It was just a matter of time before it was going to happen again. An NSA contractor working for Booz Allen Hamilton, Harold Thomas Martin III, has been arrested for breaching classified documents. Not since Edward Snowden in 2013 has there been a public disclosure of an insider attack from the NSA. This time, however, the hacker leaked highly classified “source code” developed by the agency to hack into computer systems of foreign adversarial nations.
According to the New York Times, the arrest was made on August 27th, 2016 and the FBI, “Is investigating whether he stole and disclosed highly classified computer codes developed to hack into the networks of foreign governments.” The leakage of classified information, regardless of the data type and ramifications of exposure, represents the second time in three years that a successful insider has compromised the NSA.
Trust But Verify? Or Trust No One?
While some security experts dismiss the realities of the insider threat to not include hackers, the truth is that when you trust someone to do the right thing, you may find out they actually had different intentions. Good people can intentionally do bad things even if they believe they are right. Edward Snowden believes he did the right thing but in reality, he violated his oath and committed espionage regardless of personal beliefs for the greater good. Those are plain facts by definition, and the insider threat really should include any trusted user that commits an action associated with a risk regardless of their intentions. They are insiders after all.
BeyondTrust will continue to monitor this story and detail the events as they unfold. If you want to learn more about insider threats and how to protect against them, whether the user’s actions are intentional or not, watch this 2 minute video. At BeyondTrust, we can help mitigate insider threats by providing visibility and control over privileged user access.
Morey J. Haber, Chief Security Advisor
Morey J. Haber is the Chief Security Advisor at BeyondTrust. As the Chief Security Advisor, Morey is the lead identity and technical evangelist at BeyondTrust. He has more than 25 years of IT industry experience and has authored four books: Privileged Attack Vectors, Asset Attack Vectors, Identity Attack Vectors, and Cloud Attack Vectors. Morey has previously served as BeyondTrust’s Chief Security Officer, Chief Technology, and Vice President of Product Management during his nearly 12-year tenure. In 2020, Morey was elected to the Identity Defined Security Alliance (IDSA) Executive Advisory Board, assisting the corporate community with identity security best practices. He originally joined BeyondTrust in 2012 as a part of the acquisition of eEye Digital Security, where he served as a Product Owner and Solutions Engineer, since 2004. Prior to eEye, he was Beta Development Manager for Computer Associates, Inc. He began his career as Reliability and Maintainability Engineer for a government contractor building flight and training simulators. Morey earned a Bachelor of Science degree in Electrical Engineering from the State University of New York at Stony Brook.