Harold Martin, government contractor for NSA, arrested for taking classified info home

New spy case? Harold Thomas Martin, 51 year old Navy vet working at Booz Allen on contract to NSA in Maryland stashed highly classified information (including SCI material) in his home in Glen Burnie and was secretly arrested on August 27.  No indication yet that he gave the information to a foreign state or organization. Will he take the HRC defense?

According to the DOJ news release, it seems he would get more years in jail for the theft of government property than for the unauthorized removal of classified info. Just hope the govt property wasn’t pens and paper, especially around start of the school year, if you know what I mean. Lot more people would be in trouble then.

Government Contractor Charged with Removal of Classified Materials and Theft of Government Property (DOJ)

Affidavit Alleges Classified Material Found in Defendant’s Home and Car

Baltimore, Maryland – A criminal complaint has been filed charging Harold Thomas Martin III, age 51, of Glen Burnie, Maryland, with theft of government property and unauthorized removal and retention of classified materials by a government employee or contractor.

According to the affidavit filed in support of the criminal complaint, Martin was a contractor with the federal government and had a top secret national security clearance.

Martin was arrested late on August 27, 2016. The complaint was filed on August 29, 2016, and unsealed today.

The criminal complaint was announced by United States Attorney for the District of Maryland Rod J. Rosenstein; Assistant Attorney General for National Security John P. Carlin; and Special Agent in Charge Gordon B. Johnson of the Federal Bureau of Investigation, Baltimore Field Office.

According to the affidavit, on August 27, 2016, search warrants were executed at Martin’s residence in Glen Burnie, including two storage sheds, as well as upon his vehicle and person. During execution of the warrants, investigators located hard copy documents and digital information stored on various devices and removable digital media. A large percentage of the materials recovered from Martin’s residence and vehicle bore markings indicating that they were property of the United States and contained highly classified information of the United States, including Top Secret and Sensitive Compartmented Information (SCI). In addition, investigators located property of the United States with an aggregate value in excess of $1,000, which Martin allegedly stole.

The complaint alleges that among the classified documents found in the search were six classified documents obtained from sensitive intelligence and produced by a government agency in 2014. These documents were produced through sensitive government sources, methods, and capabilities, which are critical to a wide variety of national security issues. The disclosure of the documents would reveal those sensitive sources, methods, and capabilities.

The documents have been reviewed by a person designated as an original classification authority, and in each instance, the authority has determined that the documents are currently and properly classified as Top Secret, meaning that unauthorized disclosure reasonably could be expected to cause exceptionally grave damage to the national security of the United States.

If convicted, Martin faces a maximum sentence of one year in prison for the unauthorized removal and retention of classified materials, and ten years in prison for theft of government property. An initial appearance was held for Martin in U.S. District Court in Baltimore on August 29, 2016. Martin remains detained. A criminal complaint is not a finding of guilt.

An individual charged by criminal complaint is presumed innocent unless and until proven guilty at some later criminal proceedings.

United States Attorney Rod J. Rosenstein commended the FBI for its work in the investigation and thanked the Maryland State Police for its assistance. Mr. Rosenstein thanked Assistant U.S. Attorneys Zachary A. Myers, Harvey E. Eisenberg and Trial Attorney David Aaron of the Justice Department’s National Security Division, who are prosecuting the case.

Harold Martin Criminal Complaint (pdf)

N.S.A. Contractor Arrested in Possible New Theft of Secrets (New York Times)

The F.B.I. secretly arrested a National Security Agency contractor in recent weeks and is investigating whether he stole and disclosed highly classified computer codes developed to hack into the networks of foreign governments, according to several senior law enforcement and intelligence officials. . .

. . . The information believed stolen by this contractor — who like Mr. Snowden worked for the consulting firm Booz Allen Hamilton, which is responsible for building and operating many of the agency’s most sensitive cyberoperations — appears to be different in nature from Mr. Snowden’s theft.

The contractor arrested in recent weeks is suspected of taking the highly classified “source code” developed by the agency to break into computer systems of adversaries like Russia, China, Iran and North Korea. Two officials said that some of the information the contractor is suspected of taking was dated. . . .

. . . . Officials said Mr. Martin did not fit any of the usual profiles of an “insider threat,” and it is unclear whether he had political motives, as Mr. Snowden did when he exposed programs that he said violated the privacy of American citizens.

An administration official said the case had been handled secretively not in order “to keep this guy from becoming another N.S.A. martyr,” but because it was a continuing law enforcement case and the hope was that Mr. Martin would cooperate. The official said investigators suspected that Mr. Martin might have taken the material before Mr. Snowden’s actions became public.

The official said that at the moment it did not look like an espionage case, but added the caveat that it is a continuing investigation. At the same time, the official said that investigators think Mr. Martin is not politically motivated — “not like a Snowden or someone who believes that what we were doing was illegal and wanted to publicize that.”

Motivation is one of many unanswered questions about the case. It is not clear when and how the authorities first learned the contractor’s identity, when they believe he began taking information, or whether he passed it to people outside the government. It is also not known whether he is believed to be responsible for a leak of classified N.S.A. code attributed to a group calling itself the Shadow Brokers, or whether he had any role in a series of leaks of N.S.A. intercepts involving Japan, Germany and other countries that WikiLeaks has published since last year.

“We’re struggling to figure him out,” the official said, speaking on the condition of anonymity because no indictment has been publicly released. . . . . (read more)

Government contractor arrested for stealing top secret data (Washington Post)

A federal contractor has been arrested and charged with stealing highly classified information from the U.S. government, authorities announced Wednesday.

Harold Thomas Martin III, 51, of Glen Burnie, Md., was charged with theft of government property and unauthorized removal and retention of classified materials, authorities said.

He was arrested in August after investigators searched his home in Glen Burnie and found documents and digital information stored on various devices that contained highly classified information, authorities said. Officials said the material was recovered from Martin’s car and two storage sheds on his property.

The exact nature of what was recovered is unclear, though a criminal complaint alleges that some documents were produced in 2014 and were “critical to a wide variety of national security issues.” . . .

. . .Military records and an online profile show that Martin was a decorated former Naval officer and reservist with a broad interest in cyber issues. His attorney said he was a Navy lieutenant, and records show he served for more than a decade, spending some years on the USS Seattle before ultimately ending his military career in the inactive reserves. Among the awards he received were a Joint Meritorious Unit Award, a Navy Expeditionary Medal and a National Defense Service Medal.

According to his LinkedIn profile, Martin was in a computing PhD program at University of Maryland, Baltimore County, and he had studied software and security engineering at George Mason University and economics and math at the University of Wisconsin. He wrote that his goal was “to advance state of the art in several areas of computing practices in the public/private sector.” . . . (read more)

Federal contractor from Glen Burnie charged with stealing top secret information (Baltimore Sun)

. . . Harold Martin, 51, was arrested in August and charged with theft of government property and unauthorized removal and retention of classified materials.

Investigators searched Martin’s home, two sheds and a vehicle on August 27 and found both hard copies of sensitive documents and digital information dating to 2014, prosecutors said. . .

. . . James Wyda, the federal public defender in Maryland, said he is representing Martin and that the charges only represented the first step in the process.

“There’s no evidence that Hal Martin has betrayed his country what we do know is that Hal Martin loves his family and his country he served this nation honorably in the US Navy and he has devoted his entire country to protecting his country,” Wyda said. “We look forward to defending Hal Martin in court.” . . . (Read more)

NSA Contractor Harold Martin Busted in Alleged Theft of Secret Docs (NBC News)

Navy veteran Harold Thomas Martin III of Glen Burnie, who had a top secret national security clearance, was arrested on Aug. 27, according to the Justice Department.

A search of his home and car turned up a trove of documents and digital files — a “large percentage” of them with highly classified information, some labeled Top Secret of Sensitive Compartmented Information, according to the federal criminal complaint.

“We take that type of conduct very seriously,” Assistant Attorney General John Carlin said at the CNBC Cambridge Cyber Summit, declining to discuss any motive for the theft.

“When you are a government employee you swear an oath to protect the information, knowing the damage revealing sources and methods can do to our ability to protect ourselves against foreign threats.”

Martin, 51, has been in custody since August. His attorneys, Jim Wyda and Deborah Boardman, said in a statement that there is no evidence their client “intended to betray his country.”

“What we do know is that Hal Martin loves his family and his country. He served his national honorably in the U.S. Navy as a lieutenant and he has devoted his entire career to protecting his country,” they said. . . . (Read More)

Same Hal Martin?

Lisa Conference speaker in December 2016

Hal MartinHal Martin is a Ph.D. student at the University of Maryland, Baltimore campus. His research interests lie primarily in computer security and large systems architectures. He is a 20+ year veteran of the Federal IT space around Washington, D.C., and his professional work has centered on system administration, implementing security architectures, certification and accreditation, Red Team activity, advanced capabilities development, and software assurance policy for various cyber initiatives.

Linked Presentation:

Virtual Interfaces for Exploration of Heterogeneous and Cloud Computing Architectures

 Wednesday, December 7, 2016 – 4:00pm4:45pm

Hal Martin, University of Maryland, Baltimore County


In recent years data center operations have evolved into extensive infrastructures that can support of a wide range of computing paradigms, from traditional application hosting and data storage to service oriented architectures (SOAs) and emerging cloud services. Offering various mixes of software, platform, and infrastructure as a service (SaaS, PaaS, IaaS), more recent advances in software defined networking (SDN), combined with ubiquitous computing and IP convergence (voice, video, data) on end-point devices such as smart phones and tablets, have only added complexity to the delivery of business services.

This situation is further complicated by recent waves of mergers and acquisitions of these services by competing firms. In the commercial sector this has resulted in the creation of hybrid infrastructure resulting from the combination of the many different post-merger sites. These conglomerations are a soup of disparate applications, operating systems, data storage, communications protocols and networking fabrics, with various service and maintenance arrangements. The result is that information technology departments are tasked with satisfying an ever expanding set of requirements and diversifying technical base. One of the most daunting tasks post aggregation is the initial discovery and remote evaluation of the newly acquired, unexplored, legacy data center and network computing resources by an IT staff.

When faced with performing discovery tasks, IT staff can be highly constrained by factors such as distance, time, risk identification, and knowledge from both a technology and corporate IT history standpoint. Research is required to understand the best practices for initial reconnaissance, combined with ongoing monitoring and analytics of the newly integrated infrastructure. This requires innovation in both system administration methods and tools. While there have been some recent commercial advances, these IT vendor tool suites are expensive, complicated, and require significant resources to deploy. Their code base and underlying methods remain proprietary. To advance the scientific understanding of these practices, we require assemblages of open source software tools and careful evaluation of human actors.

This effort is focused on advancing the discipline by two contributions. The first is developing an instrumented evaluation test bed that provides generic infrastructure services, general user activity, and advanced computing constructs (Cloud, Software Defined Networking, etc.) in a simulated data center environment (SDCE). It is intended to enable a wide class of independent and academic researchers the ability to simulate larger, more expense data centers by using open source software, academic licensing, and more affordable hardware. The second part is a Virtual, Interactive, Collaboration and Information Exchange Environment (VICkIEE), via an integrated virtual machine, for performing such evaluations. Combined, these two components can be used for validating various data center configurations, evaluation methodologies, and tool suites for use in this task. The VICkIEE is intended to be a real time, multi-tool, windowed UI with a shared collaborative interface to support multiple simultaneous system analysts. By remotely deploying the VICkIEE into a data center environment, operations can be performed with the same fidelity that local access provides.

Threats are Out There