It was just a matter of time before it was going to happen again. An NSA contractor working for Booz Allen Hamilton, Harold Thomas Martin III, has been arrested for breaching classified documents. Not since Edward Snowden in 2013 has there been a public disclosure of an insider attack from the NSA. This time, however, the hacker leaked highly classified “source code” developed by the agency to hack into computer systems of foreign adversarial nations.
According to the New York Times, the arrest was made on August 27th, 2016 and the FBI, “Is investigating whether he stole and disclosed highly classified computer codes developed to hack into the networks of foreign governments.” The leakage of classified information, regardless of the data type and ramifications of exposure, represents the second time in three years that a successful insider has compromised the NSA.
Trust But Verify? Or Trust No One?
While some security experts dismiss the realities of the insider threat to not include hackers, the truth is that when you trust someone to do the right thing, you may find out they actually had different intentions. Good people can intentionally do bad things even if they believe they are right. Edward Snowden believes he did the right thing but in reality, he violated his oath and committed espionage regardless of personal beliefs for the greater good. Those are plain facts by definition, and the insider threat really should include any trusted user that commits an action associated with a risk regardless of their intentions. They are insiders after all.
BeyondTrust will continue to monitor this story and detail the events as they unfold. If you want to learn more about insider threats and how to protect against them, whether the user’s actions are intentional or not, watch this 2 minute video. At BeyondTrust, we can help mitigate insider threats by providing visibility and control over privileged user access.
Morey J. Haber, Chief Security Officer, BeyondTrust
Morey J. Haber is the Chief Security Officer at BeyondTrust. He has more than 25 years of IT industry experience and has authored four books: Privileged Attack Vectors, Asset Attack Vectors, Identity Attack Vectors, and Cloud Attack Vectors. He is a founding member of the industry group Transparency in Cyber, and in 2020 was elected to the Identity Defined Security Alliance (IDSA) Executive Advisory Board. Morey currently oversees BeyondTrust security and governance for corporate and cloud based solutions and regularly consults for global periodicals and media. He originally joined BeyondTrust in 2012 as a part of the eEye Digital Security acquisition where he served as a Product Owner and Solutions Engineer since 2004. Prior to eEye, he was Beta Development Manager for Computer Associates, Inc. He began his career as Reliability and Maintainability Engineer for a government contractor building flight and training simulators. He earned a Bachelor of Science degree in Electrical Engineering from the State University of New York at Stony Brook.