renting it

  • (Score: 5, Insightful) by Grishnakh on Tuesday February 07 2017, @04:30PM

    by Grishnakh (2831) on Tuesday February 07 2017, @04:30PM (#464131)

    This guy never stole any hacking tools. I am 100% sure that the NSA still has all their hacking tools, and has not lost use of them whatsoever. If this guy did indeed make unauthorized copies as alleged, that's all he did: he made copies. The tools are still there.

    Unauthorized copying is not stealing, no matter how much some people try to insist that it is. This will never change.

    • (Score: 0) by Anonymous Coward on Tuesday February 07 2017, @05:19PM

      by Anonymous Coward on Tuesday February 07 2017, @05:19PM (#464146)

      You're playing football on a baseball field.

      The problem isn't about piracy. The problem is what the recipient can do with that copy. The right people will be able to reverse engineer how the tools work to circumvent security systems.

      • (Score: 0) by Anonymous Coward on Tuesday February 07 2017, @05:30PM

        by Anonymous Coward on Tuesday February 07 2017, @05:30PM (#464152)

        reverse engineer what? the tools are INTENDED to circumvent security systems. do you need to "reverse engineer" winamp to listen to an mp3?

        • (Score: 2, Funny) by Anonymous Coward on Tuesday February 07 2017, @05:46PM

          by Anonymous Coward on Tuesday February 07 2017, @05:46PM (#464166)
          You might, if you don't want it to quietly phone home and let AOL know you're listening to an mp3.

          If your copy of winamp came from the NSA, and you're listening to 'DJ Ayatollah - Death to the Great Satan America.mp3' on endless repeat, you might want to be very, very careful about it phoning home.
      • (Score: 0) by Anonymous Coward on Tuesday February 07 2017, @07:09PM

        by Anonymous Coward on Tuesday February 07 2017, @07:09PM (#464218)

        You're playing football on a baseball field.

        Dr. Phil!

    • (Score: 0) by Anonymous Coward on Tuesday February 07 2017, @06:03PM

      by Anonymous Coward on Tuesday February 07 2017, @06:03PM (#464177)

      Well, it is a stolen copy- how about that. You use copy as a noun, but the contractor copied as a verb: he 'duplicated' things. NSA contractors are not to take things out of the office. So any exact copy now residing anywhere the original is not- is theft. Theft of a copy at least.

      How about Identity Theft. Is not the original person still walking around, whilst ill-doers act up in their name?
      If I duplicated your entire home, family members, bank accounts, memories, and did with them as I will... would you not consider mimicking & tarnishing of your life the 'theft' of your life? Or would you just shrug and say "well that's not the real me".

      It's because OF the copied item's capabilities & 'brand association' that it's mere existence is defined by the word STOLEN. A stolen copy.

      • (Score: 4, Touché) by Grishnakh on Tuesday February 07 2017, @08:44PM

        by Grishnakh (2831) on Tuesday February 07 2017, @08:44PM (#464273)

        Hey, if you can figure out how to make a duplicate of my bank account, and then spend that money, while my own bank account is unchanged, let me know. I wouldn't be upset about that at all.

        And if you can figure out how to duplicate family members, that'd be a real feat too. I wonder if my girlfriend would mind if I had a duplicate of her? A duplicate of myself would be great too: I have more projects than I have time to complete. Two of me could get more stuff done around the house (and keep the girlfriend and her clone satisfied as well...).

    • (Score: 1, Touché) by Anonymous Coward on Tuesday February 07 2017, @06:07PM

      by Anonymous Coward on Tuesday February 07 2017, @06:07PM (#464178)

      I'm often stuck looking for an everyday example of someone being pedantic. Usually I have to refer to people who insisted that 2001 was the start of the millennium. Now I can also use this narrow-minded view of the word steal. But, keep in mind that, historically, when absolutely everyone uses a word to mean a thing the word didn't originally mean, the word meaning changes. No one throws the pedants a party for being right.

      And if you're going to rely on a dictionary definition for your argument, make sure it's true for all cases. According to Merriam-Webster, this can still be defined as stealing:

      https://www.merriam-webster.com/dictionary/steal [merriam-webster.com]

      Definition of steal
      stoleplay \ˈstōl\; stolenplay \ˈstō-lən\; stealing

      ...

      transitive verb

      ...

                  2c : to take surreptitiously or without permission (steal a kiss)
      ...

      • (Score: 1, Flamebait) by Arik on Tuesday February 07 2017, @08:01PM

        by Arik (4543) on Tuesday February 07 2017, @08:01PM (#464236)
        If your definitions are so mushy your words have no meaning, any word is fundamentally equivalent to any other, and no real communication is possible. This is why those who hate intelligence always argue for such mushy definitions.
        --
        "Unix? These savages aren't even circumcised!"
        • (Score: 0, Insightful) by Anonymous Coward on Tuesday February 07 2017, @09:46PM

          by Anonymous Coward on Tuesday February 07 2017, @09:46PM (#464309)

          If you're asserting that precision and common sense are mutually exclusive, then I disagree with your premise. My comment was that one can focus on a facet of word meaning unnecessarily, and miss the entire point of an (attempted) discussion.

          I am willing to risk the theoretical (but vanishingly small) possibility of a world where communication accidentally becomes impossible as you describe, rather than embrace people who intentionally choose to prevent communication. Particularly those who lord such obstinacy as "intelligence". In fact, there's a word to describe precisely that: https://www.merriam-webster.com/dictionary/pedant [merriam-webster.com]

          Definition of pedant
                  ...

                  2b : one who is unimaginative or who unduly emphasizes minutiae in the presentation or use of knowledge

    • (Score: 2, Insightful) by Anonymous Coward on Tuesday February 07 2017, @07:16PM

      by Anonymous Coward on Tuesday February 07 2017, @07:16PM (#464221)

      This guy never stole any hacking tools.

      Actually he did. You have to think "outside the box". "Stole" is a different concept here. If you own a specialized software tool and its IP, you're the only one who has it and has the power to do whatever you need done with it. If someone copies it, they too now have that power.

      The problem is not the software being copied- it's the theft of the unique power it gives.

    • (Score: 3, Funny) by istartedi on Tuesday February 07 2017, @08:41PM

      by istartedi (123) on Tuesday February 07 2017, @08:41PM (#464269)

      Next to a tombstone in the rhetorical grave yard, the soil stirs. An eerie shiver runs down your spine. A cold wind blows. With a moan of desolation the black dirt over the grave cracks open and the gnarled hand of this semantic ghoul rises. Like a snake it darts for your ankles, coils, and grabs. It threatens to pull you in. You whack it with a shovel and run like hell.

    • (Score: 1, Informative) by Anonymous Coward on Tuesday February 07 2017, @11:30PM

      by Anonymous Coward on Tuesday February 07 2017, @11:30PM (#464365)

      Unauthorized copying is not stealing, no matter how much some people try to insist that it is.

      Okay, so I thought you were wrong in this specific case, but actually you (and I, for that matter) are wrong in the general case. Even unauthorized copying movies is "stealing":

      (transitive) To take illegally, or without the owner's permission, something owned by someone else. [wiktionary.org] Did he take it? Yes. Did he have the owner's permission? No.

      To take or appropriate without right or leave and with intent to keep or make use of wrongfully [merriam-webster.com]. Did he take it? Yes. Did he intend to keep or make use of it wrongfully? Yes.

      You are probably trying to argue that it isn't theft [merriam-webster.com] or larceny [merriam-webster.com]. This is a much stronger case (although I'd argue by definition of a secret, it loses value if it's well known so in his particular case it still is larceny). However, no matter how you look at it, he did steal.

  • (Score: 1, Insightful) by Anonymous Coward on Tuesday February 07 2017, @07:12PM

    by Anonymous Coward on Tuesday February 07 2017, @07:12PM (#464220)

    Spies ... even less competent than the rest of the government, because there's no oversight.

    • (Score: 0) by Anonymous Coward on Wednesday February 08 2017, @04:34AM

      by Anonymous Coward on Wednesday February 08 2017, @04:34AM (#464441)

      Maybe its not them, maybe its management like every other industry. Them MBAs sure like to outsource and sub-contract out! Accountability Ninja 101...

  • (Score: 4, Insightful) by donkeyhotay on Tuesday February 07 2017, @07:44PM

    by donkeyhotay (2540) on Tuesday February 07 2017, @07:44PM (#464233)

    "NSA contractor".

    And there you have it. If the data and software is so super sensitive, why are you using contractors?

    • (Score: 2) by Grishnakh on Tuesday February 07 2017, @08:47PM

      by Grishnakh (2831) on Tuesday February 07 2017, @08:47PM (#464274)

      Because the federal government hiring and employment system is so broken. If they only allowed federal employees to do the work, they wouldn't be allowed to pay them anywhere near what the private sector pays, so either the jobs would go unfilled, or they'd have to hire incompetents. So they contract it out, and contractors do it for normal (for the industry/job) salaries while some contracting company gets a big cut on top for doing almost nothing.

      There appears to be no way to fix this problem.

      • (Score: 2) by c0lo on Wednesday February 08 2017, @03:59AM

        by c0lo (156) Subscriber Badge on Wednesday February 08 2017, @03:59AM (#464430)

        There appears to be no way to fix this problem.

        Suggestion: close down NSA, all its problem solved.

        • (Score: 2) by Grishnakh on Wednesday February 08 2017, @03:25PM

          by Grishnakh (2831) on Wednesday February 08 2017, @03:25PM (#464560)

          WTF? This is the stupidest post I've seen all day. The problem I'm talking about is Federal hiring, not the NSA. The Federal hiring problem spans the entire government. Closing the NSA, or any agency, isn't going to magically make the Federal government adopt sensible hiring and personnel-management practices. It's a problem endemic to the government, and government in general as it's not just the US federal government, it's state and local governments too and foreign ones as well.

          • (Score: 0) by Anonymous Coward on Wednesday February 08 2017, @11:55PM

            by Anonymous Coward on Wednesday February 08 2017, @11:55PM (#464820)

            It's a problem endemic to the government, and government in general as it's not just the US federal government,

            Oh, wow. The US govt is the model for the entire world, eh? I wonder how other countries are dealing with it?

    • (Score: 0) by Anonymous Coward on Wednesday February 08 2017, @03:52AM

      by Anonymous Coward on Wednesday February 08 2017, @03:52AM (#464425)

      And there you have it. If the data and software is so super sensitive, why are you using contractors?

      Because, when it comes to trustworthiness, there is functionally no difference.
      They all get the same background checks through the same agency.

      You are indulging in a correspondence bias. [wikipedia.org]
      There are a lot of contractors in government work, so it is unsurprising that the handful that have been caught doing something naughty were contractors.

      Let's say there are 1,000 contractors working for the NSA (a very conservative guess) and 2 or 3 (Snowden, this guy and one more for good measure) have walked out with secrets. That leaves 997 who have not, or 99.7% who have obeyed the rules as much as any NSA employee. Furthermore there have been employees like Robert Stephan Lipka [cnn.com] who have done worse.

  • (Score: 2) by esperto123 on Tuesday February 07 2017, @08:03PM

    by esperto123 (4303) on Tuesday February 07 2017, @08:03PM (#464241)

    Because it was not theft, it was a copy! He didn't remove a single item, so nobody could had notice something missing, and unless you monitor every packet in your local network, someone with high privilage access can copy anything at anytime and get away.

    • (Score: 3, Informative) by butthurt on Tuesday February 07 2017, @08:24PM

      by butthurt (6141) on Tuesday February 07 2017, @08:24PM (#464254) Journal

      He didn't remove a single item [...]

      According to the article, a prosecutor is alleging that he did:

      Myers said Martin took “many thousands of pages” of classified material as well as 50 terabytes of digital data, much of which has “special handling caveats.”

      Of course it's not proven.

  • (Score: 3, Interesting) by Yog-Yogguth on Wednesday February 08 2017, @01:21AM

    by Yog-Yogguth (1862) Subscriber Badge on Wednesday February 08 2017, @01:21AM (#464390) Homepage Journal

    Anyone else have the gut feeling that this guy is only being used as a scapegoat/excuse, or nothing but a plain diversion, or some kind of honey trap?

    Poor guy if he's telling the truth (being stupid is really easy, but that said this guy was hoarding stupid), or maybe a very lucky guy if he's a scapegoat with a deal where his maximum security isolation takes place on some lovely tropical island, babes, drink, and all expenses included :3

    If that wasn't enough this is from WaPo/BezoPress which is funded by the CIA (adds a whole new layer with the potential NSA CIA rivalry/war), the dead tree equivalent of CNN which means it's not to be trusted, and it's reporting about the NSA, which specializes in spying and deception by technical means and shouldn't really have been trusted even before Snowden revealed that they're incredibly untrustworthy and which is one of many (all?) organizations that is not to be trusted either even if they say the sky is blue and you've checked and the sky where you are actually happens to be blue right when they said it (and it's never the same color everywhere at the same time...).

    By this point I get the feeling as if I had accidentally and unobtrusively without noticing read a +2 Blessed Spellbook of Levitation since it all feels so incredibly airy and soft and there's so little "there" actually there anywhere :)

    --
    Bite harder Ouroboros, bite! tails.boum.org/ linux USB CD secure desktop IRC *crypt tor (not endorsements (XKeyScore))