Mediaboss Marketing

A former NSA contractor was indicted by a federal grand jury on charges of stealing elite cyberweapons and sensitive government data over the course of 20 years.

According to the U.S. Department of Justice (DoJ) indictment, Harold Thomas Martin worked as a contractor for seven different companies during those 20 years. Each company, including Booz Allen Hamilton Holding Corp where former NSA contractor and whistleblower Edward Snowden also worked, was tasked with projects through the U.S. Department of Defense and the National Security Agency (NSA).

"Martin held security clearances up to top secret and sensitive compartmented information at various times, and worked on a number of highly classified, specialized projects where he had access to government computer systems, programs and information, including classified information," federal prosecutors wrote in a statement. "Over his many years of holding a security clearance, Martin received training regarding classified information and his duty to protect classified materials from unauthorized disclosure."

Leo Taddeo, CSO for Cryptzone, said it shouldn't be surprising that an NSA contractor could steal data for 20 years without anyone knowing.

"One of the challenges of protecting digital assets is that the owner doesn't always know he wasrobbed.That's not the case with say, a TV or a car.If those items are stolen, the victim notices the empty parking space or blank spot on the wall pretty quickly and calls the police," Taddeo told SearchSecuirty via email."Digital evidence can be copied and 'stolen' without the owner ever knowing unless very specific safeguards are in place and regularly monitored."

Martin was arrested in October 2016 and law enforcement reportedly seized 50 TB of federal data from his home in Glen Burnie, Md. This data, which officials said could amount to the largest theft of classified federal information in history, included documents from U.S. Cyber Command, the CIA and cyberweapons from the NSA's elite hacking team -- the Office of Tailored Access Operations (TAO) -- all stolen while Martin was an NSA contractor.

The DoJ's indictment charged Martin on 20 criminal counts, each of which could carry a maximum penalty of 10 years in prison. Federal officials have not commented on what Martin did with the stolen data, but former TAO agents confirmed NSA-made cyberweapons were leaked in a dark web auction by a group called the Shadow Brokers. It is still unclear what, if any, connection there is between Martin, the Shadow Brokers and the advanced persistent threat group, the Equation Group, which has been associated with using TAO exploits in the wild.

Willy Leichter, vice president of marketing for CipherCloud, based in San Jose, Calif. said insider threats are an issue for all enterprises.

"This latest news reinforces an unfortunate truth -- security has traditionally focused on securing the perimeter, but internal controls are often sorely lacking," Leichter told SearchSecurity. "Now that network perimeters are disappearing with cloud and mobile technology, it's forcing many organizations to look more carefully at their internal controls to classify and protect sensitive data."

Taddeo noted that recent NIST guidelines put in place following the OPM breach, which was blamed on an attack that used credentials stolen from a federal contractor, could help mitigate future issues like this.

"The new NIST guidelines are intended to ensure federal contractors, like Martin's employer, Booz Allen, have the proper safeguards in place," Taddeo said. "These security controls will help, but not guarantee, that this type of theft does not happen in the future."

Learn more about why mitigating insider threats remains a major concern.

Find out why the Shadow Brokers cancelled the auction of NSA cyberweapons.

Get info on how to address the Equation Group vulnerabilities.

See the rest here:
NSA contractor indicted for stealing elite cyberweapons over 20 years - TechTarget

MSNBC

New Russia revelations pose new problems for Trump's NSA MSNBC Michael Flynn, Donald Trump's National Security Advisor, has maintained close ties to Moscow in recent years, even getting paid by the Kremlin's propaganda outlet. It therefore caused quite a stir a month ago, when the Washington Post noted that Flynn ... and more »

Go here to see the original:
New Russia revelations pose new problems for Trump's NSA - MSNBC

Microsoft announced that the NSA has cleared Windows 10 and the Surface tablet for classified use. The company also teased security improvements that will be discussed at the annual RSA Conference next week, where security experts from all over the world will gather.

Being cleared for classified use could help Microsoft do business with government agencies, independent contractors, and other groups that handle sensitive data. A place on the NSA's list of approved devices also gives Microsoft bragging rights--and the company put 'em to good use in its blog post:

Our customers are the most security-conscious in the world and demonstrating our commitment to meeting their needs is incredibly important to us. Today, Im excited to share that both Windows 10 and Surface devices including Surface Pro 3, Surface Pro 4 and Surface Book have been added to the NSAs Commercial Solutions for Classified Programs (CSfC) list. The CSfC program listing demonstrates Windows 10, as well as Surface devices (the only Windows 10 devices currently on the list), when used in a layered solution, can meet the highest security requirements for use in classified environments.

But that doesn't mean Microsoft is done battening down the hatches of its software and hardware. The company also teased a number of security improvements that have either recently debuted or are expected to be released this year. These include more control over devices via Surface Enterprise Management Mode (SEMM), expanded device management, and updates to Windows Defender Advanced Threat Protection (WDATP), among others.

Many of those updates share a common goal: letting businesses use Windows 10 to control end points and defend against common threats. Microsoft said updates to SEMM will let companies disable a tablet's camera or microphone, for example, whereas updated Windows Analytics will let them know if software updates are being installed like they should be. To abuse the obvious pun--Windows is getting some bars, locks, and other reinforcements.

Microsoft also touted some of the operating system's existing features, such as Windows Hello, which allows people to sign in to their PC via facial recognition or fingerprint scan instead of a password. Combine that with a feature that automatically locks a PC when a paired smartphone leaves its vicinity--which is already available to Windows Insider program members--and Microsoft can help prevent careless mistakes on Windows 10 devices.

More information about these updates is available from Microsoft's blog post, and still more will be revealed in the days leading up to the RSA Conference that will run February 13-17. The bottom line is this: Windows 10 and Surface got a vote of confidence from the NSA, and over the next couple months, Microsoft will make it easier for businesses to manage their own security instead of relying on their employees' competence.

Read the original post:
Microsoft Gets NSA Approval For Windows 10 And Surface - Tom's Hardware

Federal prosecutors in Baltimore are expected to seek an indictment as early as this week against a former National Security Agency contractor who is accused of carrying out the biggest theft of classified information in U.S. history.

The indictment against Harold T. Martin III is expected to contain charges of violating the Espionage Act by willfully retaining information that relates to the national defense, including classified data such as NSA hacking tools and operational plans against a known enemy of the United States, according to individuals familiar with the case.

Martin, 52, was arrested Aug. 29 at his home in Glen Burnie, Md., and he has been held in a detention facility since. A U.S. District Judge last fall declined Martins request to be released from jail pending an eventual trial or resolution of the case, ruling that he was a flight risk.

In a complaint unsealed in October, the government charged Martin with felony theft of government property and the unauthorized removal and retention of classified materials, a misdemeanor. The prosecutors said then that they expected that the indictment would also include charges of violations of the Espionage Act, offenses that carry a prison term of up to 10 years for each count.

Such charges, prosecutors said, if run consecutively, could amount to a sentence as high as 30 years to life in prison.

The Justice Department declined to comment Monday.

In court hearings and filings, prosecutors have characterized Martins actions as highly damaging to national security. Over the course of 20 years working with various federal agencies, Martin took irreplaceable classified material on a breathtaking scale, said Zachary A. Myers, an assistant U.S. attorney with the District of Maryland, at a detention hearing in October.

Myers said Martin took many thousands of pages of classified material as well as 50terabytes of digital data, much of which has special handling caveats.

Martin previously worked in the Navy, leaving active duty in 1992 and then held a variety of tech jobs with government contractors. He worked at the NSA from 2012 to 2015, where he was an employee of the intelligence contractor Booz Allen Hamilton.

For some portion of that time, Martin was in the NSAs elite hacker unit, Tailored Access Operations, which makes and deploys software used to penetrate foreign targets computer networks for foreign espionage purposes.

Some U.S. officials said that Martin allegedly made off with more than 75percent of TAOs library of hacking tools an allegation which, if true, would be a stunning breach of security.

James Wyda, one of Martins defense attorneys, declined to comment.

His attorneys have previously portrayed him as a patriot who took material home to become better in his job, not to pass them to a foreign spy agency and betray his country. The desire to improve became a compulsion, Wyda argued at the detention hearing.

This is the behavior of a compulsive hoarder who could not stop gathering and possessing the documents he treasured, Wyda said.

Martins theft was discovered more than a year after another breach at TAO, in which a longtime employee was discovered to have taken without authorization significant quantities of the units hacking tools. The breach was not thought to be as serious as Martins, but it caused concern within the intelligence community.

See the original post here:
Prosecutors to seek indictment against former NSA contractor as ... - Washington Post

If the National Security Agency and Cyber Command were to split, NSA Executive Director Corin Stone explained thatany disagreements between the agencies would be decided by the secretary of defense and the director of national intelligence, to ensure fair judgment.

There have been conflicting opinions on the decision on whether to split the NSA from U.S. Cyber Command, which have traditionally operated as separate agencies under a dual-hat system with the same head. Stone said that Cyber Command is tasked with protecting Department of Defense networks, and the NSA conducts foreign signals intelligence and protects other national security systems, which are already separate jobs.

If the dual hat splits, it wont make a huge difference, frankly, Stone said in the Steptoe Cyberlaw Podcast last week.

Stewart Baker, former National Security Agency general counsel and partner at Steptoe & Johnson, questioned what would happen if the two agencies disagreed on a course of action. For example, how would the situation be resolved if Cyber Command wanted to take down an enemys network but the NSA wanted it to remain open because it was collecting useful intelligence information from the network.

It makes it more sensible to have a civilian head, Baker said, referring to the current head of both the NSA and Cyber Command, Adm. Michael Rogers.

Baker said that it would be unfair if the military branch, Cyber Command, received more authority from a leader with a military background.

Stone said that this wouldnt be the case because in the event of a disagreement between the different agencies, the two would voice their reasoning to the secretary of defense and the director of national intelligence, who would then make a decision together.

The NSA is also trying to monitor what information goes in and out of the agency without alienating employees.

The NSA has suffered from security leaks due to employeesEdward Snowden and Harold Martin, which has forced the agency to focus more on what data is leaving Fort Meade. The NSA has also had to consider intimidating its trustworthy employees during the dip in morale following these security leaks.

Its about defeating the enemy and making sure were not doing anything to enable [them], Stone said.

Snowden and Martin, both NSA contractors, were charged with stealing classified government information. Stone said that monitoring the movement of information has become more difficult with the use of flash drives and other technology that makes data mobile.

Any leaks, any unauthorized disclosures has an impact on morale, Stone said. Weve got a dedicated workforce. Theyre extremely sophisticated technical experts working very long hours on tough, tough problems, sometimes for years at a time and when someone is a peer or a colleague or someone they knew or someone they didnt know decides to break trust with the U.S. government, with the American people, and with their peers and colleagues, thats something that does deal a blow to morale.

Stone said that there has to be some layer of trust between the agency and employees because carrying flash drives has become commonplace and the agency cant inspect every one. Stone also said that the employees at NSA especially care about protecting citizen information.

The NSA is also working to increase transparency following these leaks by encouraging employees to discuss its mission with the public to be less of a mystery. This method also helps with hostile audiences, according to Baker.

If somebody is standing there and theyre talking like you, and they sound like you, and theyre just an ordinary person like you, its hard to hate them, Stewart said.

The NSAs current organizational system, which was revamped in 2016 under the name NSA21, integrates offensive and defensive cyber operations. Stone said that she believes that the focus on each side is balanced and allows the agency to tackle threats faster.

We have already seen more agility based on that integration, Stone said.

NSA has updated its goals in other ways, including fostering creativity and providing more support to its personnel throughout their careers. Stone said that the NSA has been supporting its employees by focusing on diversity efforts.

The NSA runs free GenCyber camps for students from elementary through high school to learn about cybersecurity. The NSA has also been reaching out to students at Historically Black Colleges, such as Morgan State University and Howard University, to consider careers at the agency.

Stewart said that the NSA already has some level of diversity because of the many different military and civilian backgrounds of its employees. Stone said there was more that could be done, but agreed in that respect.

We do have a level of diversity thats extraordinary, Stone said.

View original post here:
NSA Executive Explains Logistics of Possible Cyber Command Split - MeriTalk (blog)