A former CIA computer programmer has come under suspicion for facilitating the largest loss of the spy agency’s documents – a devastating and embarrassing public leak of its cyber weapons arsenal, according to court documents. Schulte was involved in that leak,” one of Schulte’s attorneys said, according to the court transcript. According to the Times, prosecutors said in court last week they plan to file a new A former CIA computer programmer has come under suspicion for facilitating the largest loss of the spy agency’s documents – a devastating and embarrassing public leak of its cyber weapons arsenal, according to court documents.
But the former government employee, Joshua Adam Schulte, has not been charged with stealing or passing along the secret documents. Instead, he is being held in a New York City jail on child pornography charges as law enforcement continues to investigate how the cache of files were shuttled to WikiLeaks, the activist site that posted the purloined documents in March 2017.
Meanwhile, Schulte’s lawyers have protested that numerous government search warrants that gave investigators access to the suspect’s personal electronic devices were based on false information and failed to turn up “any connection to the WikiLeaks investigation,” according to a court hearing transcript from January.
Government prosecutors disputed the characterization, countering in the hearing that Schulte “remains a target of that investigation.”
Schulte first came to the attention of investigators just days after WikiLeaks initially posted the cache, known as Vault 7, which contained roughly 8,000 documents detailing how the CIA could transform smartphones and even internet-connected TVs into spying devices.
“The FBI believed that Mr. Schulte was involved in that leak,” one of Schulte’s attorneys said, according to the court transcript. The Washington Post first reported the court filing linking Schulte to the leak, and the Post and The New York Times reported his CIA employment.
By April or May, authorities “had full access to his computers and his phone.”
It was during these searches that the authorities apparently found child pornography, according to court documents.
It’s unclear what will now happen with Shulte’s case, and whether the government will eventually bring charges related to the Vault 7 theft. According to the Times, prosecutors said in court last week they plan to file a new indictment in the next 45 days.
Just because leak charges haven’t been brought yet “does not necessarily suggest that the federal investigation into the latter has stalled,” said Bob Cattanach, a former Justice Department lawyer and a partner at the law firm Dorsey & Whitney.
If Shulte is found to be responsible for the Vault 7 theft, it would represent a major victory for U.S. intelligence agencies, which have struggled to keep a lid on their most sensitive documents in recent years – and to publicly explain how the most embarrassing breaches occurred.
Recent leaks from both the CIA and the National Security Agency have particularly rattled the intelligence community as they came after the Obama administration installed new provisions to clamp down on insiders shuttling secrets out of the building. The moves came after former NSA contractor Edward Snowden exposed the government’s hidden surveillance apparatus and former Army soldier Chelsea Manning pilfered a massive trove of military and diplomatic secrets.
Despite these initiatives, authorities have arrested several high-profile leakers in the last two years, including Harold Martin III, another NSA contractor, who agreed to plead guilty earlier this year to stealing years’ worth of classified materials. Another contractor, Reality Winner, told prosecutors that she used her pantyhose to smuggle out a report on Russian election hacking from an NSA office.
And most recently, Reynaldo B. Regis agreed to plead guilty for stealing classified information from the CIA and then lying about it to investigators. Regis, a contractor, spent a decade conducting unauthorized searches in classified CIA databases, then copying secret information into personal notebooks that he took home, according to prosecutors.
Separately, a mysterious online group known as Shadow Brokers has been intermittently posting the NSA’s hacking tools, an incident that has bedeviled researchers and will cost the NSA millions of dollars as it rebuilds its cyber arsenal. Some digital experts suspect the Shadow Brokers are a front for Russian intelligence.
Schulte, who also worked at NSA before joining the CIA to work for a unit that designs digital espionage software, left the intelligence community in 2016 for a job in the private sector, according to the Post.
According to court documents, federal prosecutors claim Schulte had child pornography on a server he created in 2009 for a business he ran while he was a student at the University of Texas.
Legal experts said charging a leak suspect with other crimes is not unheard of – in fact, it can be a way to give prosecutors time to develop more sensitive charges related to classified materials.
“The classic problem associated with prosecuting highly sensitive national security crimes is that the government may be required to disclose even more sensitive national security information as part of the prosecution,” said Cattanach, the former DOJ attorney. “Rather than doing so, prosecutors may elect to detain the suspect on unrelated charges – assuming they exist – while they run the delicate calculus of determining how much national security information they want to disclose in order to gain a conviction.”
Cattanach said such choices are “typically made at the highest levels” at DOJ and the CIA and require “significant intelligence analysis to assess the risks and rewards of proceeding with a prosecution.”