Vulnerabilities / Threats //

Insider Threats

4/15/2010
02:44 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Former NSA Official Leaked Secrets Via Hushmail

The indictment returned in Maryland on Thursday suggests how easy it is to copy and paste secrets.

A former high-ranking National Security Agency (NSA) official was indicted on Thursday for retaining classified information, obstruction of justice, and making false statements, the Department of Justice said.

Thomas A. Drake, 52, worked as an NSA contractor from 1991 through about 2001, at which point he was hired by the agency as an employee, the indictment says. His security clearance was withdrawn around November 2007 and he resigned from the agency in April 2008.

The indictment alleges that in late 2005 or early 2006, Drake signed up for an account with Hushmail, which provides encrypted e-mail for secure online communication, and contacted a reporter for a national newspaper.

The reporter also signed up for Hushmail and the two allegedly proceeded to exchange information about secret government documents.

As a result of this collaboration, the reporter published a series of reports about the NSA that contained Signals Intelligence information, which involves the collection and analysis of foreign communications. Much of this work at the NSA is classified.

The indictment states that Drake "researched future stories [on behalf of the reporter] by e-mailing unwitting NSA employees and accessing classified and unclassified documents on classified NSA networks" and that he "copied and pasted classified and unclassified information from NSA documents into an untitled Word document, which, when printed, removed the classification markings," among other violations of the law.

Drake is alleged to have brought classified and unclassified documents home, scanned them, and e-mailed them without authorization.

"As alleged, this defendant used a secret, non-government e-mail account to transmit classified and unclassified information that he was not authorized to possess or disclose," said Assistant Attorney General Lanny A. Breuer, in a statement. "As if those allegations are not serious enough, he also allegedly later shredded documents and lied about his conduct to federal agents in order to obstruct their investigation."

Breuer said that such violation of the government's trust must be prosecuted vigorously.

The maximum penalties for the charges are: 10 years in prison for retention of classified documents, 20 years in prison for obstruction of justice, and five years in prison for making false statements. Each of the ten charged counts carries a maximum fine of $250,000.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Want Your Daughter to Succeed in Cyber? Call Her John
John De Santis, CEO, HyTrust,  5/16/2018
Don't Roll the Dice When Prioritizing Vulnerability Fixes
Ericka Chickowski, Contributing Writer, Dark Reading,  5/15/2018
Why Enterprises Can't Ignore Third-Party IoT-Related Risks
Charlie Miller, Senior Vice President, The Santa Fe Group,  5/14/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "Security through obscurity"
Current Issue
Flash Poll
The State of Ransomware
The State of Ransomware
Ransomware has become one of the most prevalent new cybersecurity threats faced by today's enterprises. This new report from Dark Reading includes feedback from IT and IT security professionals about their organization's ransomware experiences, defense plans, and malware challenges. Find out what they had to say!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-8142
PUBLISHED: 2018-05-21
A security feature bypass exists when Windows incorrectly validates kernel driver signatures, aka "Windows Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-1035.
CVE-2018-11311
PUBLISHED: 2018-05-20
A hardcoded FTP username of myscada and password of Vikuk63 in 'myscadagate.exe' in mySCADA myPRO 7 allows remote attackers to access the FTP server on port 2121, and upload files or list directories, by entering these credentials.
CVE-2018-11319
PUBLISHED: 2018-05-20
Syntastic (aka vim-syntastic) through 3.9.0 does not properly handle searches for configuration files (it searches the current directory up to potentially the root). This improper handling might be exploited for arbitrary code execution via a malicious gcc plugin, if an attacker has write access to ...
CVE-2018-11242
PUBLISHED: 2018-05-20
An issue was discovered in the MakeMyTrip application 7.2.4 for Android. The databases (locally stored) are not encrypted and have cleartext that might lead to sensitive information disclosure, as demonstrated by data/com.makemytrip/databases and data/com.makemytrip/Cache SQLite database files.
CVE-2018-11315
PUBLISHED: 2018-05-20
The Local HTTP API in Radio Thermostat CT50 and CT80 1.04.84 and below products allows unauthorized access via a DNS rebinding attack. This can result in remote device temperature control, as demonstrated by a tstat t_heat request that accesses a device purchased in the Spring of 2018, and sets a ho...