NSA contractor arrest highlights challenge of insider threat

FILE - In this June 6, 2013 file photo, the sign outside the National Security Agency (NSA) campus in Fort Meade, Md. A contractor for the National Security Agency has been arrested on charges that he illegally removed highly classified information and stored the material in his house and car, federal prosecutors announced Wednesday, Oct. 5, 2016. Harold Thomas Martin III, 51, of Glen Burnie, Maryland, was arrested by the FBI in August after authorities say he admitted to having taken government secrets. A defense attorney said Martin did not intend to betray his country. (AP Photo/Patrick Semansky, File)

WASHINGTON - The arrest of a former National Security Agency contractor for allegedly stealing classified information represents the second known case since 2013 of a government contractor being publicly accused of removing secret data from the intelligence agency.

The latest case comes as the NSA has worked to reform security after the Edward Snowden disclosures, especially with regard to insider threats.

Harold Thomas Martin III, 51, of Glen Burnie, Maryland, was arrested by the FBI in August, after federal prosecutors say he illegally removed highly classified information and stored the material in his home and car. A defence attorney said Martin did not intend to betray his country.

The arrest was not made public until Wednesday, when the Justice Department unsealed a criminal complaint that accused Martin of having been in possession of top-secret information that could cause "exceptionally grave danger" to national security if disclosed.

It's not yet clear when the documents were removed. But the fact that Snowden and Martin — both working for Booz Allen Hamilton as contractors for the NSA — were accused of leaving the NSA with highly classified documents raises questions about the effectiveness and adequacy of the intelligence agency's internal security controls. The NSA, which put security upgrades into place following the Snowden disclosures, has declined to comment.

"One key thing we don't have visibility into now is how he was caught, because that would provide some insight into whether the reforms that were put in post-Snowden were effective or not, or their relative efficacy," said Rajesh De, who was the NSA's general counsel when the Snowden story broke. Snowden's 2013 theft of documents that were leaked to journalists revealed the NSA's bulk collection of millions of Americans' phone records.

Rep. Adam Schiff of California, the senior Democrat on the House Permanent Select Committee on Intelligence, said in a statement that "it is painfully clear that the intelligence community still has much to do to institutionalize reforms designed to protect (U.S. government secrets) from insider threats."

White House spokesman Josh Earnest said the federal government has made important changes since Snowden's disclosures. He said the government has reduced the number of people who need security clearances by 17 per cent and has enhanced the quality of background checks.

Martin's arrest appears to illustrate the difficulty of guarding against an insider threat given that employees, by virtue of their clearance level and jobs, must be entrusted with the nation's secrets.

It's unlikely that "you're going to be able to stop every incident of somebody taking documents if they're determined to do so. But the real question is how quickly can you detect it, how quickly can you mitigate the harm of any such incident," De said.

Adm. Mike Rogers, who heads the NSA, has repeatedly spoken since 2013 about efforts the agency has taken to ensure that such a thing doesn't happen again. He has said the agency tried to strike a balance so as to not overly upset workers who are law-abiding citizens with aggressive internal security mechanisms.

Among the classified documents found with Martin, the FBI said, were six that contain sensitive intelligence — meaning they were produced through sensitive government sources or methods that are critical to national security — and date back to 2014. All the documents were marked as classified information, an FBI affidavit says.

The complaint does not specify which documents Martin is alleged to have taken. He was arrested around the same time U.S. officials acknowledged an investigation into a cyber leak of purported hacking tools used by the NSA. That toolkit consists of malicious software intended to tamper with firewalls, the electronic defences protecting computer networks. Those documents were leaked by a group calling itself the "Shadow Brokers." The complaint does not reference that group or allege a link to Martin.

The New York Times first reported the arrest of a NSA contractor who worked for Booz Allen Hamilton. Booz Allen said in a statement that after learning of the arrest of one of its employees, it contacted law enforcement authorities to offer its co-operation and fired the worker.

At Martin's home, investigators found stolen property valued at "well in excess of $1,000," the complaint said.

"Martin at first denied, and later when confronted with specific documents, admitted he took documents and digital files from his work assignment to his residence and vehicle that he knew were classified," the affidavit says. "Martin stated that he knew what he had done was wrong and that he should not have done it because he knew it was unauthorized."

He has been in custody since his arrest in August. The complaint charges him with unauthorized removal and retention of classified materials and theft of government property.

"There is no evidence that Hal Martin intended to betray his country," his public defenders, James Wyda and Deborah Boardman, said in a statement. "What we do know is that Hal Martin loves his family and his country. He served honourably as a lieutenant in the United States Navy, and he has devoted his entire career to serving his country. We look forward to defending Hal Martin in court."

Dinah Winnick, director of communications at the University of Maryland, Baltimore County, confirmed that Martin is a student in the university's information systems graduate program. The university has a partnership with the NSA, which gives students prospects for jobs, training and scholarship support. Martin enlisted in the U.S. Navy in 1987 and left the service in 2000, the Navy said.

In 2013, journalists relying on classified documents taken by Snowden revealed the NSA's bulk collection phone records and spurred a national debate on privacy and national security.

Rogers has said that since those revelations, he's repeatedly reminded the workforce of their agreement to never divulge the sensitive information they've been given access to. In prior comments, Rogers has said security isn't just about technical and insider threat preparation, but also about ensuring professional behaviour.

"At times, I have some people telling me, 'Hey, what this should show you is you can't trust contractors,' " Rogers said in a speech at Stanford University in 2014, noting that some of the biggest compromises of information came from direct U.S. employees. "This idea that you can't trust contractors, I just don't think I'm concerned about the long-term implications of that."


Associated Press writers Ben Nuckols, Nancy Benac and Deb Riechmann in Washington and Brian Witte in Glen Burnie, Maryland, contributed to this report.


Follow Tami Abdollah at https://twitter.com/latams and Eric Tucker at https://twitter.com/etuckerAP.

ANDERSON: Why I voted against a rainbow crosswalk

Top News