It was just a matter of time before it was going to happen again. An NSA contractor working for Booz Allen Hamilton, Harold Thomas Martin III, has been arrested for breaching classified documents. Not since Edward Snowden in 2013 has there been a public disclosure of an insider attack from the NSA. This time, however, the hacker leaked highly classified “source code” developed by the agency to hack into computer systems of foreign adversarial nations.
According to the New York Times, the arrest was made on August 27th, 2016 and the FBI, “Is investigating whether he stole and disclosed highly classified computer codes developed to hack into the networks of foreign governments.” The leakage of classified information, regardless of the data type and ramifications of exposure, represents the second time in three years that a successful insider has compromised the NSA.
Trust But Verify? Or Trust No One?
While some security experts dismiss the realities of the insider threat to not include hackers, the truth is that when you trust someone to do the right thing, you may find out they actually had different intentions. Good people can intentionally do bad things even if they believe they are right. Edward Snowden believes he did the right thing but in reality, he violated his oath and committed espionage regardless of personal beliefs for the greater good. Those are plain facts by definition, and the insider threat really should include any trusted user that commits an action associated with a risk regardless of their intentions. They are insiders after all. BeyondTrust will continue to monitor this story and detail the events as they unfold. If you want to learn more about insider threats and how to protect against them, whether the user’s actions are intentional or not, watch this 2 minute video. At BeyondTrust, we can help mitigate insider threats by providing visibility and control over privileged user access.