Text / chestnut, Guo Yizhen
Source: Qubit (ID: QbitAI)
The most serious case of confidential disclosure in the history of the United States is actually Russia's help?
Not only, it can even be said that the Russians found it.
August 2016,Kaspersky LabTwo researchers who received a tweet from TwitterHAL999999999Encrypted private message.
The two men stalked and found the identity clues of the account owner, pointing directly to the US intelligence department.
At the time, there was an incident in which the National Security Agency's (NSA) secret hacking tools were hanged on online auctions. Kaspersky Lab reported the information to the NSA.
In the end, a leaking incident involving 50 TB of confidential data and a time span of 20 years emerged from the surface, known as Snowden II.Harold · MartinReturned to the case.
Ironically, the NSA has always regarded Kaspersky Lab as a major hidden danger in the United States. Kaspersky employees live under the supervision of US intelligence agencies throughout the day. Instead, they provided intelligence to the Americans.
The information about the gun is leaking
US media POLITICO reported that on August 13, 2016, Twitter account HAL999999999 sent two encrypted private messages to two researchers at Kaspersky Lab.
At first, they did not notice the two private letters. After all, without paying attention to the other party, the message goes directly to the request folder.
Three days later, the researchers on the vacation discovered the private message:
One is to ask for a dialogue with “Yevgeny"; the other is "Shelf life, three weeks" & rdquo;.
Yevgeny Kaspersky is the name of the CEO of Kaspersky Lab (Given Name).
During the same period, NSA's confidential hacking tools were sold by anonymous organizations “Shadow Brokers” and sold on the Internet in 10 bitcoins (then worth $24,000). The news is overwhelming.
The researchers also saw the news, compared the time of the private letter, and found that it was 30 minutes before the NSA hacking tool leaked online.
In addition, there is a man's back on the avatar of the mysterious account, and a CD with the words TAO2.
TAO, Tailored TAO is short for Tailored Access Operations, which is a highly confidential department under the NSA.
The researcher replied to the private message and asked if there was any encryption key that could be used to contact, but found that the other party was blacked out and the private message could not be sent out.
Perhaps it was the drive of curiosity that could not be contacted, and the researchers began investigating the identity of the account owner.
First, Google searched for an unspoken website with a treaty cannon advertisement, also published by a user named HAL999999999. The user has a real photo (it turns out to be Martin himself).
Continuing the search, the researchers found a LinkedIn account called Hal Martin. According to personal data, he is a researcher at Annapolis Junction and a technical consultant and investigator for “aggressive network issues”.
The information does not directly indicate the NSA, but shows that Hal Martin has served as a consultant to the US Department of Defense and Intelligence.
So the two handed over the information they found to the National Security Agency (NSA).
In the same year, Martin · Harold was arrested and his work in the TAO department was verified. The FBI applied for a search warrant for Martin’s house and property, using Twitter’s private letter as evidence.
During the 20 years from 1996 to 2016, he hijacked up to 50 terabytes of confidential data and has not been discovered.
Stewart Baker, who served as NSA's general counsel in the 1990s, said that before everyone thought that the review mechanism had been updated, Martin was discovered.
The emergence of Kaspersky became a wonderful turning point in this case, which means that the intelligence department did not have the ability to monitor internal personnel for self-stealing.
Obama and the Trump administration have also accused Kaspersky and Russian intelligence agencies of colluding with the stealing of NSA secrets.
Even this time Kaspersky helped the US government catch Martin, it is difficult to lift people's suspicions: they may still be used by Russian intelligence agencies in the future.
50TB stealing case
The leaked protagonist Martin, a 1964-born uncle, lives in Maryland.
He served on the US Navy's Seattle carrier and received the Kuwait Liberation Medal. Later, Martin was transferred to the US Marine Corps, where he had access to some confidential information from the United States.
After retiring from the Navy, Martin has changed seven jobs, but his career has been stable in the intelligence community. The company's clients are government departments, so they can also access US state secrets, including the use of some US government-defined internal standards. Hacking software.
When he was in trouble, he wasBoss Allen ConsultingEmployees. This company is a US defense project contractor. Before Martin, the company’s most famous employee was the protagonist of the prism.Edward · Snowden.
Since August 1996, Martin has been stealing confidential information from the National Security Agency (NSA), the US Central Intelligence Agency (CIA), and the US Army's "Network Command", which covers how the US National Security Agency invades foreign countries. Computers, information on how to protect American computer systems, and information about extremists and terrorists, and the strengths and weaknesses of US military cyber operations.
In addition, Martin was one of the members of the National Security Bureau's “Top Hacking Team” & rdquo; “Specific Invasion Team”, a team responsible for creating and using specific software to invade foreign computer systems and steal foreign intelligence. During this team work, Martin also quietly remembered the way they work.
It is equivalent to saying that the US security department is stealing information from abroad, and Martin is stealing information from the US security department.
The total amount of these materials reached 50TB. However, Martin did not expose the information to the media like Snowden, but hid it in his own home and in the car—— this also led Martin’s lawyer to explain to him after the incident. Martin is just a bit of a psychological problem. It is a collection of jealousy and is not prepared to disclose state secrets.
It was not until August 2016 that Martin’s collection activities took place 20 years later. The FBI and SWAT special police units formed a squad of more than 20 people, and they were fully armed and ran to the Martin home to search.
△ Martin's wife is not good for the whole person.
The squad had been searching at Martin's house until three or four in the morning, and Martin's neighbors found that there were several vans in the house. They found thousands of pages of paper-based documents, as well as electronic versions of files on dozens of computers, including six documents from sensitive intelligence.
After that, they handcuffed Martin and took it away.
The 50TB of information seized by the FBI and SWAT Special Police Forces also includes the cyber attack tool “Equation Group” sold by Shadow Brokers.
The encryption of the equations is very complicated and was once suspected to be related to the National Security Agency. Kaspersky Lab called it "one of the most sophisticated cyberattack tools in the world" and likes to attack computers in Iran, Russia, Pakistan, Afghanistan, India, Syria and Mali, according to Kaspersky, as of 2015 The equations have launched at least 500 attacks in 42 countries.
However, there is no evidence that the equations sold by the shadow broker were obtained from Martin, so Martin was not charged with espionage.
The US security department was once again shocked. The Pentagon pressure put the then US President Barack Obama out of the National Security Director Michael · Rogers's job, but Obama did not agree. Martin himself was also accused of 20 counts for stealing US state secrets, and each of his charges could be detained for 10 years.
After two years of pulling back and forth in court, Martin finally pleaded guilty at the beginning of last year.
How a Russian firm helped catch an alleged NSA data thief
The United States has a Snowden 2.0
Harold T. Martin III
A ‘Sad Case’ Suspect, Scared Pale as Police Swarmed His House in N.S.A. Case
Ex-U.S. NSA contractor to plead guilty to massive theft of secret data