Prosecutors Have Discovered the Joshua Schulte Is a Hack-and-Leak Case, Not a Personnel Dispute

While I’ve been buried in the Mike Flynn beat, on Monday, there was a status hearing in the Joshua Schulte case.

There were three main news items in the hearing.

First, prosecutors revealed unsurprisingly that they’re going retry Schulte. More interesting, they said they planned to supersede the indictment against Schulte, alleging the same charges, but providing more information on them. They cited the notes from jurors, which made it crystal clear that the jurors were confused by the forensic testimony and how the charges related to that testimony. What the limits of Schulte’s legal access were seemed to be particularly confusing (something that is not sufficiently clear in the law anyway). At the time of both the initial Espionage indictment and the superseding one, the CIA was still trying to keep secret specifically what had been stolen when and how, but now that that’s public. I expect the superseding indictment to explain more clearly what was stolen and how Schulte allegedly exceeded his legal accesses to do that.

In discussions around that superseding indictment, prosecutor David Denton said something to the effect that grand juries are only available in emergencies. As far as the public record goes, however, grand juries aren’t available at all, so Denton’s disclosure was news. That only matters in the Schulte case insofar as he’s going to refuse most Speedy Trial exclusions (meaning prosecutors may be forced to find some way to start a new trial before COVID lockdowns end). But it’s an interesting admission more generally.

Finally, prosecutors said they didn’t think the retrial will take as long as his initial trial. In my summary of why the prosecution was in a remarkably weak position as the last trial went to the jury, I described how prosecutors had made it look like the Vault 7 breach was just a really nasty personnel dispute to which burning the CIA’s hacking abilities to the ground was just a side dispute.

Add that to the pace of the trial, which feels like a nasty employment dispute to which the massive breach of the CIA’s hacking tools became just a side-dispute. That’s often true of CIA trials — it certainly was for Jeffrey Sterling. But the long parade of CIA witnesses — Schulte’s buddy, two other colleagues, his boss, his boss’s boss, his boss’s boss’s boss, her boss, and then yet another boss, plus a CIA SysAdmin and a security guy — all describing a series of disputes escalating from a nerf gun fight to WikiLeaks burning the CIA’s hacking capabilities to the ground refocused the trial onto whether Schulte’s complaints had merit and not on what the forensic evidence showed.

And Sabrina Shroff did a superb job of defending not the forensic case (indeed, defense expert Steve Bellovin did not take the stand to float any of the alternate theories that Schulte has been offering for two years, and in so doing will leave Shroff to claim Michael could have accessed the backup without prosecutors having gotten him to admit that wouldn’t have worked), but instead arguing that her client was maligned by the entire CIA. The boss, the boss’s boss, the boss’s boss’s boss, the boss’s boss’s boss’s boss, and then the senior-most boss are all lined up against Schulte for being an asshole. She even defused utterly damning notes about working with Russia (which I’ll return to). From the transcripts, it seemed like Shroff rattled a good many government witnesses, too, and a number of them (one of the FBI agents and the classification expert, especially) seemed to come off as unresponsive as a result.

I expect prosecutors will shorten the trial by limiting this testimony to just the four or so people who have first-hand knowledge of Schulte’s actions (and in the retrial, the government won’t have to backpedal as they try to fix their late disclosure that Schulte’s buddy Michael had been put on paid leave by the CIA). If so, that should make it easier for prosecutors to focus on why the circumstantial forensic evidence strongly supports Schulte’s involvement.

All that said, prosecutors also seemed to be fighting jury nullification in Schulte’s trial, with at least two jurors who were determined to acquit Schulte no matter what other jurors said. That may be a WikiLeaks thing (one that would be far less likely to happen if this were tried in EDVA, which is why Julian Assange says he can’t get a fair trial in EDVA). But it also may be the case that CIA’s hacking department doesn’t make a very sympathetic hacking victim.

“ur submission form is too fucking slow, spent the whole day uploading 1 gb.”

As I noted, one of the Roger Stone-related warrant applications released last week includes more details on the communications between the Guccifer 2.0 persona and WikiLeaks leading up to the DNC release. Emma Best examines the filing from a perspective of how someone, purportedly with no prior relationship to WikiLeaks, would go about transferring even a marginally significant submission to WikiLeaks. Almost a month of back-and-forth transpires between the first contact with Guccifer 2.0 and the successful transfer of the DNC files.

A key exchange, however, happened on July 6, 2016. After Guccifer 2.0 inquires whether WikiLeaks received some documents Guccifer 2.0 sent, the persona gets cranky because it took so long to upload a 1 GB file to WikiLeaks submission system. [I’m using Best’s conversion of this filing into a nifty transcription.]

Guccifer 2.0: “fuck, [I] sent 4 docs on brexit on jun 29, an archive in gpg[.] ur submission form is too fucking slow, [I] spent the whole day uploading 1 gb”

WikiLeaks: “We can arrange servers l00x as fast. The speed restrictions are to anonymise the path. Just ask for custom fast upload point in an email.”

Guccifer 2.0: “will u be able to check ur email?”

WikiLeaks: “We’re best with very large data sets. e.g. 200gb. these prove themselves since they’re too big to fake”

Almost two weeks into this exchange, WikiLeaks says they can arrange for a custom server to transfer larger data sets — of around 200 GB.

These exchanges should, to a significant extent, be considered theater. Both sides of this conversation knew that the FBI would be watching all DMs between WikiLeaks and the Guccifer 2.0 persona. So it can’t be taken as a definitive indication of how any files get sent.

Still, it shows how WikiLeaks would respond, using the public communication accounts, to a request to submit data in July 2016.

That’s significant because it shows how things might have proceeded, two months earlier, when Joshua Schulte allegedly sent 1TB of data to WikiLeaks on May 1, 2016.

While the prosecution in Schulte’s case provided forensic evidence to explain when he stole the CIA files and sent them to WikiLeaks, key gaps remain (perhaps most notably, how he got the files out of his building, though that may be because of certain classification decisions). And because Schulte used Tails and wiped his devices afterwards, there’s no record of him actually sending the files.

Here’s how prosecutor Matthew Laroche described that process in his closing arguments.

Just as a general matter, you know this information was transmitted to WikiLeaks because they posted it on the internet. They obviously got it, and the question is when did he send it?

And that’s answered by what he did on the 30th and May 1. Let’s look at the evening of the 30th.

At 6:47 p.m., he is searching for Google history and Google view browsing history. He is concerned about what he’s been searching for. On the evening, that night, he is searching for digital disk-wipe utility on several occasions, and at 10:52 p.m., he visits a website Kill Your Data Dead With These Tips and Tools. The defendant is interested in finding out how to securely delete information that might connect him to the leak, anything that he might’ve brought home with the leak on it, anything that he might’ve used to transfer it.

And at 10:55 p.m., he runs a similar search for SSD wipe utility. And you’ll remember all those hard drives that were recovered from his home. He was wondering how to wipe them to make sure that there was no evidence of his activities.

Now, overnight, he continues working.

At 12:19 a.m., the defendant mounted his D drive onto his virtual machine, the same D drive that had those encrypted files, data2.bkp through data6.bkp. They’re in his D drive. He mounts his D drive.

Then, overnight, he is constantly looking at his computer. On at least four occasions, he is unlocking his virtual machine in the middle of the night: 1:57 a.m.; 2:34 a.m.; 2:56 a.m.; 3:18 a.m. He is doing that because he is transferring data and he wants to make sure it’s happened correctly. And you know that is the case because of the Google searches he runs at of the end the night and the early morning.

At 3:18 a.m., just after he unlocks his screen saver, the defendant searches for How Long Does It Take to Calculate MD5?

Remember, calculating an MD5 is a way to confirm that what you transferred from one place to another is the same, that it went correctly, that there were no errors. You calculate an MD5 to confirm that what you transferred transferred correctly, and that’s what he’s looking for at 3:18 a.m.

Then at 3:21 a.m., the defendant visits a website, How Can I verify That a 1TB File — one terabyte file — transferred correctly?

That description is based off this forensic testimony from Michael Berger.

Prosecutors described this as happening overnight. Overnight transmission of a 1TB file using WikiLeaks’ public submission site would be utterly impossible given the state of it at the time and the volume of data Schulte was transferring, and probably impossible regardless of how much time someone spent. Overnight transmission of 1TB of data using Tails, even to a dedicated server, would be difficult enough. Best describes that, “1 TB over Tor in one night is unlikely.”

The government timeline does have Schulte in possession of the data earlier than that, potentially giving him a week to transfer the data, with this process describing just the end of the process.

Still, the way this would happen, normally, would be for WikiLeaks to set up a dedicated server to accept the files. And that would take prior communication. Such communication likely would have happened over Jabber, not Twitter (Schulte’s opsec was piss poor in many ways but he did use Jabber).

Such a prior conversation is entirely consistent with testimony provided elsewhere, where prosecutors focused on the website’s alternative submission process.

But the seeming necessity for prior communication before this transfer happened suggests Schulte’s alleged theft and transfer of the files might not have been as reactive a decision as portrayed in his prosecution.

It would take premeditation to send WikiLeaks a 1TB file, whatever the timing. Prosecutors may know that, and have an explanation for when such prior communications happened, but they’re withholding those details for any of a number of reasons. Or it may be a big hole in this story. Schulte insists he didn’t do it and a jury failed to convict.

One way or another, however, the state of the WikiLeaks’ submission system as it existed in 2016 presents a big gap in prosecutors’ current story.

Update: Two important details for those trying to figure out how long this transfer would really take. First, Schulte ran a commercial server specifically focused on video streaming at the time, so his upload speeds would not limit the transfer time at all. Second, Schulte at least claimed that hiding data for exfiltration was his speciality. That by itself wouldn’t help him send stuff to WikiLeaks, at least not without prior contact. But it does mean that the means by which he transferred this file relied on tools he has developed at CIA.

King Josh in Jail, Part One: The Informant

The testimony on accused Vault 7 leaker Joshua Schulte’s conduct in MCC raised more questions than answers. So I want to do a series of three or four posts to look more closely at it (I’m using the term “King Josh” because it was one of his passwords at the CIA).

In this post I want to look at the jail house informant who is the publicly acknowledged basis by which prosecutors discovered that Schulte had a phone in jail, Carlos Bentances Luna Mera.

Betances is a 41 year old citizen of the Dominican Republic who twice migrated to the US without documentation, the first time in 1996 (he was deported in 2001), and then again around 2008. At some point, Betances married and had children. During both periods, he began to work as a low level cog in narcotics trafficking.

Betances was arrested on March 15, 2018 in conjunction with the trafficking. The only federal complaint unsealed in the docket is for illegal reentry, and in that magistrates docket, proceedings were continued in both April and May 2018, something that would happen if Betances were forgoing indictment and moving directly to a plea. Given his testimony, there must be a sealed criminal docket showing a guilty plea on nine counts covering multiple narcotics trafficking and conspiracy counts, illegal reentry, identity fraud, mail fraud, and taking a phone into jail.

That suggests that Betances flipped almost immediately, perhaps, at first, to cooperate against his network of suppliers. That’s consistent with an answer Betances gave when Schulte’s lawyer, Sabrina Shroff, suggested that cooperation on using a phone in jail, “was the most valuable to the government,” more than on all his narcotics charges. Betances responded, “Well, may I remind you that I had been cooperating before I talked to them?”

According to the testimony, Betances didn’t start spying on Schulte until sometime in summer 2018, at least four months after he was jailed, and didn’t first meet with prosecutors until September 2018. So the public story is that Betances got busted and flipped, managed to play a role in smuggling and hiding phones in jail that put him in a key spot to interact with Schulte and his cellmate, Omar Amanat (I’ll look at Amanat and his brother in the next post), and only after that happened witnessed something that led him to start taking pictures and videos of Schulte’s phone use. That went on for maybe a month before — aware that something big was going to go down in the library — Betances sent a note to the guards, who thwarted it. Some days later, Schulte was thrown in the SHU and a big hunt started for the phones and Schulte’s other activities in jail.

That thing that led Betances to prepare to inform on Schulte (again, per the testimony) is that one day sometime in the summer, Schulte said he wanted Russia’s help.

[W]e were in Chino’s cell [Chino was also part of the cell phone smuggling and sharing network] and I heard Josh saying that Russia had to help in in the things that he was doing.

Here’s how Betances described it on cross (through a translator) to a very dubious Sabrina Shroff:

Shroff: So anyway, it’s you who walks in when Mr. Schulte and Omar are talking, correct?

Betances: Yes, correct.

Shroff: And you walk in to give them a heads-up that somebody’s coming, correct?

Betances: Yes, correct.

Shroff: And just as you walk in, you hear him say the word “Russia,” correct?

Betances: That’s correct, yes.

Shroff: And that’s what prompts fear into you to go cooperate with the United States Attorney’s Office?

Betances: It sounded interesting to me.

Shroff: Right.

Hearing Schulte mention Russia led Betances to do a remarkable amount of surveillance on Schulte’s phones, which he stored for him behind his cell locker.

He took two pictures of the apps Schulte loaded onto the phone, and — per his testimony — got Schulte and Amanat to explain the function of WhatsApp, Signal, Proton Mail, Orbot, Turbo VPN, and Secure Delete. Betances also got pictures of the things Schulte was writing on his phone, including the initial emails to Shane Harris that would form part of the basis for the Espionage Act charges on which the jury was hung.

He took several videos of Schulte using his phone.

After having taken these pictures on September 1, Betances waited around three weeks before he alerted the guards that something big was going down in the library, and then was removed from MCC when guards found at least some of these phones in his cell.

Shroff: And before you decided to cooperate, you simply decided to take photos, is that your testimony?

Betances: Just to be clear with the defense attorney’s question in deciding to cooperate, when they were working on sending whatever they were going to send from the library, that’s when I decided to cooperate.

Shroff: My only question was when did you take this photograph?

Betances: In the summer of 2018.

Shroff: Right. Months before you’re now saying that you decided to cooperate, right?

Betances: Could you repeat that question? You confused me.

Shroff: You took the photo before you decided to cooperate, according to you, correct?

Betances: Yes, yes.

Shroff: Right. And you’re saying you just decided to take these photos for no reason at all, right?

Betances: May I remind you that the reason I took it was because I head the conversation that I heard?

According to his testimony on redirect, Betances did all this without government instruction.

Karamarju: Now, all of the photographs that you testified about, did the government tell you to take any of those photographs?

Betances: No.

The remarkable coincidence that a jailhouse informant would end up first smuggling in and then guarding her client’s illegal phones and then taking pictures from them is not the only thing Shroff was skeptical about. She also doubted the circumstances by which Betances exposed his wife to the risk of smuggling phones into jail as well as his ability — with little English — to figure out what Schulte was doing, to the extent he did.

Still, all that is explicable if Betances’ attorney negotiated a plea deal with narcotics prosecutors and the attorney coached Betances through how to dramatically increase the value of his cooperation by catching Joshua Schulte attempting to leak classified information from his jail cell.

Betances’ surveillance was critical to obtaining the jail warrants that would lead to the discovery of Schulte’s very damning prison notebooks, several phones, three of the Proton Mail accounts he was using, and his Signal traffic. And that’s just what prosecutors revealed in this case.

Betances met with prosecutors in Schulte’s case a bunch of times: first in September 2018, then October and December 2018, several times in 2019, and then perhaps five times in 2019.

None of that means Betances made this stuff up. He certainly doesn’t have the English skills to write those emails to Shane Harris. And while the evidence regarding Schulte’s comments about Russia are contradictory, there is corroboration for it.

But it does present a number of remarkable coincidences that just ended up providing Schulte the means to communicate “securely” from his jail cell, only to have that activity thwarted at the moment he attempted to act.

Judge Crotty Declares a Mistrial in Joshua Schulte Case

This morning, Judge Paul Crotty declared a mistrial in the Joshua Schulte case. Jurors found Schulte guilty on the two least serious charges — false statements and contempt — but didn’t even find him guilty of obstruction, to say nothing of the Espionage and CFAA charges tied to his alleged theft of the CIA’s hacking tools. A sentence on those two charges would not even amount to the time he has already served since being jailed in December 2018.

This is an absolutely stunning rebuke for the government on the most serious Espionage case in years, and an unbelievable success for Schulte’s lawyers, especially Sabrina Shroff.

The two sides will have a conference on March 26 to decide what to do. The government will certainly push to retry Schulte; Sabrina Shroff asked for an extended deadline to file motions. She may try to do something further about the government’s late notice that Michael, a key witness, got put on paid leave last August (though the government has argued compellingly that Michael’s underlying lack of candor has been noticed to the defense throughout). She also may make yet another bid to get more access to the forensics, something I’ve argued that the government should have permitted in the first place.

That said, I think the government’s failure in this case stemmed largely from too much focus on the CIA and too little focus on the (abundant) evidence against Schulte. In addition, they do not appear to have shown — via the abundant evidence available to them — that Schulte is a compulsive liar, and that exhibits that show Schulte offering alternate theories of the theft all fall flat.

Plus, there were problems with two jurors, problems that I think Judge Crotty did not adequately manage.

That is, I think the government can learn from its failures in this case. I wouldn’t be surprised, either, if the vaunted SDNY is forced to add a cybersecurity prosecutor to their team, to ensure that the forensic case is presented more clearly to jurors.

I highly doubt Schulte can pull this off a second time. If he can, it will be a remarkable comment on the government’s ability to obtain justice against insider threats.

How the Wyden/Khanna Espionage Act Fix Works (But Not for Julian Assange)

Last week, Ron Wyden and Ro Khanna released a bill that they say will eliminate much of the risk of prosecution that people without clearance would face under they Espionage Act. They claim the bill would limit the risk that:

  • Whistleblowers won’t be able to share information with appropriate authorities
  • Those appropriate authorities (including Congress) won’t be able to do anything with that information
  • National security journalists will be prosecuted for publishing classified information
  • Security researchers will be prosecuted for identifying and publishing vulnerabilities

I want to look at how the bill would do that. But I want to do so against the background of claims about how the bill would affect the ability to prosecute Julian Assange.

After explaining that under the bill Edward Snowden could still be prosecuted, the summary of the bill states in no uncertain terms that the government could still prosecute Julian Assange under the bill.

Q: How would this bill impact the government’s prosecution of Julian Assange?

A: The government would still be able to prosecute Julian Assange.

It doesn’t say how, but immediately after that question, it explains that the government could still prosecute hackers who steal government secrets.

Q: What about hackers who break into government systems and steal our secrets?

A: The Espionage Act is not necessary to punish hackers who break into U.S. government systems. Congress included a special espionage offense (U.S.C § 1030(a)(1)) in the Computer Fraud and Abuse Act, which specifically criminalizes this.

Khanna, in an interview with The Intercept, seems to confirm that explanation — that Assange could still be prosecuted under CFAA.

Khanna told The Intercept that the new bill wouldn’t stop the prosecution of Assange for his alleged role in hacking a government computer system, but would make it impossible for the government to use the Espionage Act to charge anyone solely for publishing classified information.

Indeed, that is sort of what Charge 18 against Assange is, conspiracy to commit computer intrusion, though, as written, it invokes the Espionage Act and theft of government secrets as part of the conspiracy (the Wyden/Khanna bill would limit the theft of government property bill in useful ways). Never mind that as charged it’s a weak charge for evidentiary reasons (though that may change in Assange’s May extradition hearing); it would still be available, if not provable given existing charged facts, under this bill.

But given the claims the US government makes about Assange, that may not be the only way he could be prosecuted under this bill. That’s because the bill works in two ways: first, by generally limiting its application to “covered persons,” who are people who’ve been authorized to access classified or national defense information by an Original Classification Authority. Then, it defines “foreign agent” using the definition in FISA (though carving out foreign political organizations) and says that anyone who is not a foreign agent “shall not be subject to prosecution” under the Espionage Act unless they commit a felony under the act — by aiding, abetting, or conspiring in the act — or pays for the information and wants to harm the US. The bill further carves out providing advice (for example, on operational security) or an electronic communication or remote computing service (such as a secure drop box) to the public.

So:

  • If you don’t have clearance or are sharing information not obtained illegally or via your clearance and
  • If you aren’t an agent of a foreign power and
  • If you’re not otherwise paying for, conspiring or aiding and abetting in some way beyond offering operational security and drop boxes with the specific intent to harm the US or help another government

Then you shouldn’t be prosecuted under the Espionage Act.

Below, I’ve written up how 18 USC §793 and 18 USC §798 would change under the bill, with changes italicized (18 USC §794 already includes the foreign government language added by this bill so would not change).

In the wake of the 2016 election operation, where Julian Assange helped a Russian operation hiding behind thin denials, Assange might well meet the definition of “foreign agent.” Three of WikiLeaks’ operations — the Stratfor hack (in which Russians were involved in the chat rooms), the 2016 election year operation, and Vault 7 (in which Joshua Schulte, between the initial leak and the alleged attempts to leak from jail, evinced an interest in Russia’s help) — involved some Russian activity.

And it’s not clear how Congress’ resolution — passed in last year’s NDAA — that WikiLeaks is a non-state hostile intelligence service often abetted by state actors would affect Assange’s potential treatment as a foreign agent.

It is the sense of Congress that WikiLeaks and the senior leadership of WikiLeaks resemble a nonstate hostile intelligence service often abetted by state actors and should be treated as such a service by the United States.

But even with all the new protections for those who don’t have clearance, this bill specifically envisions applying it to someone like Assange. That’s because it explicitly incorporates aiding and abetting (18 USC § 2) — which is how Assange is currently charged in Counts 2-14 — as well as accessory after the fact (18 USC § 3), and misprison of a felony (18 USC § 4) into the bill. That’s on top of the conspiracy to commit an offense against the US (18 USC § 371), which is already implicitly incorporated in 18 USC § 793(g), which is Count 1 in the Assange indictment. Arguably, explicitly adding the accessory after the fact and misprison of a felony would make it easier to prosecute Assange for assistance that WikiLeaks and associated entities routinely provide sources after the fact, such as publicity and legal representation, to say nothing of the help that Sarah Harrison gave Edward Snowden to flee to Russia.

And those charges don’t require someone formally fit the definition of agent of a foreign power so long as the person has “the specific intent to harm the national security of the United States or benefit any foreign government to the detriment of the United States.” (I’ve bolded this language below.) That’s a mens rea requirement that might otherwise be hard to meet — but not in the case of Assange, even before you get into any non-public statements the US government might have in hand.

This is a bill from Ron Wyden, remember. Back in 2017, when he first spoke out when SSCI first moved to declare WikiLeaks a non-state hostile intelligence service, he expressed concerns about the lack of clarity in such a designation.

I have reservations about Section 623, which establishes a Sense of Congress that WikiLeaks and the senior leadership of WikiLeaks resemble a non-state hostile intelligence service. The Committee’s bill offers no definition of “non-state hostile intelligence service” to clarify what this term is and is not. Section 623 also directs the United States to treat WikiLeaks as such a service, without offering further clarity.

To be clear, I am no supporter of WikiLeaks, and believe that the organization and its leadership have done considerable harm to this country. This issue needs to be addressed. However, the ambiguity in the bill is dangerous because it fails to draw a bright line between WikiLeaks and legitimate journalistic organizations that play a vital role in our democracy.

I supported efforts to remove this language in Committee and look forward to working with my colleagues as the bill proceeds to address my concerns.

While this bill does much to protect journalists (and in a way that doesn’t create a special class for journalists or InfoSec researchers that would violate the First Amendment), it provides the clarity that would enable charging Assange, even for things he did after the fact to encourage leakers.

Update: Two more points on this. First, as I understand it, the explicit references to 18 USC §§ 2-4 are designed to protect reporters, meaning the protections apply to those as well.

I also meant to note that the way this bill is written — which is clearly meant to allow for prosecution of people working at state-owned media outlets (Russia, China, and Iran all use their outlets as cover for spies) — would then by design not protect reporters at the BBC or Al Jazeera, both of which have done reporting on stories implicating US classified information in the past.


18 USC § 793

(a) Whoever, for the purpose of obtaining information respecting the national defense with intent or reason to believe that the information is to be used to the injury of the United States, or to the advantage of any foreign nation, goes upon, enters, flies over, or otherwise unlawfully obtains nonpublic information concerning any vessel, aircraft, work of defense, navy yard, naval station, submarine base, fueling station, fort, battery, torpedo station, dockyard, canal, railroad, arsenal, camp, factory, mine, telegraph, telephone, wireless, or signal station, building, office, research laboratory or station or other place connected with the national defense owned or constructed, or in progress of construction by the United States or under the control of the United States, or of any of its officers, departments, or agencies, or within the exclusive jurisdiction of the United States, or any place in which any vessel, aircraft, arms, munitions, or other materials or instruments for use in time of war are being made, prepared, repaired, stored, or are the subject of research or development, under any contract or agreement with the United States, or any department or agency thereof, or with any person on behalf of the United States, or otherwise on behalf of the United States, or any prohibited place so designated by the President by proclamation in time of war or in case of national emergency in which anything for the use of the Army, Navy, or Air Force is being prepared or constructed or stored, information as to which prohibited place the President has determined would be prejudicial to the national defense; or

(b) An individual who, while a covered person, for the purpose aforesaid, and with like intent or reason to believe, copies, takes, makes, or obtains, or attempts to copy, take, make, or obtain, any sketch, photograph, photographic negative, blueprint, plan, map, model, instrument, appliance, document, writing, or note of anything connected with the national defense; or

(c) A foreign agent who, for the purpose aforesaid, and with like intent or reason to believe, receives or obtains or agrees or attempts to receive or obtain from any person, or from any source whatever, any document, writing, code book, signal book, sketch, photograph, photographic negative, blueprint, plan, map, model, instrument, appliance, or note, of anything connected with the national defense, knowing or having reason to believe, at the time the foreign agent receives or obtains, or agrees or attempts to receive or obtain it, that it has been or will be obtained, taken, made, or disposed of by any person contrary to the provisions of this chapter; or

(d) Whoever, lawfully having possession of, access to, control over, or being entrusted with any document, writing, code book, signal book, sketch, photograph, photographic negative, blueprint, plan, map, model, instrument, appliance, or note, or information relating to the national defense, which document, writing, code book, signal book, sketch, photograph, photographic negative, blueprint, plan, map, model, instrument, appliance, note, or information the possessor has reason to believe could be used to the injury of the United States or to the advantage of any foreign nation, willfully communicates, delivers, transmits or causes to be communicated, delivered, or transmitted or attempts to communicate, deliver, transmit or cause to be communicated, delivered or transmitted the same to any person not entitled to receive it, or willfully retains the same and fails to deliver it on demand to the officer or employee of the United States entitled to receive it; or

(e) An individual who—

(1) while a covered person, gains unauthorized possession of, access to, or control over any non public document, writing, code book, signal book, sketch, photograph, photographic negative, blueprint, plan, map, model, instrument, appliance, or note of anything connected with the national defense; and

(2)(A) with reason to believe such information could be used to the injury of the United States or to the advantage of any foreign nation, willfully communicates, delivers, transmits, or causes to be communicated, delivered, or transmitted, or attempts to communicate, deliver, transmit, or cause to be communicated, delivered, or transmitted, the same to any person not entitled to receive it; or

(B) willfully—

(i) retains the same at an unauthorized location; and

(ii) fails to deliver the same to the officer or employee of the United States entitled to receive it; or’

(f) Whoever, being entrusted with or having lawful possession or control of any document, writing, code book, signal book, sketch, photograph, photographic negative, blueprint, plan, map, model, instrument, appliance,  (1) through gross negligence permits the same to be removed from its proper place of custody or delivered to anyone in violation of his trust, or to be lost, stolen, abstracted, or destroyed, or (2) having knowledge that the same has been illegally removed from its proper place of custody or delivered to anyone in violation of its trust, or lost, or stolen, abstracted, or destroyed, and fails to make prompt report of such loss, theft, abstraction, or destruction to his superior officer—

Shall be fined under this title or imprisoned not more than ten years, or both.

(g)(1) A foreign agent who—

(A) aids, abets, counsels, commands, induces, or procures the commission of an offense under this section shall be subject to prosecution under this section by virtue of section 2 of this title;

(B) knowing that an offense under this section has been committed by another person, receives, relieves, comforts, or assists such other person in order to hinder or prevent the apprehension, trial, or punishment of such other person shall be subject to prosecution under section 3 of this title;

(C) having knowledge of the actual commission of an offense under this section, conceals and does not as soon as possible make known the same to some judge or other person in civil or military authority under the United States shall be subject to prosecution under section 4 of this title; or

(D) conspires to commit an offense under this section shall be subject to prosecution under section 371 of this title.

(2) Any person who is not a foreign agent shall not be subject to prosecution under this section by virtue of section 2 of this title or under section 3, 4, or 371 of this 7 title, unless the person—

(A) commits a felony under Federal law in the course of committing an offense under this section (by virtue of section 2 of this title) or under section 3, 4, or 371 of this title;

(B) was a covered person at the time of the 13 offense; or

(C) subject to paragraph (3), directly and materially aids, or procures in exchange for anything of monetary value, the commission of an offense under this section with the specific intent to—

(i) harm the national security of the United States; or

(ii) benefit any foreign government to the detriment of the United States.

(3) Paragraph (2)(C) shall not apply to direct and material aid that consists of—

(A) counseling, education, or other speech activity; or

(B) providing an electronic communication service to the public or a remote computing service (as such terms are defined in section 2510 and 2711, respectively).

(h)

(1)Any person convicted of a violation of this section shall forfeit to the United States, irrespective of any provision of State law, any property constituting, or derived from, any proceeds the person obtained, directly or indirectly, from any foreign government, or any faction or party or military or naval force within a foreign country, whether recognized or unrecognized by the United States, as the result of such violation. For the purposes of this subsection, the term “State” includes a State of the United States, the District of Columbia, and any commonwealth, territory, or possession of the United States.

(2)The court, in imposing sentence on a defendant for a conviction of a violation of this section, shall order that the defendant forfeit to the United States all property described in paragraph (1) of this subsection.

(3)The provisions of subsections (b), (c), and (e) through (p) of section 413 of the Comprehensive Drug Abuse Prevention and Control Act of 1970 (21 U.S.C. 853(b), (c), and (e)–(p)) shall apply to—

(A)property subject to forfeiture under this subsection;

(B)any seizure or disposition of such property; and

(C)any administrative or judicial proceeding in relation to such property, if not inconsistent with this subsection.

(4)Notwithstanding section 524(c) of title 28, there shall be deposited in the Crime Victims Fund in the Treasury all amounts from the forfeiture of property under this subsection remaining after the payment of expenses for forfeiture and sale authorized by law.

(i) In this section—

(1) the term “covered person” means an individual who—

(A) receives official access to classified information granted by the United States Government;

(B) signs a nondisclosure agreement with regard to such classified information; and

(C) is authorized to receive documents, writings, code books, signal books, sketches, photographs, photographic negatives, blueprints, plans, maps, models, instruments, appliances, or notes of anything connected with the national defense by—

(i) by the President; or

(ii) the head of a department or agency of the United States Government which is expressly designated by the President to engage in activities relating to the national defense; and

(2) the term “foreign agent”—

(A) has the meaning given the term “agent of a foreign power” under section 101 of the Foreign Intelligence Surveillance Act of 1978 (50 U.S.C. 1801); and

(B) does not include a person who is an agent of a foreign power (as so defined) with respect to a foreign power described in section 101(a)(5) of the Foreign Intelligence Surveillance Act of 1978 (50 U.S.C. 1801(a)(5)).

18 USC §798

(a)Any individual who knowingly and willfully communicates, furnishes, transmits, or otherwise makes available to an unauthorized person, or publishes, or uses in any manner prejudicial to the safety or interest of the United States or for the benefit of any foreign government to the detriment of the United States any classified information obtained by the individual while the individual was a covered person and acting within the scope of his or her activities as a covered person

(1) concerning the nature, preparation, or use of any code, cipher, or cryptographic system of the United States or any foreign government; or

(2) concerning the design, construction, use, maintenance, or repair of any device, apparatus, or appliance used or prepared or planned for use by the United States or any foreign government for cryptographic or communication intelligence purposes; or

(3) concerning the communication intelligence activities of the United States or any foreign government; or

(4) obtained by the processes of communication intelligence from the communications of any foreign government, knowing the same to have been obtained by such processes—

Shall be fined under this title or imprisoned not more than ten years, or both.

(b)As used in subsection (a) of this section:

(1) The term ‘classified information’—

(A) means information which, at the time of a violation of this section, is known to the person violating this section to be, for reasons of national security, specifically designated by a United States Government Agency for limited or restricted dissemination or distribution and;

(B) does not include any information that is specifically designated as ‘Unclassified’ under any Executive Order, Act of Congress, or action by a committee of Congress in accordance with the rules of its House of Congress.

(2) The terms ‘code’, ‘cipher’, and ‘cryptographic system’ include in their meanings, in addition to their usual meanings, any method of secret writing and any mechanical or electrical device or method used for the purpose of disguising or concealing the contents, significance, or meanings of communications.

(3) The term “communication intelligence” means all procedures and methods used in the interception of communications and the obtaining of information from such communications by other than the intended recipients.

(4) The term ‘covered person’ means an individual who—

(A) receives official access to classified information granted by the United States Government;

(B) signs a nondisclosure agreement with regard to such classified information; and

(C) is authorized to receive information of the categories set forth in subsection (a) of this section—

(i) by the President; or

(ii) the head of a department or agency of the United States Government which is expressly designated by the President to engage in communication intelligence activities for the United States

(5) The term “foreign government” includes in its meaning any person or persons acting or purporting to act for or on behalf of any faction, party, department, agency, bureau, or military force of or within a foreign country, or for or on behalf of any government or any person or persons purporting to act as a government within a foreign country, whether or not such government is recognized by the United States.

(6) The term “unauthorized person” means any person who, or agency which, is not authorized to receive information of the categories set forth in sub10 section (a) of this section by—

(A) the President;

(B) the head of a department or agency of the United States Government which is expressly designated by the President to engage in communication intelligence activities for the United States; or

(C) an Act of Congress.

(c)Nothing in this section shall prohibit the furnishing of information to—

(1) any Member of the Senate or the House of Representatives;

(2) a Federal court, in accordance with such procedures as the court may establish;

(3) the inspector general of an element of the intelligence community (as defined in section 3 of the National Security Act of 1947 (50 U.S.C. 3003)), including the Inspector General of the Intelligence Community;

(4) the Chairman or a member of the Privacy and Civil Liberties Oversight Board or any employee of the Board designated by the Board, in accordance with such procedures as the Board may establish;

(5) the Chairman or a commissioner of the Federal Trade Commission or any employee of the Commission designated by the Commission, in accordance with such procedures as the Commission may establish;

(6) the Chairman or a commissioner of the Federal Communications Commission or any employee of the Commission designated by the Com2 mission, in accordance with such procedures as the Commission may establish; or

(7) any other person or entity authorized to receive disclosures containing classified information pursuant to any applicable law, regulation, or executive order regarding the protection of whistleblowers.

(d)

(1) In this subsection, the term ‘foreign agent’—

(A) has the meaning given the term “agent of a foreign power” under section 101 of the Foreign Intelligence Surveillance Act of 1978 (50 U.S.C. 1801); and

(B) does not include a person who is an agent of a foreign power (as so defined) with respect to a foreign power described in section 101(a)(5) of the Foreign Intelligence Surveillance Act of 1978 (50 U.S.C. 1801(a)(5)).

(2) A foreign agent who—

(A) aids, abets, counsels, commands, induces, or procures the commission of an offense under this section shall be subject to prosecution under this section by virtue of section 2 of this title;

(B) knowing that an offense under this section has been committed by another person, receives, relieves, comforts, or assists such other person in order to hinder or prevent the apprehension, trial, or punishment of such other person shall be subject to prosecution under section 3 of this title;

(C) having knowledge of the actual commission of an offense under this section, conceals and does not as soon as possible make known the same to some judge or other person in civil or military authority under the United States shall be subject to  prosecution under section 4 of this title; or

(D) conspires to commit an offense under this section shall be subject to prosecution under section 371 of this title.

(3) Any person who is not a foreign agent shall not be subject to prosecution under this section by virtue of section 2 of this title or under section 3, 4, or 371 of this title, unless the person—

(A) commits a felony under Federal law in the course of committing an offense under this section (by virtue of section 2 of this title) or under section 3, 4, or 371 of this title;

(B) was a covered person at the time of the offense; or

(C) subject to paragraph (4), directly and materially aids, or procures in exchange for anything of monetary value, the commission of an offense under this section with the specific intent to—

(i) harm the national security of the United States; or

(ii) benefit any foreign government to the detriment of the United States.

(4) Paragraph (3)(C) shall not apply to direct and material aid that consists of—

(A) counseling, education, or other speech activity; or

(B) providing an electronic communication service to the public or a remote computing service (as such terms are defined in section 2510 and 2711, respectively)

(e)

(1)Any person convicted of a violation of this section shall forfeit to the United States irrespective of any provision of State law—

(A)any property constituting, or derived from, any proceeds the person obtained, directly or indirectly, as the result of such violation; and

(B)any of the person’s property used, or intended to be used, in any manner or part, to commit, or to facilitate the commission of, such violation.

(2)The court, in imposing sentence on a defendant for a conviction of a violation of this section, shall order that the defendant forfeit to the United States all property described in paragraph (1).

(3)Except as provided in paragraph (4), the provisions of subsections (b), (c), and (e) through (p) of section 413 of the Comprehensive Drug Abuse Prevention and Control Act of 1970 (21 U.S.C. 853(b), (c), and (e)–(p)), shall apply to

(A)property subject to forfeiture under this subsection;

(B)any seizure or disposition of such property; and

(C)any administrative or judicial proceeding in relation to such property,
if not inconsistent with this subsection.

(4)Notwithstanding section 524(c) of title 28, there shall be deposited in the Crime Victims Fund established under section 1402 of the Victims of Crime Act of 1984 (42 U.S.C. 10601) [1] all amounts from the forfeiture of property under this subsection remaining after the payment of expenses for forfeiture and sale authorized by law.

(5)As used in this subsection, the term “State” means any State of the United States, the District of Columbia, the Commonwealth of Puerto Rico, and any territory or possession of the United States.

20 Questions (Plus 5): The Joshua Schulte Jury Is Lost, Possibly Hopelessly

According to InnerCity Press (virtually the only press covering the Schulte verdict watch), by end of day today the jurors had sent out 25 notes, most questions but also problems with two of the jurors. At the end of the day they told the Court they “aligned” on two of the charges, but were at an impasse on the other. Given that there’s slam dunk evidence that he committed the least serious crimes (false statements and contempt), that suggests at least some members of the jury have reasonable doubt that the guy who wrote a virtual signed confession to committing the most damaging leak in CIA history actually did so.

I wanted to collect the known questions from jurors to give a sense of what issues have driven this uncertainty.

Note 1: A request for a summary of exhibits

Note 2: A request for a transcript of the testimony of David, a CIA Sysadmin, particularly as regards what jurors may have mislabeled 1209-8 (David testified about Schulte’s failed attempt to access Altabackups with regards to exhibit 1202-8).

Note 3 asked 7 questions:

  1. What is included in Count Three? We aren’t sure what the purview is — articles, search warrants, tweets? This pertains to the Espionage Charge tied to posting classified information in one of his diaries, sending a diagram of CIA’s servers to WaPo reporter Shane Harris, and planning to reveal details about how a CIA hacking tool, Bartender, was used in the field (which certainly would expose CIA officers, and probably NOCs).
  2. In 2015, when DevLAN went down, was Schulte called to fix the problem? How did he fix it? Schulte’s lawyer, Sabrina Shroff, had made much of the fact that when Schulte was at a conference he got called about DevLAN going down. It’s not directly related to any of his charges.
  3. Can you please reread what was found on Schulte’s home computer? This would have focused on deleted materials (and the lack of classified information), but given that Juror 5 almost certainly knew about the child porn allegations and there was a focus on Schulte’s hosting of movies, this may have been what they were looking for.
  4. Did GX 809 reference Schulte’s taking a drug (“took my last piece”)? If so, what was it? Was it regular use? This refers to part of one page of his prison notebook in which he discusses  taking his “last piece” and envisioning himself as a Cardinal. It is entirely unrelated to his charges.
  5. Is it confirmed that Schulte’s been diagnosed with Aspergers Syndrome? One of the very senior CIA managers suggested to another that Schulte might have Asperbergers. It is entirely unrelated to his charges.
  6. For Count One, is Altabackups inclusive of Brutal Kangaroo? Is it inclusive of OSB libraries? The backup that Schulte is alleged to have stolen included both the libraries (which were not leaked) and Brutal Kangaroo (materials on which were leaked), but it included far more, but the parties did not answer this because they weren’t sure whether this was a network question or a charging one.
  7. Where were OSB libraries housed/where did they live? They were part of Stash.

Note Four: Can we please have simplified badge times/formats for Schulte on 4/20/16 in a format similar to GX 115. One piece of evidence that Schulte did the reversion during which the backup sent to WikiLeaks was stolen was that he was the only one in his SCIF with his computer during the time the commands doing the reversion were entered into it. The badge records would show that. Jurors did get simplified badge records.

Note Five: In Exhibit GX 107, what does lock/unlock computer mean in columns Source and Type? Is the computer locking itself? What is someone unlocking? This pertains to something tracked on CIA badge records and was not explained in testimony.

Note Six includes four questions:

  1. Is there evidence that April 18 and 20 were the only two times in 2016 that Schulte left the vault last? April 18, the day Schulte allegedly conducted reconnaissance on the backup files, and April 20, the day he allegedly stole him were the only two days he was the last person in his SCIF at RDB (the time period for which may include just the last seven months he worked at CIA).
  2. What does mount the Altabackups mean? This refers to how the CIA networks were set up, and Schulte’s role in doing that.
  3. What does create data store mean? This pertains to testimony about one attempt Schulte made to regain access to files he had been booted from.
  4. When someone logs out of a virtual machine, what happens to the log files from that session? There was no testimony on this point (jurors likely asked it to try to assess whether Schulte’s buddy Michael could have stolen the files).

Note Seven (Exhibits 16-17, I think) asked for the transcripts of Michael Berger (the FBI forensics expert who presented evidence of Schulte’s efforts to wipe evidence at home) and Michael (Schulte’s buddy who took a screen cap of him deleting logs).

Note Eight: Jurors complained that one of the jurors, Juror 4, was not deliberating with the rest of the jury and coming in late.

Note Nine included two questions:

  1. Can we please have testimony from Richard Evanchec. Evanchec is one of the FBI agents that interviewed Schulte and searched his home, and so is central to the false statements charges.
  2. What testimonies covered GX 1305-8 and GX 1305-9. Can we please have transcripts about that. These are Schulte’s Google records, which Evanchec also testified about.

Note Ten: Juror five has prior information, probably including details of Schulte’s child porn charges. She also looked up one of the lawyers. It became clear in a later sidebar that this is the juror who had said something inappropriate to another juror, possibly about deliberations, on February 13, during the trial.

Note Eleven included two questions:

  1. What happened to Schulte’s computers and workstation after he went to Bloomberg (after November 10)? This is likely a question testing a theory about whether someone — possibly Michael? — could have altered logs on Schulte’s computer after he left on November 10, 2016.
  2. When and where was Rufus’s SSH key found? Was it found in the home directory or was it found forensically? Schulte had stored the key of someone, Rufus, who had had Admin access but left, on his home directory. He used it when he was deleting logs on April 20. Sabrina Shroff had gotten one witness to testify that it was very easy to access other people’s home drives, so this is likely another effort to test an alternate culprit theory.

There were two more questions today (which I’ll update on Monday when that transcript is released):

  • Something about the CFAA charge, suggesting jurors are not treating the reversion as a hack, but might be treating Schulte booting his colleague off Brutal Kangaroo as one.
  • Something about unanimity on charges, possibly relating to the leaks from jail.

And then jurors told the court that they’re only in agreement on two charges, but stuck on the others.

For the reasons I laid out here — as well as the two problem jurors — I’m not surprised about that. And given the questions, it seems clear that the extended focus on Schulte’s employment disputes at the CIA made at least some of the jurors sympathetic to the idea that someone at CIA framed Schulte. Keep in mind, too, that Schulte adopted the moniker Jason Bourne in prison, so he fed that idea. And — as Shroff noted in her close — there was no good reason to focus on the continued employment disputes that extended two months after Schulte allegedly stole the files.

When the CIA puts its formers on trial, in my opinion, it believes the general population will be as outraged by a violation of CIA’s sacred trust as they themselves are. That may be why prosecutors aired that entire nasty employment dispute. But that’s generally not the case outside of EDVA, especially not in SDNY.

Between that, and the forensic complexity of this case, it appears the jury is lost.

Reminder; Calyx Institute and other donors sprung for the transcripts of this trial.

The Joshua Schulte Jury Is Falling Apart

Even before Judge Paul Crotty dismissed a juror today for reading outside information and sharing it with another juror, it was clear that the jury was a mess. Going all the way back to February 13, a juror had said something to another juror that concerned him.

THE COURT: Okay. I got a note from a juror, and it deals with an incident that occurred on Thursday late in the day. He then left the courthouse. We asked him to put the report that he made to David on Thursday in writing, which he did on Tuesday morning. This is the note. I’m going to mark it as Court Exhibit 1. I made copies. So I don’t think we can resolve this now. But I wanted to call it to your attention right away.

[snip]

MS. SHROFF: It’s her belief. She’s not saying she can’t be impartial. She’s not deliberated. She’s voicing an opinion. And she also notes that that was a different — I mean, she’s saying she is a different kind of citizen. That’s what we want. A jury of peers.

Judge Crotty discussed that incident with the two sides on February 19.

Then, on the first day of deliberations Tuesday, the jurors sent a bunch of notes, including one with seven questions, several of them (the questions about the DevLAN outage, drugs, and Aspergers) entirely unrelated to Schulte’s guilt or innocence:

Message: What is included in Count Three? We aren’t sure what the purview is — articles, search warrants, tweets? (2) In 2015, when DevLAN went down, was Schulte called to fix the problem? How did he fix it? (3) Can you please reread what was found on Schulte’s home computer? (4) Did GX 809 reference Schulte’s taking a drug (“took my last piece”)? If so, what was it? Was it regular use? (5) Is it confirmed that Schulte’s been diagnosed with Aspergers Syndrome? (6) For Count One, is Altabackups inclusive of Brutal Kangaroo? Is it inclusive of OSB libraries? (7) Where were OSB libraries housed/where did they live?

While a number of the questions made sense, it was also clear that the jurors are confused about the forensic evidence, including multiple threads of evidence that show Schulte was at his computer typing in the commands that reverted the backup on the date the files were stolen.

But today, according to a note from Schulte’s lawyers, Juror 1 told the Court that Juror 5 had shared outside information with him.

The defense respectfully requests that the Court halt jury deliberations temporarily and conduct an individual voir dire of jurors 2–11 to ensure that they were not exposed to prejudicial extra-record information from former Juror 5. Such an inquiry is necessary because the Court currently only has the information received in the robing room from Juror 1 and former Juror 5.

The juror who got booted spoke to the press. She seems to believe Schulte did restore his own access to certain files (given her description, she seems focused on Brutal Kangaroo), but does not believe he is guilty of the most serious charges.

“Was he a naughty boy? Yes,” Wiesenberg said. “But did he do the final click? I don’t have evidence. I want solid proof that I wasn’t given by the parties. I don’t think he did it — the most serious charges.”

[snip]

The five-week trial established that Schulte improperly reinstated his administrative privileges to access secret information he’d been told to stay away from, according to Wiesenberg, who lives in the West Village.

“He felt entitled. This was his tool — he created it,” Wiesenberg said, referring to some of the hacking tools. But that didn’t make Schulte guilty of the most serious of 11 charged counts, she added.

Note that, given how little coverage of this case there has been, she probably would have had to go looking for outside information.

In their close, prosecutors didn’t point jurors to where, in the pile of evidence they’ve been presented over the last month, the details are that might prove each of the charges against Schulte (the evidence is there, but it’s highly technical). It’s unsurprising they’re confused. And now Schulte’s lawyers want to know what other outside information on the trial has gotten into jurors.

Update: The booted juror told they Post there are others who doubt Schulte’s guilt on the most serious charges.

Wiesenberg said the Schutle jury is divided, with people like her who believe the former CIA programmer to be not guilty of the worst leak in the spy agency’s history.

It’s Easy to [Claim to] Attribute Hacks to CIA after a One Month Trial on CIA’s Tools

Yesterday, closing arguments and charging instructions in the Joshua Schulte trial were presented to the jury. As I’ve noted, I think the evidence against Schulte is quite compelling, but several things have weakened the government’s case. The transcripts for the closing arguments (which will come out tonight) may provide a better sense of how strong the case is. Otherwise, we wait on the jury.

But at least one Chinese InfoSec company is not waiting. One firm just released a report claiming to ID a number of CIA’s hacking campaigns against Chinese targets, which it dubs APT-C-39. It explicitly relies on the trial record (though not the most interesting details of it, and some of the details revealed at trial seem to conflict with this report).

Proficient in the design and development of cyber weapons and possessing knowledge of intelligence operations, Joshua became one of the core backbones of the CIA’s many important hacking tools, including a key cyber weapon – Vault 7.

In 2016, Joshua took advantage of his admin privilege of the core machine room and a preset backdoor to steal the classified documents of Vault 7 and disclosed to WikiLeaks, which was published on Wikileaks website in 2017.

In 2018, Joshua was arrested and prosecuted by the U.S. Department of Justice for the Vault 7 leaks. On February 4, 2020, at a public hearing in the federal court, the federal prosecutor alleged that Joshua, as the core developer and the person in charge of the highest administrator authority of its internal arsenal, has committed “the single biggest leak of classified national defense information in the history of CIA”by disclosing the agency’s secret hacking tools to WikiLeaks.

This piece appears to be entirely reversed engineered from the leaked files and the trial record, not actual InfoSec analysis. For example, it treats “Vault 7” as CIA’s code name, not some dumb label WikiLeaks assigned to it. It claims to track campaigns from September 2008 through June 2019; yet the trial record says CIA stopped all use of tools developed before Schulte left.

It makes much of compilation time. It is true that most of the work on these tools happen in VA and most of the developers work regular hours. However, there are two remote offices, so tools targeting China could easily be customized in Asian timezones.

The compilation time of malware is a common method and statistics in the research of APT group attribution. Through the study of the compilation time of malware, we can find out the developer’s work schedule, so as to know the approximate time zone of his location.

The following table is the schedule of compilation activities of APT-C-39 (the time is based on the East 8 time zone). It can be seen that the organization’s activities are close to the schedule in Eastern U.S. time zone, which is in line with the CIA’s location. (Virginia, U.S. Eastern Time).

It also admits that it is speculating about a key point — how CIA would use all this.

We speculate that in the past eleven years of infiltration attacks, CIA may have already grasped the most classified business information of China, even of many other countries in the world. It does not even rule out the possibility that now CIA is able to track down the real-time global flight status, passenger information, trade freight and other related information. If the guess is true, what unexpected things will CIA do if it has such confidential and important information? Get important figures‘ travel itinerary, and then pose political threats, or military suppression?

Don’t get me wrong. I’m sure the Chinese state is watching the trial closely for clues on CIA’s now defunct hacking tools, as well as organizational clues to how it used to be developed (though given China’s extensive success spying on the US, doubt they’ve learned anything even remotely new from this trial). But this report, at least, looks to be a opportunistic effort to make the most of the spectacle of the US prosecuting one of its own hackers.

Update: This, from last year, is a more credible report based on Vault 7 leaks. (h/t Catalin Cimpanu)

With One Dropped Charge and a Major Screw-up, Government in Remarkably Weak Position against Joshua Schulte

The outcome of the Joshua Schulte trial will be unresolved until closing arguments Monday and deliberation next week.

While parts of the case are circumstantial — because Schulte allegedly used TAILS, there’s no smoking gun showing him sharing stolen files with WikiLeaks — in my opinion the case against him is quite strong, particularly given really damning details from his prison notebooks talking about leaking to WikiLeaks.

But the government, having rested and rebutted the scant defense case, is in remarkably weak position right now.

That’s true, first of all, because the government has spent over two weeks trying to recover from an own goal, prosecutors’ failure to provide Schulte with advance notice that one of his closest buddies at the CIA, Michael, got put on paid leave last August because the CIA no longer trusts the developer because of his closeness to and lack of candor about Schulte. In reality, Michael should have been a key witness for prosecutors, providing proof that Schulte was at his computer and logged in when the reversion and copy of the files likely shared with WikiLeaks was accomplished. But because prosecutors didn’t fully disclose the report in real time, Schulte has flipped that on its head. The trial ended with the guy who wrote that report testifying on rebuttal about how this is still all about Schulte — effectively providing emphasis that the CIA maintains that Schulte is the culprit — but it interrupted the narrative arch of the government case.

Add that to the pace of the trial, which feels like a nasty employment dispute to which the massive breach of the CIA’s hacking tools became just a side-dispute. That’s often true of CIA trials — it certainly was for Jeffrey Sterling. But the long parade of CIA witnesses — Schulte’s buddy, two other colleagues, his boss, his boss’s boss, his boss’s boss’s boss, her boss, and then yet another boss, plus a CIA SysAdmin and a security guy — all describing a series of disputes escalating from a nerf gun fight to WikiLeaks burning the CIA’s hacking capabilities to the ground refocused the trial onto whether Schulte’s complaints had merit and not on what the forensic evidence showed.

And Sabrina Shroff did a superb job of defending not the forensic case (indeed, defense expert Steve Bellovin did not take the stand to float any of the alternate theories that Schulte has been offering for two years, and in so doing will leave Shroff to claim Michael could have accessed the backup without prosecutors having gotten him to admit that wouldn’t have worked), but instead arguing that her client was maligned by the entire CIA. The boss, the boss’s boss, the boss’s boss’s boss, the boss’s boss’s boss’s boss, and then the senior-most boss are all lined up against Schulte for being an asshole. She even defused utterly damning notes about working with Russia (which I’ll return to). From the transcripts, it seemed like Shroff rattled a good many government witnesses, too, and a number of them (one of the FBI agents and the classification expert, especially) seemed to come off as unresponsive as a result.

And on a potentially significant point, FBI Agent Evan James Schlessinger’s unresponsiveness deprived the government of an opportunity to rebut something the defense will do in its close. The defense entered a stipulation that Schulte had been thrown into the SHU on October 1, 2018, before the Bureau of Prisons found the phone he allegedly used to leak classified information to Shane Harris. The phone continued to be used, probably by Schulte’s roommate Omar Amanat, for whom Schulte was writing an expert report. Somebody–again, probably Amanat–sent a Signal text to Harris on October 2, saying “Hi Shane, the anon email is down since Sunday evening Can you resend your questions to [email protected] thanks.” That text seems to be proof that no one besides Schulte had the password to the other email account, [email protected], but the FBI Agent didn’t take this point head on when he could have.

Two weeks ago, one juror apparently complained about another, suggesting she was already making up her mind. Whatever the complaint, the defense seemed to welcome it, which given the focus on the employment dispute may mean the juror sees that dispute as contested.

Finally, the government dropped one of its charges today, eliminating the Illegal Transmission of Lawfully Possessed National Defense Information (Count Two in the superseding indictment). The government dropped it to avoid confusing the jury about whether Schulte had legal access to the files that he stole. But the discussion about it leads me to think the defense could argue that Schulte had legal access to some of the files he sent to WikiLeaks, thereby getting off on that charge. If the jury convicts, that dropped charge won’t much matter in the grand scheme of things. And even an acquittal would not spring Schulte from jail, because he still faces child porn charges.

Still, I have to applaud the job that Shroff and Schulte’s other attorneys did, because she did a remarkable job with one of the most nightmarish clients. She certainly put a lot out there that might lead jurors to find there is a reasonable doubt about this.

And much of that comes from the government being dickish.

The State of Play: Joshua Schulte and Julian Assange

Last year, it looked like the Joshua Schulte trial, rescheduled in the fall to start January 13, would be done before the extradition hearing for Julian Assange started. Two things changed since then: Schulte got a delay until February 3, and then last month, Assange convinced Judge Vanessa Baraitser to split his extradition hearing into two, the first part lasting a week starting Monday, and then resuming on May 18 for three more weeks.

As a result, both men are in court during the same week, intersecting in interesting ways.

Thus far, Assange’s argument is threefold:

  1. His prosecution is hopelessly political, merely retaliation by the hated President that Assange helped elect, Donald Trump
  2. The evidence in the case against Assange is so weak as to be abusive
  3. A person cannot be extradited for political crimes like the Espionage Act

The first argument is a load of horseshit covering up the fact that the timing of the treatment of WikiLeaks as a non-state hostile intelligence service, the increased surveillance of Assange, and the initial December 21, 2017 charge all stem from WikiLeaks’ burning the CIA by publishing all its hacking tools. It’s horseshit, but it garners a lot of enthusiasm among WikiLeaks supporters who like to conveniently forget that, whatever Assange’s motivations were in 2010 (when he engaged in the acts he is charged with), he nevertheless helped Russia help Trump get elected. That said, even though the claims about what changed in 2017 are horseshit, it doesn’t change that the existing charges against Assange pose a real danger to journalism.

The second argument is far stronger. For each of the theories of prosecution under which Assange is charged — attempting to help Chelsea Manning crack a password, soliciting certain files via WikiLeaks’ wish list, and publishing a bunch of files in which the names of US and British sources were later revealed — Assange has at least a credible defense. Assange never succeeded, and could not have succeeded, in cracking that password. Manning didn’t leak the precise files that WikiLeaks had on its wish list (though did leak some of the same sets). WikiLeaks originally went to some effort to redact the names of sources, only to have a Guardian journalist release the password revealing them. Mind you, the extradition hearing is not the trial itself, so for these defenses to be relevant, WikiLeaks has to prove that the case against Assange is abusively weak.

The third argument, which is being argued today, is a more interesting legal question. Assange claims that the existing Anglo-US extradition treaty, passed in 2003, still prohibits extradition for political offenses like theEspionage Act. The US argues that Assange’s extradition is governed by the Extradition Act of 2003, which did not include such a bar (and also disagrees that these are political crimes). The lawyers are even arguing about the Magna Carta! Judge Vanessa Baraitser seems inclined to side with the US on this point, but the question will surely be appealed. Mind you, one of the charges against Assange, CFAA, is in no way a political offense, and the UK has not barred its own citizens, much less foreign citizens hanging out in foreign embassies, from being extradited on the charge (though several hackers, most recently Lauri Love, have challenged their extradition to the US for CFAA on other grounds).

Yesterday, Assange’s defense spent a good deal of time making the second argument. The US didn’t respond. Rather, it said it would deal with those issues in the May hearing.

Meanwhile, the Schulte trial is wrapping up, with Schulte doing little to mount a defense, but instead preparing an appeal. Yesterday, Schulte asked that an instruction on the defendant not testifying be added to the jury instructions (normally, these are included from the start, but Schulte has been claiming he would testify all this time). Today, Schulte told the court that Steve Bellovin won’t testify because he never got access to all the data Judge Paul Crotty ruled he couldn’t have access to (not mentioning, however, that the restrictions stemmed from Crotty’s own CIPA judgment).

I’m still unclear on the status of the witness, Michael. Schulte is trying to submit his CIA investigative report in lieu of finishing cross-examination (which is where things had left off). But it still seems possible that Crotty would require his testimony to be resumed, giving the government another opportunity to redirect his testimony. This is all likely happening today, but given that there’s so little coverage of the trial, we won’t know until Thursday.

Before all this happened, however, the jailhouse informant provided very damning testimony against Schulte, not only describing how Schulte obtained a phone (swapping an iPhone for a Samsung that he could load all the apps he wanted on it), but also claiming that Schulte said, “Russia had to help him with what he was doing,” launching an information war.” I had learned of similar allegations of ties or willingness to forge them with Russia via several sources in the past. And Schulte’s own jailroom notebooks include hints of the same, such as a bullet point describing how Russia could help the US “destroy itself.”

And his final plan — which the informant alerted his handlers to just before Schulte launched it — included some “Russia pieces.”

As part of the same plan to get fellow SysAdmins to leak all their secrets to WikiLeaks, then, Joshua Schulte was also hoping to encourage Russia to attack the US.

I’ve long said the Vault 7 case, if it were ever added to Julian Assange’s charges (including an extortion charge, which would also not be a political crime), would be far more damning and defensible than the ones currently charged. Filings from November suggested that the government had come to think of Schulte’s leaks to WikiLeaks as the last overt act in an ongoing conspiracy against the United States.

And by 2018, Schulte had come to see leaking to WikiLeaks as part of the same plan encouraging Russian attacks on the US, precisely the allegation WikiLeaks has spent years trying to deny, especially in the wake of Assange’s cooperation in Russia’s election year operation.

It’s not clear whether the US will add any evidence to the original 2010 charges against Assange before May (though Alexa O’Brien has pointed to where additional evidence might be), but the statement they’re waiting until then to rebut the solid defense that WikiLeaks is now offering suggests they might. That might reflect a hope that more coercion against Chelsea Manning will produce that additional evidence (she has renewed her bid to be released, arguing that such coercion has obviously failed). Or it might suggest they’ve got plans to lay out a broader conspiracy if and when Schulte is convicted.

Assange’s lawyers pushed for the delay to May in the first place. If the US government uses the extra time to add charges related to Vault 7, though, the delay may make a significant difference in the posture of the case.

image_print