Modern field guide to security and privacy

NSA arrest highlights struggle to prevent insider threats

Following Edward Snowden's leaks, the arrest of another former National Security Agency contractor who worked with the Washington firm Booz Allen Hamilton highlights the challenges the intelligence community faces in screening employees and contractors.

NSA/Handout via REUTERS
An undated aerial handout photo shows the National Security Agency (NSA) headquarters building in Fort Meade, Maryland.

When former National Security Agency contractor Edward Snowden disclosed classified US intelligence programs three years ago, the Obama administration set its sights on weeding out government employees and contractors likely to steal American secrets.

But on Wednesday unsealed court documents showed that the FBI arrested former NSA contractor Harold Thomas Martin in August on charges of stealing top secret information. Now, the spy agency faces renewed questions over how it screens workers for potential red flags.

"I thought the NSA had jumped through a lot of hoops to make sure Snowden wouldn't happen again. It doesn’t seem like it worked," says James Lewis, a senior fellow at the Center for Strategic and International Studies, a Washington think tank. "The people doing NSA work are NSA employees and they don't seem to be having any problems. The question is how do we build safeguards to make sure contractors don't slip the leash."

Mr. Snowden and Mr. Martin both worked for the private contractor Booz Allen Hamilton that provides a range of services to the US government. Sixty-nine percent of the company's nearly 23,000 employees work in roles requiring security clearances – some in highly classified roles in military and intelligence agencies. According to The Daily Beast, Martin once worked for the NSA's Tailored Access Operations unit, a secretive hacking group that is said to infiltrate foreign networks. 

The US government sought to crack down on insider threats before Snowden's disclosures. In 2011, soon after Chelsea Manning, a US Army soldier, provided the antisecrecy group WikiLeaks with hundreds of thousands of secret and sensitive State Department diplomatic cables and video footage of US soldiers killing civilians in Iraq, President Obama established the National Insider Threat Task Force – a delegation of intelligence community representatives aimed at limiting abuse of classified US government resources. The NSA also appointed a new director of counterintelligence in June 2014. 

It’s not clear what, if any, impact the information Martin allegedly took, including documents marked top secret and "many terabytes" of digital information, according to The New York Times, might have had on national security. It is also not clear if Martin was arrested in connection with the leak of alleged NSA hacking tools by the anonymous hacking group calling itself the Shadow Brokers. In that case, the hackers publicized supposed NSA computer code used to crack foreign networks. 

"This is the type of activity we take exceptionally seriously," Lisa Monaco, the White House’s Homeland Security advisor said Thursday. "What this case and others have pointed out is that we can’t completely guarantee the elimination of the threat of a determined insider. I’m exceptionally concerned about anything or anyone who would jeopardize critical tools that we have."

The NSA declined a request for comment on this story. Booz Allen Hamilton, Martin's former employer, referred Passcode to its ethics manual in response to a question regarding how it screens employees. Martin was also enrolled in the Information Systems PhD program at the University of Maryland Baltimore County.

The news of Martin's arrest has also raised questions about his mental wellbeing. Roy Rada, a former Information Systems professor who told The Wall Street Journal he knew Martin at the University of Maryland, said Martin served in the military in the Middle East and had an "intense personal and professional interest in post traumatic stress disorder. 

"I do think the question of this potential mental illness, or extremely compromised judgment, brings up the question of how do you screen of who you trust," said Susan Hennessey, a former attorney in the office of the general counsel at the NSA who now works as managing editor of the national security website Lawfare. "There are ways to ensure that individuals can only access information they're supposed to access, but at a certain point you need to trust people."

It is not clear whether Martin suffered from post-traumatic stress disorder. Martin's wife told The New York Times that her husband is "a bit of a hoarder," who kept piles of books and papers stacked around his Glen Burnie, Md. home, and often brought work home after hours. But though the FBI's criminal complaint says Martin admitted to investigators that he took classified files, his lawyers say questions about his patriotism are unwarranted.

"There is no evidence that Hal Martin intended to betray his country," Martin’s lawyer told the Journal. Martin has not been charged with espionage-related crimes, like Snowden and Chelsea Manning, who provided sensitive information to WikiLeaks, before him.

Still, experts say that another case involving an NSA contractor with top secret clearance is proof enough that the insider threat problem remains difficult to solve. 

"When it comes to insider threat, the dirty secret is just how hard it is," said Ms. Hennessey. "It's just not clear how to resolve those issues."

You've read  of  free articles. Subscribe to continue.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.