Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Tracking & Law Enforcement

CIA Coder Convicted of Massive Leak of US Hacking Tools

A former CIA programmer was found guilty in New York federal court Wednesday of the 2017 leak of the US spy agency’s most valuable hacking tools to WikiLeaks, two years after his initial prosecution ended in mistrial.

A former CIA programmer was found guilty in New York federal court Wednesday of the 2017 leak of the US spy agency’s most valuable hacking tools to WikiLeaks, two years after his initial prosecution ended in mistrial.

Joshua Schulte, 33, worked for the CIA’s elite hacking unit when he quietly took the “Vault 7” tools it uses to break into target computer and technology systems and, after quitting his job, sent them to the anti-secrecy group.

Vault 7 was a collection of malware, viruses, trojans, and “zero day” exploits that, once leaked out, were available for use by foreign intelligence groups, hackers and cyber extortionists around the world.

Prosecutors said Schulte was a resentful employee and leaked the 8,761 documents to harm the agency.

“Schulte was aware that the collateral damage of his retribution could pose an extraordinary threat to this nation if made public, rendering them essentially useless,” US Attorney Damian Williams said in a statement after the conviction.

The leak had “a devastating effect on our intelligence community by providing critical intelligence to those who wish to do us harm,” said Williams.

Schulte was an early suspect after WikiLeaks began publishing the secrets, but was quietly charged in September 2017 only with having a large cache of child pornography on his computer.

Later the charges related to the theft and transmission of national defense information, under the Espionage Act, were added.

In 2020 a jury convicted him on two lesser charges of lying and contempt of court, but it was hung on the other charges.

On Wednesday a new jury convicted Schulte on eight counts under the Espionage Act and one count of obstruction. Each of the espionage-related counts can bring up to 10 years in prison.

The leak, which stunned the CIA in March 2017, was called one of the most damaging losses of classified material ever experienced by the Central Intelligence Agency.

It spurred the government to consider tough action against WikiLeaks, which then-CIA director Mike Pompeo called a “hostile intelligence service.”

The US government then moved to indict WikiLeaks founder Julian Assange on espionage charges. Assange is currently in Britain fighting extradition to the United States.

Schullte still faces trial separately on the pornography charges.

ReadWikiLeaks Releases Details on CIA Hacking Tools

Written By

AFP 2023

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.

Register

Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.

Register

Expert Insights

Related Content

Cybercrime

No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Ransomware

The Hive ransomware website has been seized as part of an operation that involved law enforcement in 10 countries.

Ransomware

US government reminds the public that a reward of up to $10 million is offered for information on cybercriminals, including members of the Hive...

Cybercrime

Spanish Court agreed to extradite Joseph James O’Connor to he U.S., who allegedly took part in the July 2020 hacking of Twitter accounts of...

Cybercrime

A hacker who reportedly posed as the CEO of a financial institution claims to have obtained access to the more than 80,000-member database of...

Privacy

Employees of Chinese tech giant ByteDance improperly accessed data from social media platform TikTok to track journalists in a bid to identify the source...

Cybercrime

Russian Vladislav Klyushin made tens of millions of dollars by hacking into U.S. computer networks to steal insider information.