SoylentNews

Fnord666 writes:

In weekly online posts last year, WikiLeaks released a stolen archive of secret documents about the Central Intelligence Agency's hacking operations, including software exploits designed to take over iPhones and turn smart television sets into surveillance devices.

It was the largest loss of classified documents in the agency's history and a huge embarrassment for C.I.A. officials.

Now, the prime suspect in the breach has been identified: a 29-year-old former C.I.A. software engineer who had designed malware used to break into the computers of terrorism suspects and other targets, The New York Times has learned.

Agents with the Federal Bureau of Investigation searched the Manhattan apartment of the suspect, Joshua A. Schulte, one week after WikiLeaks released the first of the C.I.A. documents in March last year, and then stopped him from flying to Mexico on vacation, taking his passport, according to court records and relatives. The search warrant application said Mr. Schulte was suspected of "distribution of national defense information," and agents told the court they had retrieved "N.S.A. and C.I.A. paperwork" in addition to a computer, tablet, phone and other electronics.

[...] It is unclear why, more than a year after he was arrested, he has not been charged or cleared in connection with Vault 7. Leak investigators have had access to electronic audit trails inside the C.I.A. that may indicate who accessed the files that were stolen, and they have had possession of Mr. Schulte's personal data for many months.

[...] Mr. Schulte's lawyers have repeatedly demanded that prosecutors make a decision on the Vault 7 leak charges. Prosecutors said in court last week that they planned to file a new indictment in the next 45 days, and Mr. Schulte's lawyer Sabrina P. Shroff, of the federal public defender's office, asked the court to impose a deadline on any charges that the government sought to bring under the Espionage Act for supplying the secret C.I.A. files to WikiLeaks.

Source: https://www.nytimes.com/2018/05/15/us/cia-hacking-tools-leak.html

Also at: BBC, SecurityWeek, and Ars Technica.

Original Submission

Ex-CIA Employee Charged In Leak Of Classified Hacking Tools

Arthur T Knackerbracket has found the following story:

A former CIA employee was charged Monday with leaking information on CIA hacking tools to Wikileaks.

Joshua Adam Schulte, 29, was charged with the theft of classified national defense information in a 13-count indictment handed down by a grand jury, the Justice Department said Monday. According to the indictment, Schulte stole the classified information from a CIA network in 2016 and then transmitted it to an organization that was unidentified in the indictment.

Schulte is also accused of intentionally damaging a CIA computer system, deleting records of his activities and blocking others from accessing the system. Schulte is currently in custody on child pornography charges. He's pleaded not guilty to those charges.

The leaks, which Wikileaks called "Vault 7," revealed tools used by the CIA to hack phones, TVs and computers as part of its investigations. The disclosures showed the lengths to which government investigators go to access electronic evidence, tailoring hacks for specific smart TVs, for example.

[...] "Schulte utterly betrayed this nation and downright violated his victims. As an employee of the CIA, Schulte took an oath to protect this country, but he blatantly endangered it by the transmission of classified Information," William F. Sweeney Jr., head of the New York FBI office, said in a statement Monday.

Man who allegedly gave Vault 7 cache to WikiLeaks busted by poor opsec

MrPlow writes:

Submitted via IRC for Runaway1956

FBI used passwords used on suspect's cellphone to also get into his computer.

Source: https://arstechnica.com/tech-policy/2018/06/ex-cia-engineer-indicted-on-several-new-charges-connected-to-vault-7-leak/

Original Submission #1  Original Submission #2 

takyon writes:

Minor convictions for ex-CIA coder in hacking tools case

A former CIA software engineer accused of stealing a massive trove of the agency's hacking tools and handing it over to WikiLeaks was convicted of only minor charges Monday, after a jury deadlocked on the more serious espionage counts against him.

Joshua Schulte, who worked as a coder at the agency's headquarters in Langley, Virginia, was convicted by a jury of contempt of court and making false statements after a four-week trial in Manhattan federal court that offered an unusual window into the CIA's digital sleuthing and the team that designs computer code to spy on foreign adversaries.

After deliberating since last week, the jury was unable to reach a verdict on the more significant charges. They had notified U.S. District Judge Paul A. Crotty on Friday that they had reached consensus on two counts, but were unable to reach a verdict on eight others.

Previously: Suspect Identified in C.I.A. Leak was Charged, but Not for the Breach

Original Submission

upstart writes:

Ex-CIA Employee Convicted of Leaking 'Vault 7' Secrets to Wikileaks:

The leak, among the largest ever to affect the CIA, showed the agency could hack smart TVs, Skype accounts, and lots of common web applications.

A former Central Intelligence Agency computer engineer has been convicted of leaking a large tranche of classified material that revealed some of the agency's most powerful hacking techniques. Joshua Schulte, 33, worked for an elite software team within the CIA when he stole a cache of documents in 2016 and shared them with Wikileaks, which published the material in 2017. It was one of the worst breaches in the CIA's history.

Schulte was found guilty of nine charges, including illegally gathering and distributing national defense information, by a federal jury in Manhattan on Wednesday. The convictions could net him up to 80 years in prison.

[...] "Vault 7" consisted of some 9,000 pages and shed light on a host of creepy hacking techniques used by the agency. The leak demonstrated that the CIA had developed the capability to hack into smart TVs and turn them into a surveillance devices (very 1984), that it had enlisted a previously unknown army of hackers, and that those keyboard warriors work around the clock to penetrate all sorts of smart phones, operating systems, popular communication services like Skype, and even common anti-virus software. According to Wikileaks, the CIA also "hoarded" zero-day vulnerabilities—unknown bugs that could be exploited to gain access to technical systems with extreme speed. The government says that these tactics are used to break into the networks of terrorists and foreign adversaries.

Original Submission