It was just a matter of time before it was going to happen again. An NSA contractor working for Booz Allen Hamilton, Harold Thomas Martin III, has been arrested for breaching classified documents. Not since Edward Snowden in 2013 has there been a public disclosure of an insider attack from the NSA. This time, however, the hacker leaked highly classified “source code” developed by the agency to hack into computer systems of foreign adversarial nations.
According to the New York Times, the arrest was made on August 27th, 2016 and the FBI, “Is investigating whether he stole and disclosed highly classified computer codes developed to hack into the networks of foreign governments.” The leakage of classified information, regardless of the data type and ramifications of exposure, represents the second time in three years that a successful insider has compromised the NSA.
Trust But Verify? Or Trust No One?
While some security experts dismiss the realities of the insider threat to not include hackers, the truth is that when you trust someone to do the right thing, you may find out they actually had different intentions. Good people can intentionally do bad things even if they believe they are right. Edward Snowden believes he did the right thing but in reality, he violated his oath and committed espionage regardless of personal beliefs for the greater good. Those are plain facts by definition, and the insider threat really should include any trusted user that commits an action associated with a risk regardless of their intentions. They are insiders after all.
BeyondTrust will continue to monitor this story and detail the events as they unfold. If you want to learn more about insider threats and how to protect against them, whether the user’s actions are intentional or not, watch this 2 minute video. At BeyondTrust, we can help mitigate insider threats by providing visibility and control over privileged user access.
Morey J. Haber, Chief Technology Officer and Chief Information Security Officer at BeyondTrust
Morey J. Haber is Chief Technology Officer and Chief Information Security Officer at BeyondTrust. He has more than 25 years of IT industry experience and has authored four Apress books: Privileged Attack Vectors (2 Editions), Asset Attack Vectors, and Identity Attack Vectors. In 2018, Bomgar acquired BeyondTrust and retained the BeyondTrust name. He originally joined BeyondTrust in 2012 as a part of the eEye Digital Security acquisition. Morey currently oversees BeyondTrust strategy for privileged access management and remote access solutions. In 2004, he joined eEye as Director of Security Engineering and was responsible for strategic business discussions and vulnerability management architectures in Fortune 500 clients. Prior to eEye, he was Development Manager for Computer Associates, Inc. (CA), responsible for new product beta cycles and named customer accounts. He began his career as Reliability and Maintainability Engineer for a government contractor building flight and training simulators. He earned a Bachelor of Science degree in Electrical Engineering from the State University of New York at Stony Brook.