How did one contractor steal 50TB of NSA data? Easily, say former spies

The massive theft of secret NSA data, thought to be the largest breach of classified data in US history, happened over two decades.
Written by Zack Whittaker, Contributor

(Image: file photo)

NSA whistleblower Edward Snowden might be the most well known leaker of secret government files. But it's contractor Harold Martin who may have carried out the biggest theft of classified information in US history.

Martin, 51, was arrested during an FBI raid on his home in late August. He was accused of stealing dozens of computers and thousands of documents, according to his recently unsealed indictment. The contractor siphoned off more than 50 terabytes of data -- or 50,000 gigabytes -- from government computers over two decades. What was initially a misdemeanor was quickly raised to espionage -- in part because of the vast amount of data he allegedly stole.

He faces 10 years in prison on each guilty charge.

It's not known how the authorities caught Martin. But what's an even bigger question is how he stole so much data -- and stayed undetected -- for so long.

Former employees at the NSA, who spoke on the condition of anonymity, said that Martin likely stole the files by simply walking out of the front door.

"The security folks there conduct random bag and purse checks on people leaving, but nobody does pocket checks," said one former employee, who spent almost 30 years at the agency in various jobs, before leaving late in the last decade.

"Anything that could fit in a pocket could go out undetected," the employee said.

A second employee, who left the agency at around the same time, agreed.

"Practically, it wouldn't scale to scan all of your employees," said the employee. "Think TSA at Ft. Meade," the employee said, hinting at how bad the system would be. About 30,000 employees work at NSA headquarters in Ft. Meade, Maryland, ensuring that it would take hours to screen every person leaving the building.

The second employee also noted that the vast majority of employees go through extensive vetting, so there's an inherent amount of faith in staff at the agency. James Clapper, the director of national intelligence, said in 2014 that there were no "mousetraps" to catch another leaker in the wake of the Snowden affair, because the agency's security is "based on personal trust."

The indictment didn't say exactly how Martin stole the data from NSA computers and servers because how those systems work are a closely-guarded national security secret.

When asked, the former employees gave their insights.

"Based on what he took, it would seem that [Martin] would've had to use USB drives," said the first employee. The size of USB storage has exponentially increased over the past two decades, according to market data, ensuring that Martin's alleged theft would have been a painstakingly slow process.

The second employee said it wouldn't be difficult to steal data -- noting that the NSA has "some of the best hackers on earth."

Almost anyone looking at this case has drawn parallels with the Snowden case because it's also not known how he smuggled out the trove of data from NSA systems. But according to one report, multiple intelligence community sources said all Snowden needed was "a few thumb drives and the willingness to exploit a gaping hole in an antiquated security system." One source was quoted as saying that the NSA in 2013 was "stuck in 2003 technology."

"I'm pretty sure they could find a way to do it [remove files] without detection," the employee said, without going into details, adding that the systems would likely not stop "a serious or mildly skilled insider."

An NSA spokesperson could not be reached on Friday.

In his indictment, Martin is said to have boasted in a letter found by the FBI about how he has "seen pretty much all [the NSA's] tech secrets [with regards to] to compusec." He added, hinting that the NSA's systems were not as secure as generally thought: "You are missing most of the basics in security practice, thinking you are the best. It's the bread and butter stuff that will trip you up. Trust me on this one."

Still, little is known about Martin. According to his LinkedIn page, he spent many years as a contractor and consultant, and worked as an engineering advisor for the Dept. of Defense.

It's also not known exactly what Martin took, given the majority of the data is classified, according to the indictment, or if he leaked any of the files to anyone else. It's no surprise that prosecutors want to keep Martin behind bars.

A hearing is expected later Friday in Baltimore on whether Martin will remain in prison or not.

Editorial standards