A former Central Intelligence Agency (CIA) software engineer has been convicted of leaking classified information to whistleblowing website WikiLeaks, in one of the biggest such thefts in the United States spy agency’s history.
Joshua Schulte, 33, was convicted on last week by jurors in a Manhattan federal court for what the New York Times called “the largest loss of classified documents in the agency’s history and a huge embarrassment for C.I.A. officials.”
Schulte was found guilty of all nine charges stemming from the leak of CIA hacking files to WikiLeaks known as the “Vault 7” materials. The charges included eight counts of violating the Espionage Act and one obstruction charge for his attempt to leak classified information from prison.
Vault 7 was a collection of malware, viruses, trojans and “zero day” exploits that, once leaked out, were available for use by foreign intelligence groups, hackers and cyber extortionists around the world.
The release followed a disclosure of CIA targeting French political parties and candidates in the lead up to the 2012 presidential election.
Prosecutors said Schulte, who represented himself at the month-long trial and is now facing decades behind bars, was a resentful employee and leaked the 8,761 documents to harm the agency.
“Schulte was a CIA programmer with access to some of the country’s most valuable intelligence-gathering cyber tools used to battle terrorist organizations and other malign influences around the globe,” said Damian Williams, the US attorney in Manhattan.
“When Schulte began to harbor resentment toward the CIA, he covertly collected those tools and provided them to WikiLeaks, making some of our most critical intelligence tools known to the public – and therefore, our adversaries,” said Williams. “Moreover, Schulte was aware that the collateral damage of his retribution could pose an extraordinary threat to this nation if made public, rendering them essentially useless, having a devastating effect on our intelligence community by providing critical intelligence to those who wish to do us harm.”
Schulte graduated from the University of Texas at Austin in 2011 with a degree in computer engineering but he began working from January 2010 to May 2010, as a systems engineer by the National Security Agency (NSA), including time spent within the Technology Directorate.
Around the time that he ended his employment with the NSA, he began working for the CIA as a software engineer. By November 2016, he had left the CIA to move to New York, and, up until his arrest and detention on August 24, 2017, worked as a senior software engineer for Bloomberg LP.
The government alleged that Schulte, while in the course of making phone calls from prison sometime in May 2018, had distributed “Protected Search Warrant Materials to his family members for purposes of dissemination to other third parties, including members of the media,” some of which included classified information.
Schulte allegedly stole backup files from a program called Confluence on April 20, 2016, prior to the program’s hacking tools being leaked.
On March 7, 2017, WikiLeaks began to publish content code-named “Vault 7” that included confidential documents, dated from 2013–2016, such as details on the CIA’s software capabilities.
CIA has the ability to compromise cars, smart TVs, web browsers, and popular operating systems.
On May 15, 2018, the government “alerted the court to a violation, a potential breach of the protective order” in which “various search warrants and search warrant affidavits” were leaked to the press.
The government alleged that Schulte, while in the course of making phone calls from prison sometime in May 2018, had distributed “Protected Search Warrant Materials to his family members for purposes of dissemination to other third parties, including members of the media,” some of which included classified information.
In the government’s view, they considered this “a clear breach of the protective order. It is unacceptable, particularly unacceptable given that this defendant has a pattern of violating the Court’s orders.”
About a month later, on June 18, 2018, the grand jury issued a superseding indictment, adding ten more counts to the original three: illegal gathering of national defense information, illegal transmission of lawfully possessed national defense information, illegal transmission of unlawfully possessed national defense information, unauthorized access to a computer to obtain classified information, theft of government property, unauthorized access to a computer to obtain information from a department or agency of the United States, causing transmission of a harmful computer program, information, code, or command, making false statements, obstruction of justice, and criminal copyright infringement.
An additional superseding indictment was issued on October 31, 2018, which added two more charges—contempt of court, and illegal transmission and attempted transmission of unlawfully possessed national defense information—bringing the amount to a total of fifteen.
Outlined in a letter to the court later that day, the government revealed that Schulte had been—within a period sometime in early October 2018—discovered using “one or more smuggled contraband cellphones to communicate clandestinely with third parties” outside of New York’s Metropolitan Correctional Center, where he was being held, and that the grand jury had issued “dozens of subpoenas and pen register orders,” revealing that Schulte was using “approximately 13 email and social media accounts (including encrypted email accounts).”
You must log in to post a comment.