Minor convictions for ex-CIA coder in hacking tools case
A former CIA software engineer accused of stealing a massive trove of the agency's hacking tools and handing it over to WikiLeaks was convicted of only minor charges Monday, after a jury deadlocked on the more serious espionage counts against him.
Joshua Schulte, who worked as a coder at the agency's headquarters in Langley, Virginia, was convicted by a jury of contempt of court and making false statements after a four-week trial in Manhattan federal court that offered an unusual window into the CIA's digital sleuthing and the team that designs computer code to spy on foreign adversaries.
After deliberating since last week, the jury was unable to reach a verdict on the more significant charges. They had notified U.S. District Judge Paul A. Crotty on Friday that they had reached consensus on two counts, but were unable to reach a verdict on eight others.
Previously: Suspect Identified in C.I.A. Leak was Charged, but Not for the Breach
Related Stories
In weekly online posts last year, WikiLeaks released a stolen archive of secret documents about the Central Intelligence Agency's hacking operations, including software exploits designed to take over iPhones and turn smart television sets into surveillance devices.
It was the largest loss of classified documents in the agency's history and a huge embarrassment for C.I.A. officials.
Now, the prime suspect in the breach has been identified: a 29-year-old former C.I.A. software engineer who had designed malware used to break into the computers of terrorism suspects and other targets, The New York Times has learned.
Agents with the Federal Bureau of Investigation searched the Manhattan apartment of the suspect, Joshua A. Schulte, one week after WikiLeaks released the first of the C.I.A. documents in March last year, and then stopped him from flying to Mexico on vacation, taking his passport, according to court records and relatives. The search warrant application said Mr. Schulte was suspected of "distribution of national defense information," and agents told the court they had retrieved "N.S.A. and C.I.A. paperwork" in addition to a computer, tablet, phone and other electronics.
[...] It is unclear why, more than a year after he was arrested, he has not been charged or cleared in connection with Vault 7. Leak investigators have had access to electronic audit trails inside the C.I.A. that may indicate who accessed the files that were stolen, and they have had possession of Mr. Schulte's personal data for many months.
[...] Mr. Schulte's lawyers have repeatedly demanded that prosecutors make a decision on the Vault 7 leak charges. Prosecutors said in court last week that they planned to file a new indictment in the next 45 days, and Mr. Schulte's lawyer Sabrina P. Shroff, of the federal public defender's office, asked the court to impose a deadline on any charges that the government sought to bring under the Espionage Act for supplying the secret C.I.A. files to WikiLeaks.
Source: https://www.nytimes.com/2018/05/15/us/cia-hacking-tools-leak.html
Also at: BBC, SecurityWeek, and Ars Technica.
A former CIA programmer was sentenced to 40 years in prison on Thursday for leaking the US spy agency's most valuable hacking tools to WikiLeaks:
Joshua Schulte, 35, was found guilty in 2022 of espionage and other charges in what the CIA called a "digital Pearl Harbor" -- the largest data breach in the history of the intelligence agency.
[...] US District Judge Jesse Furman sentenced Schulte to 40 years in prison for espionage, computer hacking, contempt of court, making false statements to the FBI and child pornography.
Schulte worked for the CIA's elite hacking unit from 2012 to 2016 when he quietly took cyber tools used to break into computer and technology systems, according to court documents.
After quitting his job, he sent them to WikiLeaks, which began publishing the classified data in March 2017.
[...] The leaked data included a collection of malware, viruses, trojans, and "zero day" exploits that, once leaked out, were available for use by foreign intelligence groups, hackers and cyber extortionists around the world, they said.
Previously:
- Ex-CIA Employee Convicted of Leaking 'Vault 7' Secrets to Wikileaks
- Former CIA Software Engineer Joshua Schulte Convicted of Minor Charges, Not Espionage
- Ex-CIA Employee Charged In Leak Of Classified Hacking Tools
- Suspect Identified in C.I.A. Leak was Charged, but Not for the Breach
(Score: 2, Informative) by Anonymous Coward on Tuesday March 10 2020, @07:46PM (8 children)
Anything you say to the FBI can and will be used against you in a court of law to send you to prison, even if you are innocent of all charges.
(Score: 2, Informative) by Anonymous Coward on Tuesday March 10 2020, @08:03PM (4 children)
CP planted on your home computers is part of the severance package.
(Score: 5, Insightful) by bradley13 on Tuesday March 10 2020, @08:39PM (3 children)
You joke, but you're not wrong. Planting co is an obvious tactic, and it is just astounding how often it oh do conveniently crops up is cases where the government is unable to produce evidence for the original charges.
As for false statements to the FBI: that shouldn't be a crime in the first place. Agents are trained to trip you up and make you contradict yourself. Add in stress and fallible memory, and everyone can be prompted to say something "false".
Everyone is somebody else's weirdo.
(Score: -1, Redundant) by Anonymous Coward on Tuesday March 10 2020, @08:43PM
Schulte is facing separate federal CP charges. He will be buried on those alone.
(Score: -1, Troll) by Anonymous Coward on Wednesday March 11 2020, @12:13AM
And now we know why bradley13 is an expat. No extradition treaty, right?
(Score: 0) by Anonymous Coward on Wednesday March 11 2020, @04:08AM
I hate when you shitbags on SN say reasonable things. It's like 1 in 100 but fuck you, don't force me to read the other 99 in case it's the 1.
(Score: 2) by DannyB on Tuesday March 10 2020, @08:42PM (1 child)
Also . . .
Anything you DO NOT say to the FBI can and will be used against you in a court of law to send you to prison, even if you are innocent of all charges.
Don't put a mindless tool of corporations in the white house; vote ChatGPT for 2024!
(Score: 2) by All Your Lawn Are Belong To Us on Tuesday March 10 2020, @10:13PM
I know, ironic... (I hope). But that is what the fifth amendment means. But it does mean you say ABSOLUTELY NOTHING.
This sig for rent.
(Score: 2) by All Your Lawn Are Belong To Us on Tuesday March 10 2020, @10:12PM
And nothing you say needs to be brought forward if it exculpates you. That's the other half of that truism.
This sig for rent.
(Score: 0) by Anonymous Coward on Tuesday March 10 2020, @07:48PM
Only steal his own projects or code that he worked on?
(Score: 1, Insightful) by Anonymous Coward on Tuesday March 10 2020, @08:46PM
title
(Score: 2) by All Your Lawn Are Belong To Us on Tuesday March 10 2020, @10:12PM (2 children)
…. can the government refile the espionage charges? And if so, will they? Or is there still such a thing as double jeopardy and does it attach if there was a conviction?
This sig for rent.
(Score: 2) by takyon on Tuesday March 10 2020, @10:14PM
No verdict was reached on those charges. They can refile/retry:
[SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
(Score: 1, Interesting) by Anonymous Coward on Wednesday March 11 2020, @12:09AM
What is the legal distinction between making something public and giving it to foreign powers? In my mind they are in no way the same. But I can't think of a specific precedent or legal doctrine that makes them distinct. The first amendment doesn't cover restricted speech, but outing a crime perpetrated by the state has never been restricted speech. Well, at least not since 1861. CIA == CSA? Who knew?
So in any case where the defendant could reasonably argue that the CIA violated posse commatatus, then they could argue that they weren't working against the U.S., they were in fact working for it. The claim of espionage cuts both ways if the CIA was using the software in operations on domestic soil. Which... Lets face it, there is virtually no possibility they aren't.
The most applicable precedent I can think of would be the area 51 toxic waste case, which the fed lost.
(Score: 2, Interesting) by Anonymous Coward on Wednesday March 11 2020, @01:30AM (1 child)
According to ZeroHedge:
"Trial witnesses guided jurors through a complicated maze of forensic analysis that, according to prosecutors, showed Mr. Schulte’s work machine accessing an old backup file one evening in April 2016.
"He did so, prosecutors said, by reinstating his administrator-level access that the C.I.A. had removed after his workplace disputes."
(Source: https://www.zerohedge.com/technology/trial-alleged-vault-7-cia-leaker-ends-hung-jury) [zerohedge.com]
My question: What was this "administrator-level access" that the Central Intelligence Agency (CIA) removed after Mr Schulte developed a conscience?
I've been installing, debugging, upgrading and managing single sign-on (SSO) and identity access management (IAM) infrastructures for three decades. Yellow Pages (YP), Network Information System (NIS), OpenLDAP, PowerBroker (PB), Vintela Authentication Services (VAS), Active Directory (AD), Kerberos, and one company - Oracle - that pushed /etc/passwd files out, manually, every 24 hours (tip of the hat to Don Beusee, probably the one who designed it, because he nursed it, 24x7), as well as a few outliers that I might remember with some cudgeling.
The central concept behind such systems is to render such authorization impossible. And so I infer that the organization does not use a central authentication system - although I infer that Kerberos, recompiled to disable expiration of tokens, might provide such a vulnerability.
My best guess is that some manager deleted the corresponding client-side key for the server in question from the ~schultej/.ssh/ directory - even if they don't use any central authentication mechanism on the workstations, they must still use central storage, IE, the Network File System (NFS) - not realizing that Schulte kept backups.
Separately, it is entirely possible that they DO use a central authentication mechanism, that IS tightly integrated into their Programmable Authentication Module (PAM) stack, such as Vintela - but that each user has root privileges on their own workstation, and, as a rite of passage, immediately bypasses the standard issue security mechanisms by creating a local login and root-equivalent login. Perhaps they are even allowed, even encouraged, to install the operating system themselves, from a list of approved choices, with the security mechanisms baked in.
It's not like this problem wasn't solved back in, like, 1986. I, personally, designed and deployed such a system at Network Equipment Technologies (NET), that detected, and, optionally (in the case of TAC workstations), countered, local changes to administrative files such as /etc/passwd.
Like Tripwire, but with the ability to put things back, the way they were. I concealed it in the /... directory - you read that right, quit rubbing your eyes.
Which reminds me of a story, which is not entirely irrelevant.
My system was so good that a local contractor, named Bjorn Satdeva, tried to present the scripts to the first LISA Conference, in Monterey, California, as his own work.
Man, you shoulda seen the look on his face when he recognized me, sitting in the crowd, looking at him, presenting my work.
I was working, at the time, at AMPEX R&D. Bjorn Satdeva was the contractor they'd located to fill in for me, at NET, after they fired my manager, at NET, and I had resigned.
I hear they had to hire five people to replace me. Just sayin'.
Bjorn made no attempts to contact me after I left NET; and, AMPEX was just across the freeway, there, in Redwood City - only a half a mile away.
More evidence of chicanery can be inferred from the history of Bjorn Satdeva's employment, possibly unpaid, as some sort of honcho for USENIX. He'd been elected based upon the strength of scripts that, it gradually became known, he was not the author of.
And, I think Bjorn did the same thing, a second time, presenting someone else's work and taking credit for work he had not done - although this time he positioned himself as a coauthor instead of taking it outright.
Things came to a head when the USENIX offices in Berkeley were burglarized and all the copies of the USENIX Journal that contained the scripts in question disappeared. About the same time, Bjorn was, if I recall correctly, removed from office, at USENIX. Or maybe he quit. Anyway, their relationship ended.
USENIX never contacted me. But I'm pretty sure they knew who I was. I think they could not bring themselves to stand behind someone who had dropped out of high school and didn't have a college degree. Fuck you, USENIX.
I've often wondered what ever happened to Bjorn Satdeva.
I suspect he is probably a systems administrator for the Central Intelligence Agency (CIA). There seems to be a good match there. They seem to like script kiddies.
Me? Nowadays, I'm unemployed, because everyone knows that people over 40 can't program, and have nothing to teach.
~childo
(Score: 1) by anubi on Wednesday March 11 2020, @01:49AM
You know too much. You have to start your own company. Nobody wants someone working for them which is better than they are. Who is qualified to be your boss? Getting the job done is not what they are looking for. They want an obedient subordinate, hopefully saddled under lots of family obligations and debt.
Companies rapidly grow into leadership entities. Everyone at the top gets paid like a gentleman. At that level, getting paid is top concern. Whether the thing they make met the customer's need is a minor concern to be settled among the minions.
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]