Connect with us

Hi, what are you looking for?



Minor Convictions for Ex-CIA Coder in Hacking Tools Case

A former CIA software engineer accused of stealing a massive trove of the agency’s hacking tools and handing it over to WikiLeaks was convicted of only minor charges Monday, after a jury deadlocked on the more serious espionage charges against him.

A former CIA software engineer accused of stealing a massive trove of the agency’s hacking tools and handing it over to WikiLeaks was convicted of only minor charges Monday, after a jury deadlocked on the more serious espionage charges against him.

Joshua Schulte, who worked as a coder at the agency’s headquarters in Langley, Virginia, was convicted by a jury of contempt of court and making false statements after a four-week trial in Manhattan federal court that offered an unusual window into the CIA’s digital sleuthing and the team that designs computer code to spy on foreign adversaries.

After deliberating since last week, the jury was unable to reach a verdict on the more significant charges. They had notified U.S. District Judge Paul A. Crotty on Friday that they had reached consensus on two counts, but were unable to reach a verdict on eight others.

After they were instructed to resume deliberations Monday, jurors sent a note saying they were “extremely deadlocked.”

The verdict inspired smiles by Schulte and his lawyer, Sabrina Shroff, who described the charges he was convicted of afterward as “the most inconsequential.”

One juror said as she left the courthouse that the jury was always split down the middle on the most serious counts, although the jury was composed of only 11 people after one juror was dismissed last week when she told the panel she had come across news about the Schulte case before the trial.

Juror Alexis Anthony said she never thought the evidence was strong enough to convict Schulte of espionage-related charges.

“For me, I never felt the burden of proof was proved,” she said.

Advertisement. Scroll to continue reading.

Prosecutors portrayed Schulte as a disgruntled software engineer who exploited a little-known back door in a CIA network to copy the hacking arsenal without raising suspicion, in what was said to be the largest leak in CIA history involving classified information.

It was only after the anti-secrecy group WikiLeaks published the so-called Vault 7 leak in 2017 — nearly a year after the theft — that the agency scrambled to determine how the information had been stolen. It identified Schulte, a 31-year-old originally from Lubbock, Texas, as the prime suspect.

Schulte had left the agency on stormy terms after falling out with colleagues and supervisors, and prosecutors described the leak as an act of revenge.

The data dump revealed CIA efforts to hack Apple and Android smartphones and even described efforts to turn internet-connected televisions into listening devices.

“These leaks were devastating to national security,” Assistant U.S. Attorney Matthew Laroche told jurors. “The CIA’s cyber tools were gone in an instant. Intelligence gathering operations around the world stopped immediately.”

But the defense said the prosecution failed to present a clear case or show how they could be sure Schulte was the culprit.

Even after presenting a month of testimony, 18 witnesses and more than 1,000 exhibits, “the government still is not able to answer for you the very basic questions,” Shroff told jurors on Schulte’s behalf. “There are more questions now than when this trial first began.”

Shroff argued that investigators could not be sure who took the data because the CIA network in question “was the farthest thing from being secure.”

“Hundreds of people had access to it,” she said. “Hundreds of people could have stolen it.”

Prosecutors said Schulte, after being arrested in New York, attempted to leak even more classified information using a contraband cellphone that had been smuggled into the Metropolitan Correctional Center. They said he declared an “information war” and was “prepared to burn down the United States government.”

Written By

Click to comment


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Gain valuable insights from industry professionals who will help guide you through the intricacies of industrial cybersecurity.


Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.