Posts

The Other Things the Press Missed by Ignoring the Details Revealed in the Joshua Schulte Prosecution

/6 Comments/in , /by

The WaPo got a copy of the WikiLeaks Task Force report introduced as evidence in the Joshua Schulte from Ron Wyden’s office and so, four months after it was first made public, is declaring the scathing report “news”. (Note, WaPo does not reveal that InnerCity Press made this report public months ago after fighting for its release.)

If the report is news it’s a testament to all the news from the trial that didn’t get reported

The report is scathing. But it describes what any news outlet that covered the trial closely would have reported in real time (as well as the evidence that one after another Schulte denial had been contradicted by evidence submitted at trial), and as such is a confession that besides some passing coverage, few national security journalists did cover this trial and all its alarming disclosures.

The trial showed that Schulte tried to make sure 1TB of data got transferred properly in early May 2017 and then wiped two TB disk drives; this report from early in the investigation assesses that Schulte stole “at least 180 gigabytes to as much as 34 terabytes of information,” something CIA later got more certainty about. The government provided evidence that Schulte inserted outside CDs and thumb drives into his CIA workstation, made a copy of a months-old backup file, and set an Admin password for the files he is accused of stealing, which is why the report focuses so closely on the findings that, “users shared systems administrator-level passwords, there were no effective removable media controls, and historical data was available to users indefinitely.”

The report was published on October 17, 2017, weeks before WikiLeaks published the source code for Hive on November 9, 2017, making this claim (though not necessarily the assessment that Schulte didn’t get the “Gold File”) out of date:

To date, WikiLeaks has released user and training guides and limited source code from two parts of DevLAN: Stash, a source code repository, and Confluence, a collaboration and communication platform. All of the documents reveal, to varying degrees, CIA’s tradecraft in cyber operations.

The trial showed that everyone from Schulte’s colleagues to then-CIA Executive Director Meroe Park had concerns about Schulte’s reliability, but none put him on leave or successfully cut off his access to the vulnerable systems, which makes this passage seem like a breathtaking understatement.

We failed to recognize or act in a coordinated fashion on warning signs that a person or persons with access to CIA classified information posed an unacceptable risk to national security.

The trial also showed that the CIA waited almost two years after this report to put “Michael,” Schulte’s CIA buddy who testified to seeing him stealing files in real time, on paid leave, making it clear they didn’t address this issue even though it appeared in the report.

The report also doesn’t include unredacted descriptions of how the leak led all of CIA’s hack-based spying to grind to a halt, such as that offered by Sean Roche, who had been Deputy Director of the Directorate for Digital Innovation.

Our capabilities were revealed, and hence, we were not able to operate and our — the capabilities we had been developing for years that were now described in public were decimated. Our operations were immediately at risk, and we began terminating operations; that is, operations that were enabled with tools that were now described and out there and capabilities that were described, information about operations where we’re providing streams of information. It immediately undermined the relationships we had with other parts of the government as well as with vital foreign partners, who had often put themselves at risk to assist the agency. And it put our officers and our facilities, both domestically and overseas, at risk.

[snip]

Because operations were involved we had to get a team together that did nothing but focus on three things, in this priority order. In an emergency, and that’s what we had, it was operate, navigate, communicate, in that order. So the first job was to assess the risk posture for all of these operations across the world and figure out how to mitigate that risk, and most often, the vast, vast majority we had to back out of those operations, shut them down and create a situation where the agency’s activities would not be revealed, because we are a clandestine agency.

Nor does the October 2017 report include details about the exploits — such as that these tools were USB drives that NOCs and/or assets would stick into target computer systems, making it likely the leak endangered people who had used the tools — that provide some idea of the kinds of damage the leak did.

Schulte claims the “classified” information on his server consisted of Snowden documents

Meanwhile, there have been several updates in the government’s attempt to retry Schulte.

First, on May 21, the court docketed a hand-written letter from Schulte to Judge Paul Crotty, dated April 12. In it, he claimed He had no counsel,” which is confusing because he has appeared in court subsequent to the letter and its posting with the same trial team (though in a recent filing, his lawyers said Steve Bellovin may not be available to serve as expert in his retrial). Based on his claim to have no lawyers, he asked for access to a bunch of things withheld in discovery, a number of which are things his lawyers had tried but failed to obtain already. That includes his own server, which (according to Schulte, who has proven utterly unreliable) the government withheld because it held “classified” information consisting of the publicly released Snowden files.

The claim is interesting in any case. If Schulte viewed the files while still at CIA, it would be a violation of the government’s ridiculous claims that clearance holders could not view those files without violating their clearance. It’s also interesting given Schulte’s claims, to colleagues, that Snowden should be executed, even while saying elsewhere that Snowden didn’t harm anyone.

The government floated — and then did not fully develop (possibly as part of an agreement to avoid a subpoena to Mike Pompeo) a theory about Schulte’s ties to other leaks, including Snowden’s. That makes the fact they’re still sitting on these files far more interesting. (Schulte used the reports about the hacking of Angela Merkel in his defense.)

DOJ’s superseding indictment tries to make the retrial easier to win

Then there are the circumstances surrounding a third superseding indictment obtained against Schulte on June 8 (which the WaPo notes but doesn’t explain). As the government had explained, they got the indictment to make the specific allegations more clear for the jury than the second indictment, which was released before CIA had declassified the things used at trial.

These counts are based on the same conduct that was at issue during the February trial, namely, the defendant’s theft and transmission of the Backup Files, his destruction of log files and other forensic data on DEVLAN in the course of committing that theft, his obstruction of the investigation into the leak of the Backup Files, and his transmission and attempted transmission of national defense information while detained at the MCC. The modifications in the Proposed Indictment, however, are intended to make clear what conduct is covered in the specific counts. Thus, the Proposed Indictment (i) contains two separate § 793(e) counts related to (1) the defendant’s transmission of writings containing national defense information from the MCC and (2) the defendant’s attempted transmission of writings containing national defense information from the MCC, whereas the S2 Indictment grouped that conduct together in a single count; (ii) clarifies that all the § 793(e) counts, pertaining both to the transmission of the Backup Files and the defendant’s conduct in the MCC, charge the transmission of documents and writings, which does not require proof that the defendant had reason to believe the information therein could be used to harm the United States; (iii) contains two separate § 1030(a)(5)(A) counts specifying that the charged harmful computer commands at issue are (1) the defendant’s manipulation of the Confluence virtual server and (2) the defendant’s log deletions, whereas the S2 Indictment grouped that conduct together in a single count; and (iv) lists the false statements underlying the obstruction charge, which had previously been identified for the defendant in a bill of particulars, whereas the S2 Indictment did not do so.

Here’s a table that shows the difference between the second superseding indictment and the new one.

The government had dropped Count Two during the trial to make it clear that Schulte was exceeding his access when he stole the files he allegedly sent to WikiLeaks. And Schulte had challenged the 641 charge on legal grounds, which explains the dropped charges (marked in black). Jury questions had made it clear that jurors were fighting over what Schulte leaked and tried to leak from jail, and couldn’t agree upon whether Schulte’s various manipulations of the backup servers amounted to a crime. By turning each into two charges, the government not only tells the jury precisely what to look for, but might even get prosecutors to focus on describing why the forensics prove the crime rather than describing the CIA’s personnel disputes. In other words, this superseding indictment is an effort to make it more likely Schulte will be found guilty for the actions described at trial.

Meanwhile, whereas elsewhere the new indictment aims to make things more explicit for the jury, the new one does not mention two things that were laid out in the bill of particulars laying out his false statements and obstruction in the second indictment: any reference to the Brutal Kangaroo tool that Schulte was working on at home and then may have brought back into work, and a discussion of a proffer session that took place on November 16, 2017 where Schulte falsely claimed to have been approached by an unknown male on the way to a court appearance. The government dropped the latter before Schulte’s trial. As to the former, it’s unclear whether the government has decided Brutal Kangaroo (which might have been used to help steal the files or unknown follow-up ones) is too sensitive to explain, or whether they want to make the obstruction charges more generalized.

Now that a bunch of journalists have effectively confessed they missed all this in real time, maybe they’ll finally get around to explaining why the government is having to revamp their charges to try they guy the CIA claims burned their hacking ability to the ground, which seems as newsworthy as this out-of-date, already published report.

Schulte doesn’t want a suburban jury

Nothing the government has done, however, will prevent jury nullification, which appears to have been a key factor in the first trial. Given the notes from the jury, at least two jurors seemed to be unwilling consider fairly clear evidence, and one of them hid that she had outside knowledge (comments she made publicly after she was dismissed suggested she believed Schulte’s claims that the government was using child porn to frame him for this leak).

Ultimately, prosecutors are going to have to explain to a NY jury why they should care that the CIA department in charge of hacking everyone else got hacked itself, all while Schulte’s lawyers make claims about what CIA does when it hacks that the CIA is not about to rebut publicly.

Which may explain why Schulte is preparing to challenge the circumstances of the most recent indictment. The grand jury on the most recent indictment is a White Plains one, not a Manhattan one.

The unusual circumstances of the S3 indictment—the grand jury was sitting in White Plains as opposed to Manhattan, and most members of the public in the Southern District of New York were still under a stay-at-home order—may have compromised the defendant’s right to a grand jury selected from a fair cross-section of the community. Accordingly, through this letter-motion and the accompanying declaration of statistician Jeffrey Martin, Mr. Schulte respectfully requests access to the records and papers used in connection with the constitution of the Master and Qualified Jury Wheels in the United States District Court for the Southern District of New York, pursuant to the Fifth and Sixth Amendments to the United States Constitution and the Jury Selection and Service Act (“JSSA”), 28 U.S.C. § 1867(a) and (f).

While this motion to get records of how this jury was chosen may not lead to a challenge, ultimately, he seems prepared to argue that the pandemic prevented him from being tried by a jury of his peers. And that’s happening all while he’s refusing (as is his right) to toll Speedy Trial rights during the pandemic. (Plus, I’m not sure prosecutors are being very attentive to excluding the time that the defense itself has asked for.)

The press is only now waking up to what the trial (and the prior court filings) has shown. Perhaps now that they’ve tuned in they’ll bother to explain why the guy who allegedly burned the CIA to the ground may well get off on all his Espionage and hacking related charges?

Prosecutors Have Discovered the Joshua Schulte Is a Hack-and-Leak Case, Not a Personnel Dispute

/5 Comments/in , /by

While I’ve been buried in the Mike Flynn beat, on Monday, there was a status hearing in the Joshua Schulte case.

There were three main news items in the hearing.

First, prosecutors revealed unsurprisingly that they’re going retry Schulte. More interesting, they said they planned to supersede the indictment against Schulte, alleging the same charges, but providing more information on them. They cited the notes from jurors, which made it crystal clear that the jurors were confused by the forensic testimony and how the charges related to that testimony. What the limits of Schulte’s legal access were seemed to be particularly confusing (something that is not sufficiently clear in the law anyway). At the time of both the initial Espionage indictment and the superseding one, the CIA was still trying to keep secret specifically what had been stolen when and how, but now that that’s public. I expect the superseding indictment to explain more clearly what was stolen and how Schulte allegedly exceeded his legal accesses to do that.

In discussions around that superseding indictment, prosecutor David Denton said something to the effect that grand juries are only available in emergencies. As far as the public record goes, however, grand juries aren’t available at all, so Denton’s disclosure was news. That only matters in the Schulte case insofar as he’s going to refuse most Speedy Trial exclusions (meaning prosecutors may be forced to find some way to start a new trial before COVID lockdowns end). But it’s an interesting admission more generally.

Finally, prosecutors said they didn’t think the retrial will take as long as his initial trial. In my summary of why the prosecution was in a remarkably weak position as the last trial went to the jury, I described how prosecutors had made it look like the Vault 7 breach was just a really nasty personnel dispute to which burning the CIA’s hacking abilities to the ground was just a side dispute.

Add that to the pace of the trial, which feels like a nasty employment dispute to which the massive breach of the CIA’s hacking tools became just a side-dispute. That’s often true of CIA trials — it certainly was for Jeffrey Sterling. But the long parade of CIA witnesses — Schulte’s buddy, two other colleagues, his boss, his boss’s boss, his boss’s boss’s boss, her boss, and then yet another boss, plus a CIA SysAdmin and a security guy — all describing a series of disputes escalating from a nerf gun fight to WikiLeaks burning the CIA’s hacking capabilities to the ground refocused the trial onto whether Schulte’s complaints had merit and not on what the forensic evidence showed.

And Sabrina Shroff did a superb job of defending not the forensic case (indeed, defense expert Steve Bellovin did not take the stand to float any of the alternate theories that Schulte has been offering for two years, and in so doing will leave Shroff to claim Michael could have accessed the backup without prosecutors having gotten him to admit that wouldn’t have worked), but instead arguing that her client was maligned by the entire CIA. The boss, the boss’s boss, the boss’s boss’s boss, the boss’s boss’s boss’s boss, and then the senior-most boss are all lined up against Schulte for being an asshole. She even defused utterly damning notes about working with Russia (which I’ll return to). From the transcripts, it seemed like Shroff rattled a good many government witnesses, too, and a number of them (one of the FBI agents and the classification expert, especially) seemed to come off as unresponsive as a result.

I expect prosecutors will shorten the trial by limiting this testimony to just the four or so people who have first-hand knowledge of Schulte’s actions (and in the retrial, the government won’t have to backpedal as they try to fix their late disclosure that Schulte’s buddy Michael had been put on paid leave by the CIA). If so, that should make it easier for prosecutors to focus on why the circumstantial forensic evidence strongly supports Schulte’s involvement.

All that said, prosecutors also seemed to be fighting jury nullification in Schulte’s trial, with at least two jurors who were determined to acquit Schulte no matter what other jurors said. That may be a WikiLeaks thing (one that would be far less likely to happen if this were tried in EDVA, which is why Julian Assange says he can’t get a fair trial in EDVA). But it also may be the case that CIA’s hacking department doesn’t make a very sympathetic hacking victim.

“ur submission form is too fucking slow, spent the whole day uploading 1 gb.”

/12 Comments/in , , /by

As I noted, one of the Roger Stone-related warrant applications released last week includes more details on the communications between the Guccifer 2.0 persona and WikiLeaks leading up to the DNC release. Emma Best examines the filing from a perspective of how someone, purportedly with no prior relationship to WikiLeaks, would go about transferring even a marginally significant submission to WikiLeaks. Almost a month of back-and-forth transpires between the first contact with Guccifer 2.0 and the successful transfer of the DNC files.

A key exchange, however, happened on July 6, 2016. After Guccifer 2.0 inquires whether WikiLeaks received some documents Guccifer 2.0 sent, the persona gets cranky because it took so long to upload a 1 GB file to WikiLeaks submission system. [I’m using Best’s conversion of this filing into a nifty transcription.]

Guccifer 2.0: “fuck, [I] sent 4 docs on brexit on jun 29, an archive in gpg[.] ur submission form is too fucking slow, [I] spent the whole day uploading 1 gb”

WikiLeaks: “We can arrange servers l00x as fast. The speed restrictions are to anonymise the path. Just ask for custom fast upload point in an email.”

Guccifer 2.0: “will u be able to check ur email?”

WikiLeaks: “We’re best with very large data sets. e.g. 200gb. these prove themselves since they’re too big to fake”

Almost two weeks into this exchange, WikiLeaks says they can arrange for a custom server to transfer larger data sets — of around 200 GB.

These exchanges should, to a significant extent, be considered theater. Both sides of this conversation knew that the FBI would be watching all DMs between WikiLeaks and the Guccifer 2.0 persona. So it can’t be taken as a definitive indication of how any files get sent.

Still, it shows how WikiLeaks would respond, using the public communication accounts, to a request to submit data in July 2016.

That’s significant because it shows how things might have proceeded, two months earlier, when Joshua Schulte allegedly sent 1TB of data to WikiLeaks on May 1, 2016.

While the prosecution in Schulte’s case provided forensic evidence to explain when he stole the CIA files and sent them to WikiLeaks, key gaps remain (perhaps most notably, how he got the files out of his building, though that may be because of certain classification decisions). And because Schulte used Tails and wiped his devices afterwards, there’s no record of him actually sending the files.

Here’s how prosecutor Matthew Laroche described that process in his closing arguments.

Just as a general matter, you know this information was transmitted to WikiLeaks because they posted it on the internet. They obviously got it, and the question is when did he send it?

And that’s answered by what he did on the 30th and May 1. Let’s look at the evening of the 30th.

At 6:47 p.m., he is searching for Google history and Google view browsing history. He is concerned about what he’s been searching for. On the evening, that night, he is searching for digital disk-wipe utility on several occasions, and at 10:52 p.m., he visits a website Kill Your Data Dead With These Tips and Tools. The defendant is interested in finding out how to securely delete information that might connect him to the leak, anything that he might’ve brought home with the leak on it, anything that he might’ve used to transfer it.

And at 10:55 p.m., he runs a similar search for SSD wipe utility. And you’ll remember all those hard drives that were recovered from his home. He was wondering how to wipe them to make sure that there was no evidence of his activities.

Now, overnight, he continues working.

At 12:19 a.m., the defendant mounted his D drive onto his virtual machine, the same D drive that had those encrypted files, data2.bkp through data6.bkp. They’re in his D drive. He mounts his D drive.

Then, overnight, he is constantly looking at his computer. On at least four occasions, he is unlocking his virtual machine in the middle of the night: 1:57 a.m.; 2:34 a.m.; 2:56 a.m.; 3:18 a.m. He is doing that because he is transferring data and he wants to make sure it’s happened correctly. And you know that is the case because of the Google searches he runs at of the end the night and the early morning.

At 3:18 a.m., just after he unlocks his screen saver, the defendant searches for How Long Does It Take to Calculate MD5?

Remember, calculating an MD5 is a way to confirm that what you transferred from one place to another is the same, that it went correctly, that there were no errors. You calculate an MD5 to confirm that what you transferred transferred correctly, and that’s what he’s looking for at 3:18 a.m.

Then at 3:21 a.m., the defendant visits a website, How Can I verify That a 1TB File — one terabyte file — transferred correctly?

That description is based off this forensic testimony from Michael Berger.

Prosecutors described this as happening overnight. Overnight transmission of a 1TB file using WikiLeaks’ public submission site would be utterly impossible given the state of it at the time and the volume of data Schulte was transferring, and probably impossible regardless of how much time someone spent. Overnight transmission of 1TB of data using Tails, even to a dedicated server, would be difficult enough. Best describes that, “1 TB over Tor in one night is unlikely.”

The government timeline does have Schulte in possession of the data earlier than that, potentially giving him a week to transfer the data, with this process describing just the end of the process.

Still, the way this would happen, normally, would be for WikiLeaks to set up a dedicated server to accept the files. And that would take prior communication. Such communication likely would have happened over Jabber, not Twitter (Schulte’s opsec was piss poor in many ways but he did use Jabber).

Such a prior conversation is entirely consistent with testimony provided elsewhere, where prosecutors focused on the website’s alternative submission process.

But the seeming necessity for prior communication before this transfer happened suggests Schulte’s alleged theft and transfer of the files might not have been as reactive a decision as portrayed in his prosecution.

It would take premeditation to send WikiLeaks a 1TB file, whatever the timing. Prosecutors may know that, and have an explanation for when such prior communications happened, but they’re withholding those details for any of a number of reasons. Or it may be a big hole in this story. Schulte insists he didn’t do it and a jury failed to convict.

One way or another, however, the state of the WikiLeaks’ submission system as it existed in 2016 presents a big gap in prosecutors’ current story.

Update: Two important details for those trying to figure out how long this transfer would really take. First, Schulte ran a commercial server specifically focused on video streaming at the time, so his upload speeds would not limit the transfer time at all. Second, Schulte at least claimed that hiding data for exfiltration was his speciality. That by itself wouldn’t help him send stuff to WikiLeaks, at least not without prior contact. But it does mean that the means by which he transferred this file relied on tools he has developed at CIA.

King Josh in Jail, Part One: The Informant

/14 Comments/in , /by

The testimony on accused Vault 7 leaker Joshua Schulte’s conduct in MCC raised more questions than answers. So I want to do a series of three or four posts to look more closely at it (I’m using the term “King Josh” because it was one of his passwords at the CIA).

In this post I want to look at the jail house informant who is the publicly acknowledged basis by which prosecutors discovered that Schulte had a phone in jail, Carlos Bentances Luna Mera.

Betances is a 41 year old citizen of the Dominican Republic who twice migrated to the US without documentation, the first time in 1996 (he was deported in 2001), and then again around 2008. At some point, Betances married and had children. During both periods, he began to work as a low level cog in narcotics trafficking.

Betances was arrested on March 15, 2018 in conjunction with the trafficking. The only federal complaint unsealed in the docket is for illegal reentry, and in that magistrates docket, proceedings were continued in both April and May 2018, something that would happen if Betances were forgoing indictment and moving directly to a plea. Given his testimony, there must be a sealed criminal docket showing a guilty plea on nine counts covering multiple narcotics trafficking and conspiracy counts, illegal reentry, identity fraud, mail fraud, and taking a phone into jail.

That suggests that Betances flipped almost immediately, perhaps, at first, to cooperate against his network of suppliers. That’s consistent with an answer Betances gave when Schulte’s lawyer, Sabrina Shroff, suggested that cooperation on using a phone in jail, “was the most valuable to the government,” more than on all his narcotics charges. Betances responded, “Well, may I remind you that I had been cooperating before I talked to them?”

According to the testimony, Betances didn’t start spying on Schulte until sometime in summer 2018, at least four months after he was jailed, and didn’t first meet with prosecutors until September 2018. So the public story is that Betances got busted and flipped, managed to play a role in smuggling and hiding phones in jail that put him in a key spot to interact with Schulte and his cellmate, Omar Amanat (I’ll look at Amanat and his brother in the next post), and only after that happened witnessed something that led him to start taking pictures and videos of Schulte’s phone use. That went on for maybe a month before — aware that something big was going to go down in the library — Betances sent a note to the guards, who thwarted it. Some days later, Schulte was thrown in the SHU and a big hunt started for the phones and Schulte’s other activities in jail.

That thing that led Betances to prepare to inform on Schulte (again, per the testimony) is that one day sometime in the summer, Schulte said he wanted Russia’s help.

[W]e were in Chino’s cell [Chino was also part of the cell phone smuggling and sharing network] and I heard Josh saying that Russia had to help in in the things that he was doing.

Here’s how Betances described it on cross (through a translator) to a very dubious Sabrina Shroff:

Shroff: So anyway, it’s you who walks in when Mr. Schulte and Omar are talking, correct?

Betances: Yes, correct.

Shroff: And you walk in to give them a heads-up that somebody’s coming, correct?

Betances: Yes, correct.

Shroff: And just as you walk in, you hear him say the word “Russia,” correct?

Betances: That’s correct, yes.

Shroff: And that’s what prompts fear into you to go cooperate with the United States Attorney’s Office?

Betances: It sounded interesting to me.

Shroff: Right.

Hearing Schulte mention Russia led Betances to do a remarkable amount of surveillance on Schulte’s phones, which he stored for him behind his cell locker.

He took two pictures of the apps Schulte loaded onto the phone, and — per his testimony — got Schulte and Amanat to explain the function of WhatsApp, Signal, Proton Mail, Orbot, Turbo VPN, and Secure Delete. Betances also got pictures of the things Schulte was writing on his phone, including the initial emails to Shane Harris that would form part of the basis for the Espionage Act charges on which the jury was hung.

He took several videos of Schulte using his phone.

After having taken these pictures on September 1, Betances waited around three weeks before he alerted the guards that something big was going down in the library, and then was removed from MCC when guards found at least some of these phones in his cell.

Shroff: And before you decided to cooperate, you simply decided to take photos, is that your testimony?

Betances: Just to be clear with the defense attorney’s question in deciding to cooperate, when they were working on sending whatever they were going to send from the library, that’s when I decided to cooperate.

Shroff: My only question was when did you take this photograph?

Betances: In the summer of 2018.

Shroff: Right. Months before you’re now saying that you decided to cooperate, right?

Betances: Could you repeat that question? You confused me.

Shroff: You took the photo before you decided to cooperate, according to you, correct?

Betances: Yes, yes.

Shroff: Right. And you’re saying you just decided to take these photos for no reason at all, right?

Betances: May I remind you that the reason I took it was because I head the conversation that I heard?

According to his testimony on redirect, Betances did all this without government instruction.

Karamarju: Now, all of the photographs that you testified about, did the government tell you to take any of those photographs?

Betances: No.

The remarkable coincidence that a jailhouse informant would end up first smuggling in and then guarding her client’s illegal phones and then taking pictures from them is not the only thing Shroff was skeptical about. She also doubted the circumstances by which Betances exposed his wife to the risk of smuggling phones into jail as well as his ability — with little English — to figure out what Schulte was doing, to the extent he did.

Still, all that is explicable if Betances’ attorney negotiated a plea deal with narcotics prosecutors and the attorney coached Betances through how to dramatically increase the value of his cooperation by catching Joshua Schulte attempting to leak classified information from his jail cell.

Betances’ surveillance was critical to obtaining the jail warrants that would lead to the discovery of Schulte’s very damning prison notebooks, several phones, three of the Proton Mail accounts he was using, and his Signal traffic. And that’s just what prosecutors revealed in this case.

Betances met with prosecutors in Schulte’s case a bunch of times: first in September 2018, then October and December 2018, several times in 2019, and then perhaps five times in 2019.

None of that means Betances made this stuff up. He certainly doesn’t have the English skills to write those emails to Shane Harris. And while the evidence regarding Schulte’s comments about Russia are contradictory, there is corroboration for it.

But it does present a number of remarkable coincidences that just ended up providing Schulte the means to communicate “securely” from his jail cell, only to have that activity thwarted at the moment he attempted to act.

When Julian Assange Testified before a Nation-State Investigation of a Suspected Spy…

/35 Comments/in , , , /by

Back on December 20, 2019, Julian Assange testified in a nation-state’s investigation of someone suspected of spying for another nation-state. He testified pursuant to international legal process that got challenged on jurisdictional grounds, but ultimately upheld. While El País provided a report of his testimony, the testimony itself was not open to the press.

As he testified, Chelsea Manning and Jeremy Hammond sat in jail in Alexandria, VA, being held in contempt for refusing to testify, under a grant of immunity, in their own nation-state’s investigation of someone suspected of working with the intelligence services of another nation-state. Related charges are being challenged on jurisdictional issues. Manning, at least, claims she won’t testify because any hearing — like the one Assange testified in — would not be public. Tomorrow, prosecutors in EDVA will bring Manning before the grand jury again, in a third attempt to get her to testify before a hearing on Friday over her motion to be released based on an assertion the coercion of contempt will never bring her to testify.

This is just one irony about the way WikiLeaks supporters are treating the investigation of David Morales, the owner of a security contractor that provided the security for Ecuador’s embassy until 2018. Morales is accused of spying for the CIA — that is, spying for a third country’s intelligence service.

There are some problems or obvious alternative explanations for the accusations against Morales, but even assuming the allegations are true, there is little that separates what Morales would have done from what Assange did on at least one occasion: work as a willing participant in a third country’s intelligence service operation compromising the privacy of private citizens. Indeed, there are allegations of Russian involvement in two other WikiLeaks-related publications: there were Russians active in Stratfor hack chat rooms, and Joshua Schulte allegedly expressed an interest in Russian help (though the allegations are contradictory and post-date the initial leak to WikiLeaks, which I’ll return to).

You might argue that Morales’ surveillance of Assange — on whoever’s authority — constituted a far more serious privacy violation than those WikiLeaks has committed by publishing the private emails of John Podesta and the private information of Turkish, Saudi, and third party citizens. That might be true in first instance, but since some of the people exposed by WikiLeaks’ publications live in authoritarian countries, the secondary effects of WikiLeaks’ publication of details about private individuals might not be.

(I have heard, directly and indirectly, multiple consistent allegations about WikiLeaks itself engaging in practices that constitute privacy violations of the sort implicated by the surveillance of Assange, but it would take a law enforcement investigation to substantiate such claims, most of the affected parties would never want to involve law enforcement, and some investigations would be barred by privilege protections.)

Ultimately, though, Spain’s investigation into UC Global is the same thing the US investigation into WikiLeaks is: a properly predicated nation-state investigation into someone suspected of engaging in espionage-related activities with a foreign intelligence service. There are legitimate reasons why those who respect privacy might support both investigations.

WikiLeaks supporters might argue that it’s different because it’s the United States. That’s a perfectly justifiable stance, but if it’s the basis of supporting one investigation and another, should be admitted explicitly. WikiLeaks supporters might argue it’s different because Assange is the alleged victim, but that doesn’t change that there are victims (and not just spy agencies) that the US is trying to protect with its investigation.

Manning and Hammond say they are refusing to testify because they object to American grand jury practices. That amounts to civil disobedience, which is certainly their prerogative. They are paying a steep price for that civil disobedience (as both already paid with their decisions not to cooperate after pleading guilty). But when WikiLeaks supporters complain about the treatment Manning is suffering for her stance, they might think about the fact that — when it came to testifying in an equivalent inquiry — Julian Assange had none of the objections to testifying.

Judge Crotty Declares a Mistrial in Joshua Schulte Case

/21 Comments/in , /by

This morning, Judge Paul Crotty declared a mistrial in the Joshua Schulte case. Jurors found Schulte guilty on the two least serious charges — false statements and contempt — but didn’t even find him guilty of obstruction, to say nothing of the Espionage and CFAA charges tied to his alleged theft of the CIA’s hacking tools. A sentence on those two charges would not even amount to the time he has already served since being jailed in December 2018.

This is an absolutely stunning rebuke for the government on the most serious Espionage case in years, and an unbelievable success for Schulte’s lawyers, especially Sabrina Shroff.

The two sides will have a conference on March 26 to decide what to do. The government will certainly push to retry Schulte; Sabrina Shroff asked for an extended deadline to file motions. She may try to do something further about the government’s late notice that Michael, a key witness, got put on paid leave last August (though the government has argued compellingly that Michael’s underlying lack of candor has been noticed to the defense throughout). She also may make yet another bid to get more access to the forensics, something I’ve argued that the government should have permitted in the first place.

That said, I think the government’s failure in this case stemmed largely from too much focus on the CIA and too little focus on the (abundant) evidence against Schulte. In addition, they do not appear to have shown — via the abundant evidence available to them — that Schulte is a compulsive liar, and that exhibits that show Schulte offering alternate theories of the theft all fall flat.

Plus, there were problems with two jurors, problems that I think Judge Crotty did not adequately manage.

That is, I think the government can learn from its failures in this case. I wouldn’t be surprised, either, if the vaunted SDNY is forced to add a cybersecurity prosecutor to their team, to ensure that the forensic case is presented more clearly to jurors.

I highly doubt Schulte can pull this off a second time. If he can, it will be a remarkable comment on the government’s ability to obtain justice against insider threats.

How the Wyden/Khanna Espionage Act Fix Works (But Not for Julian Assange)

/4 Comments/in , , , /by

Last week, Ron Wyden and Ro Khanna released a bill that they say will eliminate much of the risk of prosecution that people without clearance would face under they Espionage Act. They claim the bill would limit the risk that:

  • Whistleblowers won’t be able to share information with appropriate authorities
  • Those appropriate authorities (including Congress) won’t be able to do anything with that information
  • National security journalists will be prosecuted for publishing classified information
  • Security researchers will be prosecuted for identifying and publishing vulnerabilities

I want to look at how the bill would do that. But I want to do so against the background of claims about how the bill would affect the ability to prosecute Julian Assange.

After explaining that under the bill Edward Snowden could still be prosecuted, the summary of the bill states in no uncertain terms that the government could still prosecute Julian Assange under the bill.

Q: How would this bill impact the government’s prosecution of Julian Assange?

A: The government would still be able to prosecute Julian Assange.

It doesn’t say how, but immediately after that question, it explains that the government could still prosecute hackers who steal government secrets.

Q: What about hackers who break into government systems and steal our secrets?

A: The Espionage Act is not necessary to punish hackers who break into U.S. government systems. Congress included a special espionage offense (U.S.C § 1030(a)(1)) in the Computer Fraud and Abuse Act, which specifically criminalizes this.

Khanna, in an interview with The Intercept, seems to confirm that explanation — that Assange could still be prosecuted under CFAA.

Khanna told The Intercept that the new bill wouldn’t stop the prosecution of Assange for his alleged role in hacking a government computer system, but would make it impossible for the government to use the Espionage Act to charge anyone solely for publishing classified information.

Indeed, that is sort of what Charge 18 against Assange is, conspiracy to commit computer intrusion, though, as written, it invokes the Espionage Act and theft of government secrets as part of the conspiracy (the Wyden/Khanna bill would limit the theft of government property bill in useful ways). Never mind that as charged it’s a weak charge for evidentiary reasons (though that may change in Assange’s May extradition hearing); it would still be available, if not provable given existing charged facts, under this bill.

But given the claims the US government makes about Assange, that may not be the only way he could be prosecuted under this bill. That’s because the bill works in two ways: first, by generally limiting its application to “covered persons,” who are people who’ve been authorized to access classified or national defense information by an Original Classification Authority. Then, it defines “foreign agent” using the definition in FISA (though carving out foreign political organizations) and says that anyone who is not a foreign agent “shall not be subject to prosecution” under the Espionage Act unless they commit a felony under the act — by aiding, abetting, or conspiring in the act — or pays for the information and wants to harm the US. The bill further carves out providing advice (for example, on operational security) or an electronic communication or remote computing service (such as a secure drop box) to the public.

So:

  • If you don’t have clearance or are sharing information not obtained illegally or via your clearance and
  • If you aren’t an agent of a foreign power and
  • If you’re not otherwise paying for, conspiring or aiding and abetting in some way beyond offering operational security and drop boxes with the specific intent to harm the US or help another government

Then you shouldn’t be prosecuted under the Espionage Act.

Below, I’ve written up how 18 USC §793 and 18 USC §798 would change under the bill, with changes italicized (18 USC §794 already includes the foreign government language added by this bill so would not change).

In the wake of the 2016 election operation, where Julian Assange helped a Russian operation hiding behind thin denials, Assange might well meet the definition of “foreign agent.” Three of WikiLeaks’ operations — the Stratfor hack (in which Russians were involved in the chat rooms), the 2016 election year operation, and Vault 7 (in which Joshua Schulte, between the initial leak and the alleged attempts to leak from jail, evinced an interest in Russia’s help) — involved some Russian activity.

And it’s not clear how Congress’ resolution — passed in last year’s NDAA — that WikiLeaks is a non-state hostile intelligence service often abetted by state actors would affect Assange’s potential treatment as a foreign agent.

It is the sense of Congress that WikiLeaks and the senior leadership of WikiLeaks resemble a nonstate hostile intelligence service often abetted by state actors and should be treated as such a service by the United States.

But even with all the new protections for those who don’t have clearance, this bill specifically envisions applying it to someone like Assange. That’s because it explicitly incorporates aiding and abetting (18 USC § 2) — which is how Assange is currently charged in Counts 2-14 — as well as accessory after the fact (18 USC § 3), and misprison of a felony (18 USC § 4) into the bill. That’s on top of the conspiracy to commit an offense against the US (18 USC § 371), which is already implicitly incorporated in 18 USC § 793(g), which is Count 1 in the Assange indictment. Arguably, explicitly adding the accessory after the fact and misprison of a felony would make it easier to prosecute Assange for assistance that WikiLeaks and associated entities routinely provide sources after the fact, such as publicity and legal representation, to say nothing of the help that Sarah Harrison gave Edward Snowden to flee to Russia.

And those charges don’t require someone formally fit the definition of agent of a foreign power so long as the person has “the specific intent to harm the national security of the United States or benefit any foreign government to the detriment of the United States.” (I’ve bolded this language below.) That’s a mens rea requirement that might otherwise be hard to meet — but not in the case of Assange, even before you get into any non-public statements the US government might have in hand.

This is a bill from Ron Wyden, remember. Back in 2017, when he first spoke out when SSCI first moved to declare WikiLeaks a non-state hostile intelligence service, he expressed concerns about the lack of clarity in such a designation.

I have reservations about Section 623, which establishes a Sense of Congress that WikiLeaks and the senior leadership of WikiLeaks resemble a non-state hostile intelligence service. The Committee’s bill offers no definition of “non-state hostile intelligence service” to clarify what this term is and is not. Section 623 also directs the United States to treat WikiLeaks as such a service, without offering further clarity.

To be clear, I am no supporter of WikiLeaks, and believe that the organization and its leadership have done considerable harm to this country. This issue needs to be addressed. However, the ambiguity in the bill is dangerous because it fails to draw a bright line between WikiLeaks and legitimate journalistic organizations that play a vital role in our democracy.

I supported efforts to remove this language in Committee and look forward to working with my colleagues as the bill proceeds to address my concerns.

While this bill does much to protect journalists (and in a way that doesn’t create a special class for journalists or InfoSec researchers that would violate the First Amendment), it provides the clarity that would enable charging Assange, even for things he did after the fact to encourage leakers.

Update: Two more points on this. First, as I understand it, the explicit references to 18 USC §§ 2-4 are designed to protect reporters, meaning the protections apply to those as well.

I also meant to note that the way this bill is written — which is clearly meant to allow for prosecution of people working at state-owned media outlets (Russia, China, and Iran all use their outlets as cover for spies) — would then by design not protect reporters at the BBC or Al Jazeera, both of which have done reporting on stories implicating US classified information in the past.

18 USC § 793

(a) Whoever, for the purpose of obtaining information respecting the national defense with intent or reason to believe that the information is to be used to the injury of the United States, or to the advantage of any foreign nation, goes upon, enters, flies over, or otherwise unlawfully obtains nonpublic information concerning any vessel, aircraft, work of defense, navy yard, naval station, submarine base, fueling station, fort, battery, torpedo station, dockyard, canal, railroad, arsenal, camp, factory, mine, telegraph, telephone, wireless, or signal station, building, office, research laboratory or station or other place connected with the national defense owned or constructed, or in progress of construction by the United States or under the control of the United States, or of any of its officers, departments, or agencies, or within the exclusive jurisdiction of the United States, or any place in which any vessel, aircraft, arms, munitions, or other materials or instruments for use in time of war are being made, prepared, repaired, stored, or are the subject of research or development, under any contract or agreement with the United States, or any department or agency thereof, or with any person on behalf of the United States, or otherwise on behalf of the United States, or any prohibited place so designated by the President by proclamation in time of war or in case of national emergency in which anything for the use of the Army, Navy, or Air Force is being prepared or constructed or stored, information as to which prohibited place the President has determined would be prejudicial to the national defense; or

(b) An individual who, while a covered person, for the purpose aforesaid, and with like intent or reason to believe, copies, takes, makes, or obtains, or attempts to copy, take, make, or obtain, any sketch, photograph, photographic negative, blueprint, plan, map, model, instrument, appliance, document, writing, or note of anything connected with the national defense; or

(c) A foreign agent who, for the purpose aforesaid, and with like intent or reason to believe, receives or obtains or agrees or attempts to receive or obtain from any person, or from any source whatever, any document, writing, code book, signal book, sketch, photograph, photographic negative, blueprint, plan, map, model, instrument, appliance, or note, of anything connected with the national defense, knowing or having reason to believe, at the time the foreign agent receives or obtains, or agrees or attempts to receive or obtain it, that it has been or will be obtained, taken, made, or disposed of by any person contrary to the provisions of this chapter; or

(d) Whoever, lawfully having possession of, access to, control over, or being entrusted with any document, writing, code book, signal book, sketch, photograph, photographic negative, blueprint, plan, map, model, instrument, appliance, or note, or information relating to the national defense, which document, writing, code book, signal book, sketch, photograph, photographic negative, blueprint, plan, map, model, instrument, appliance, note, or information the possessor has reason to believe could be used to the injury of the United States or to the advantage of any foreign nation, willfully communicates, delivers, transmits or causes to be communicated, delivered, or transmitted or attempts to communicate, deliver, transmit or cause to be communicated, delivered or transmitted the same to any person not entitled to receive it, or willfully retains the same and fails to deliver it on demand to the officer or employee of the United States entitled to receive it; or

(e) An individual who—

(1) while a covered person, gains unauthorized possession of, access to, or control over any non public document, writing, code book, signal book, sketch, photograph, photographic negative, blueprint, plan, map, model, instrument, appliance, or note of anything connected with the national defense; and

(2)(A) with reason to believe such information could be used to the injury of the United States or to the advantage of any foreign nation, willfully communicates, delivers, transmits, or causes to be communicated, delivered, or transmitted, or attempts to communicate, deliver, transmit, or cause to be communicated, delivered, or transmitted, the same to any person not entitled to receive it; or

(B) willfully—

(i) retains the same at an unauthorized location; and

(ii) fails to deliver the same to the officer or employee of the United States entitled to receive it; or’

(f) Whoever, being entrusted with or having lawful possession or control of any document, writing, code book, signal book, sketch, photograph, photographic negative, blueprint, plan, map, model, instrument, appliance,  (1) through gross negligence permits the same to be removed from its proper place of custody or delivered to anyone in violation of his trust, or to be lost, stolen, abstracted, or destroyed, or (2) having knowledge that the same has been illegally removed from its proper place of custody or delivered to anyone in violation of its trust, or lost, or stolen, abstracted, or destroyed, and fails to make prompt report of such loss, theft, abstraction, or destruction to his superior officer—

Shall be fined under this title or imprisoned not more than ten years, or both.

(g)(1) A foreign agent who—

(A) aids, abets, counsels, commands, induces, or procures the commission of an offense under this section shall be subject to prosecution under this section by virtue of section 2 of this title;

(B) knowing that an offense under this section has been committed by another person, receives, relieves, comforts, or assists such other person in order to hinder or prevent the apprehension, trial, or punishment of such other person shall be subject to prosecution under section 3 of this title;

(C) having knowledge of the actual commission of an offense under this section, conceals and does not as soon as possible make known the same to some judge or other person in civil or military authority under the United States shall be subject to prosecution under section 4 of this title; or

(D) conspires to commit an offense under this section shall be subject to prosecution under section 371 of this title.

(2) Any person who is not a foreign agent shall not be subject to prosecution under this section by virtue of section 2 of this title or under section 3, 4, or 371 of this 7 title, unless the person—

(A) commits a felony under Federal law in the course of committing an offense under this section (by virtue of section 2 of this title) or under section 3, 4, or 371 of this title;

(B) was a covered person at the time of the 13 offense; or

(C) subject to paragraph (3), directly and materially aids, or procures in exchange for anything of monetary value, the commission of an offense under this section with the specific intent to—

(i) harm the national security of the United States; or

(ii) benefit any foreign government to the detriment of the United States.

(3) Paragraph (2)(C) shall not apply to direct and material aid that consists of—

(A) counseling, education, or other speech activity; or

(B) providing an electronic communication service to the public or a remote computing service (as such terms are defined in section 2510 and 2711, respectively).

(h)

(1)Any person convicted of a violation of this section shall forfeit to the United States, irrespective of any provision of State law, any property constituting, or derived from, any proceeds the person obtained, directly or indirectly, from any foreign government, or any faction or party or military or naval force within a foreign country, whether recognized or unrecognized by the United States, as the result of such violation. For the purposes of this subsection, the term “State” includes a State of the United States, the District of Columbia, and any commonwealth, territory, or possession of the United States.

(2)The court, in imposing sentence on a defendant for a conviction of a violation of this section, shall order that the defendant forfeit to the United States all property described in paragraph (1) of this subsection.

(3)The provisions of subsections (b), (c), and (e) through (p) of section 413 of the Comprehensive Drug Abuse Prevention and Control Act of 1970 (21 U.S.C. 853(b), (c), and (e)–(p)) shall apply to—

(A)property subject to forfeiture under this subsection;

(B)any seizure or disposition of such property; and

(C)any administrative or judicial proceeding in relation to such property, if not inconsistent with this subsection.

(4)Notwithstanding section 524(c) of title 28, there shall be deposited in the Crime Victims Fund in the Treasury all amounts from the forfeiture of property under this subsection remaining after the payment of expenses for forfeiture and sale authorized by law.

(i) In this section—

(1) the term “covered person” means an individual who—

(A) receives official access to classified information granted by the United States Government;

(B) signs a nondisclosure agreement with regard to such classified information; and

(C) is authorized to receive documents, writings, code books, signal books, sketches, photographs, photographic negatives, blueprints, plans, maps, models, instruments, appliances, or notes of anything connected with the national defense by—

(i) by the President; or

(ii) the head of a department or agency of the United States Government which is expressly designated by the President to engage in activities relating to the national defense; and

(2) the term “foreign agent”—

(A) has the meaning given the term “agent of a foreign power” under section 101 of the Foreign Intelligence Surveillance Act of 1978 (50 U.S.C. 1801); and

(B) does not include a person who is an agent of a foreign power (as so defined) with respect to a foreign power described in section 101(a)(5) of the Foreign Intelligence Surveillance Act of 1978 (50 U.S.C. 1801(a)(5)).

18 USC §798

(a)Any individual who knowingly and willfully communicates, furnishes, transmits, or otherwise makes available to an unauthorized person, or publishes, or uses in any manner prejudicial to the safety or interest of the United States or for the benefit of any foreign government to the detriment of the United States any classified information obtained by the individual while the individual was a covered person and acting within the scope of his or her activities as a covered person

(1) concerning the nature, preparation, or use of any code, cipher, or cryptographic system of the United States or any foreign government; or

(2) concerning the design, construction, use, maintenance, or repair of any device, apparatus, or appliance used or prepared or planned for use by the United States or any foreign government for cryptographic or communication intelligence purposes; or

(3) concerning the communication intelligence activities of the United States or any foreign government; or

(4) obtained by the processes of communication intelligence from the communications of any foreign government, knowing the same to have been obtained by such processes—

Shall be fined under this title or imprisoned not more than ten years, or both.

(b)As used in subsection (a) of this section:

(1) The term ‘classified information’—

(A) means information which, at the time of a violation of this section, is known to the person violating this section to be, for reasons of national security, specifically designated by a United States Government Agency for limited or restricted dissemination or distribution and;

(B) does not include any information that is specifically designated as ‘Unclassified’ under any Executive Order, Act of Congress, or action by a committee of Congress in accordance with the rules of its House of Congress.

(2) The terms ‘code’, ‘cipher’, and ‘cryptographic system’ include in their meanings, in addition to their usual meanings, any method of secret writing and any mechanical or electrical device or method used for the purpose of disguising or concealing the contents, significance, or meanings of communications.

(3) The term “communication intelligence” means all procedures and methods used in the interception of communications and the obtaining of information from such communications by other than the intended recipients.

(4) The term ‘covered person’ means an individual who—

(A) receives official access to classified information granted by the United States Government;

(B) signs a nondisclosure agreement with regard to such classified information; and

(C) is authorized to receive information of the categories set forth in subsection (a) of this section—

(i) by the President; or

(ii) the head of a department or agency of the United States Government which is expressly designated by the President to engage in communication intelligence activities for the United States

(5) The term “foreign government” includes in its meaning any person or persons acting or purporting to act for or on behalf of any faction, party, department, agency, bureau, or military force of or within a foreign country, or for or on behalf of any government or any person or persons purporting to act as a government within a foreign country, whether or not such government is recognized by the United States.

(6) The term “unauthorized person” means any person who, or agency which, is not authorized to receive information of the categories set forth in sub10 section (a) of this section by—

(A) the President;

(B) the head of a department or agency of the United States Government which is expressly designated by the President to engage in communication intelligence activities for the United States; or

(C) an Act of Congress.

(c)Nothing in this section shall prohibit the furnishing of information to—

(1) any Member of the Senate or the House of Representatives;

(2) a Federal court, in accordance with such procedures as the court may establish;

(3) the inspector general of an element of the intelligence community (as defined in section 3 of the National Security Act of 1947 (50 U.S.C. 3003)), including the Inspector General of the Intelligence Community;

(4) the Chairman or a member of the Privacy and Civil Liberties Oversight Board or any employee of the Board designated by the Board, in accordance with such procedures as the Board may establish;

(5) the Chairman or a commissioner of the Federal Trade Commission or any employee of the Commission designated by the Commission, in accordance with such procedures as the Commission may establish;

(6) the Chairman or a commissioner of the Federal Communications Commission or any employee of the Commission designated by the Com2 mission, in accordance with such procedures as the Commission may establish; or

(7) any other person or entity authorized to receive disclosures containing classified information pursuant to any applicable law, regulation, or executive order regarding the protection of whistleblowers.

(d)

(1) In this subsection, the term ‘foreign agent’—

(A) has the meaning given the term “agent of a foreign power” under section 101 of the Foreign Intelligence Surveillance Act of 1978 (50 U.S.C. 1801); and

(B) does not include a person who is an agent of a foreign power (as so defined) with respect to a foreign power described in section 101(a)(5) of the Foreign Intelligence Surveillance Act of 1978 (50 U.S.C. 1801(a)(5)).

(2) A foreign agent who—

(A) aids, abets, counsels, commands, induces, or procures the commission of an offense under this section shall be subject to prosecution under this section by virtue of section 2 of this title;

(B) knowing that an offense under this section has been committed by another person, receives, relieves, comforts, or assists such other person in order to hinder or prevent the apprehension, trial, or punishment of such other person shall be subject to prosecution under section 3 of this title;

(C) having knowledge of the actual commission of an offense under this section, conceals and does not as soon as possible make known the same to some judge or other person in civil or military authority under the United States shall be subject to  prosecution under section 4 of this title; or

(D) conspires to commit an offense under this section shall be subject to prosecution under section 371 of this title.

(3) Any person who is not a foreign agent shall not be subject to prosecution under this section by virtue of section 2 of this title or under section 3, 4, or 371 of this title, unless the person—

(A) commits a felony under Federal law in the course of committing an offense under this section (by virtue of section 2 of this title) or under section 3, 4, or 371 of this title;

(B) was a covered person at the time of the offense; or

(C) subject to paragraph (4), directly and materially aids, or procures in exchange for anything of monetary value, the commission of an offense under this section with the specific intent to—

(i) harm the national security of the United States; or

(ii) benefit any foreign government to the detriment of the United States.

(4) Paragraph (3)(C) shall not apply to direct and material aid that consists of—

(A) counseling, education, or other speech activity; or

(B) providing an electronic communication service to the public or a remote computing service (as such terms are defined in section 2510 and 2711, respectively)

(e)

(1)Any person convicted of a violation of this section shall forfeit to the United States irrespective of any provision of State law—

(A)any property constituting, or derived from, any proceeds the person obtained, directly or indirectly, as the result of such violation; and

(B)any of the person’s property used, or intended to be used, in any manner or part, to commit, or to facilitate the commission of, such violation.

(2)The court, in imposing sentence on a defendant for a conviction of a violation of this section, shall order that the defendant forfeit to the United States all property described in paragraph (1).

(3)Except as provided in paragraph (4), the provisions of subsections (b), (c), and (e) through (p) of section 413 of the Comprehensive Drug Abuse Prevention and Control Act of 1970 (21 U.S.C. 853(b), (c), and (e)–(p)), shall apply to

(A)property subject to forfeiture under this subsection;

(B)any seizure or disposition of such property; and

(C)any administrative or judicial proceeding in relation to such property,
if not inconsistent with this subsection.

(4)Notwithstanding section 524(c) of title 28, there shall be deposited in the Crime Victims Fund established under section 1402 of the Victims of Crime Act of 1984 (42 U.S.C. 10601) [1] all amounts from the forfeiture of property under this subsection remaining after the payment of expenses for forfeiture and sale authorized by law.

(5)As used in this subsection, the term “State” means any State of the United States, the District of Columbia, the Commonwealth of Puerto Rico, and any territory or possession of the United States.

20 Questions (Plus 5): The Joshua Schulte Jury Is Lost, Possibly Hopelessly

/6 Comments/in , , /by

According to InnerCity Press (virtually the only press covering the Schulte verdict watch), by end of day today the jurors had sent out 25 notes, most questions but also problems with two of the jurors. At the end of the day they told the Court they “aligned” on two of the charges, but were at an impasse on the other. Given that there’s slam dunk evidence that he committed the least serious crimes (false statements and contempt), that suggests at least some members of the jury have reasonable doubt that the guy who wrote a virtual signed confession to committing the most damaging leak in CIA history actually did so.

I wanted to collect the known questions from jurors to give a sense of what issues have driven this uncertainty.

Note 1: A request for a summary of exhibits

Note 2: A request for a transcript of the testimony of David, a CIA Sysadmin, particularly as regards what jurors may have mislabeled 1209-8 (David testified about Schulte’s failed attempt to access Altabackups with regards to exhibit 1202-8).

Note 3 asked 7 questions:

  1. What is included in Count Three? We aren’t sure what the purview is — articles, search warrants, tweets? This pertains to the Espionage Charge tied to posting classified information in one of his diaries, sending a diagram of CIA’s servers to WaPo reporter Shane Harris, and planning to reveal details about how a CIA hacking tool, Bartender, was used in the field (which certainly would expose CIA officers, and probably NOCs).
  2. In 2015, when DevLAN went down, was Schulte called to fix the problem? How did he fix it? Schulte’s lawyer, Sabrina Shroff, had made much of the fact that when Schulte was at a conference he got called about DevLAN going down. It’s not directly related to any of his charges.
  3. Can you please reread what was found on Schulte’s home computer? This would have focused on deleted materials (and the lack of classified information), but given that Juror 5 almost certainly knew about the child porn allegations and there was a focus on Schulte’s hosting of movies, this may have been what they were looking for.
  4. Did GX 809 reference Schulte’s taking a drug (“took my last piece”)? If so, what was it? Was it regular use? This refers to part of one page of his prison notebook in which he discusses  taking his “last piece” and envisioning himself as a Cardinal. It is entirely unrelated to his charges.
  5. Is it confirmed that Schulte’s been diagnosed with Aspergers Syndrome? One of the very senior CIA managers suggested to another that Schulte might have Asperbergers. It is entirely unrelated to his charges.
  6. For Count One, is Altabackups inclusive of Brutal Kangaroo? Is it inclusive of OSB libraries? The backup that Schulte is alleged to have stolen included both the libraries (which were not leaked) and Brutal Kangaroo (materials on which were leaked), but it included far more, but the parties did not answer this because they weren’t sure whether this was a network question or a charging one.
  7. Where were OSB libraries housed/where did they live? They were part of Stash.

Note Four: Can we please have simplified badge times/formats for Schulte on 4/20/16 in a format similar to GX 115. One piece of evidence that Schulte did the reversion during which the backup sent to WikiLeaks was stolen was that he was the only one in his SCIF with his computer during the time the commands doing the reversion were entered into it. The badge records would show that. Jurors did get simplified badge records.

Note Five: In Exhibit GX 107, what does lock/unlock computer mean in columns Source and Type? Is the computer locking itself? What is someone unlocking? This pertains to something tracked on CIA badge records and was not explained in testimony.

Note Six includes four questions:

  1. Is there evidence that April 18 and 20 were the only two times in 2016 that Schulte left the vault last? April 18, the day Schulte allegedly conducted reconnaissance on the backup files, and April 20, the day he allegedly stole him were the only two days he was the last person in his SCIF at RDB (the time period for which may include just the last seven months he worked at CIA).
  2. What does mount the Altabackups mean? This refers to how the CIA networks were set up, and Schulte’s role in doing that.
  3. What does create data store mean? This pertains to testimony about one attempt Schulte made to regain access to files he had been booted from.
  4. When someone logs out of a virtual machine, what happens to the log files from that session? There was no testimony on this point (jurors likely asked it to try to assess whether Schulte’s buddy Michael could have stolen the files).

Note Seven (Exhibits 16-17, I think) asked for the transcripts of Michael Berger (the FBI forensics expert who presented evidence of Schulte’s efforts to wipe evidence at home) and Michael (Schulte’s buddy who took a screen cap of him deleting logs).

Note Eight: Jurors complained that one of the jurors, Juror 4, was not deliberating with the rest of the jury and coming in late.

Note Nine included two questions:

  1. Can we please have testimony from Richard Evanchec. Evanchec is one of the FBI agents that interviewed Schulte and searched his home, and so is central to the false statements charges.
  2. What testimonies covered GX 1305-8 and GX 1305-9. Can we please have transcripts about that. These are Schulte’s Google records, which Evanchec also testified about.

Note Ten: Juror five has prior information, probably including details of Schulte’s child porn charges. She also looked up one of the lawyers. It became clear in a later sidebar that this is the juror who had said something inappropriate to another juror, possibly about deliberations, on February 13, during the trial.

Note Eleven included two questions:

  1. What happened to Schulte’s computers and workstation after he went to Bloomberg (after November 10)? This is likely a question testing a theory about whether someone — possibly Michael? — could have altered logs on Schulte’s computer after he left on November 10, 2016.
  2. When and where was Rufus’s SSH key found? Was it found in the home directory or was it found forensically? Schulte had stored the key of someone, Rufus, who had had Admin access but left, on his home directory. He used it when he was deleting logs on April 20. Sabrina Shroff had gotten one witness to testify that it was very easy to access other people’s home drives, so this is likely another effort to test an alternate culprit theory.

There were two more questions today (which I’ll update on Monday when that transcript is released):

  • Something about the CFAA charge, suggesting jurors are not treating the reversion as a hack, but might be treating Schulte booting his colleague off Brutal Kangaroo as one.
  • Something about unanimity on charges, possibly relating to the leaks from jail.

And then jurors told the court that they’re only in agreement on two charges, but stuck on the others.

For the reasons I laid out here — as well as the two problem jurors — I’m not surprised about that. And given the questions, it seems clear that the extended focus on Schulte’s employment disputes at the CIA made at least some of the jurors sympathetic to the idea that someone at CIA framed Schulte. Keep in mind, too, that Schulte adopted the moniker Jason Bourne in prison, so he fed that idea. And — as Shroff noted in her close — there was no good reason to focus on the continued employment disputes that extended two months after Schulte allegedly stole the files.

When the CIA puts its formers on trial, in my opinion, it believes the general population will be as outraged by a violation of CIA’s sacred trust as they themselves are. That may be why prosecutors aired that entire nasty employment dispute. But that’s generally not the case outside of EDVA, especially not in SDNY.

Between that, and the forensic complexity of this case, it appears the jury is lost.

Reminder; Calyx Institute and other donors sprung for the transcripts of this trial.

The Joshua Schulte Jury Is Falling Apart

/13 Comments/in , /by

Even before Judge Paul Crotty dismissed a juror today for reading outside information and sharing it with another juror, it was clear that the jury was a mess. Going all the way back to February 13, a juror had said something to another juror that concerned him.

THE COURT: Okay. I got a note from a juror, and it deals with an incident that occurred on Thursday late in the day. He then left the courthouse. We asked him to put the report that he made to David on Thursday in writing, which he did on Tuesday morning. This is the note. I’m going to mark it as Court Exhibit 1. I made copies. So I don’t think we can resolve this now. But I wanted to call it to your attention right away.

[snip]

MS. SHROFF: It’s her belief. She’s not saying she can’t be impartial. She’s not deliberated. She’s voicing an opinion. And she also notes that that was a different — I mean, she’s saying she is a different kind of citizen. That’s what we want. A jury of peers.

Judge Crotty discussed that incident with the two sides on February 19.

Then, on the first day of deliberations Tuesday, the jurors sent a bunch of notes, including one with seven questions, several of them (the questions about the DevLAN outage, drugs, and Aspergers) entirely unrelated to Schulte’s guilt or innocence:

Message: What is included in Count Three? We aren’t sure what the purview is — articles, search warrants, tweets? (2) In 2015, when DevLAN went down, was Schulte called to fix the problem? How did he fix it? (3) Can you please reread what was found on Schulte’s home computer? (4) Did GX 809 reference Schulte’s taking a drug (“took my last piece”)? If so, what was it? Was it regular use? (5) Is it confirmed that Schulte’s been diagnosed with Aspergers Syndrome? (6) For Count One, is Altabackups inclusive of Brutal Kangaroo? Is it inclusive of OSB libraries? (7) Where were OSB libraries housed/where did they live?

While a number of the questions made sense, it was also clear that the jurors are confused about the forensic evidence, including multiple threads of evidence that show Schulte was at his computer typing in the commands that reverted the backup on the date the files were stolen.

But today, according to a note from Schulte’s lawyers, Juror 1 told the Court that Juror 5 had shared outside information with him.

The defense respectfully requests that the Court halt jury deliberations temporarily and conduct an individual voir dire of jurors 2–11 to ensure that they were not exposed to prejudicial extra-record information from former Juror 5. Such an inquiry is necessary because the Court currently only has the information received in the robing room from Juror 1 and former Juror 5.

The juror who got booted spoke to the press. She seems to believe Schulte did restore his own access to certain files (given her description, she seems focused on Brutal Kangaroo), but does not believe he is guilty of the most serious charges.

“Was he a naughty boy? Yes,” Wiesenberg said. “But did he do the final click? I don’t have evidence. I want solid proof that I wasn’t given by the parties. I don’t think he did it — the most serious charges.”

[snip]

The five-week trial established that Schulte improperly reinstated his administrative privileges to access secret information he’d been told to stay away from, according to Wiesenberg, who lives in the West Village.

“He felt entitled. This was his tool — he created it,” Wiesenberg said, referring to some of the hacking tools. But that didn’t make Schulte guilty of the most serious of 11 charged counts, she added.

Note that, given how little coverage of this case there has been, she probably would have had to go looking for outside information.

In their close, prosecutors didn’t point jurors to where, in the pile of evidence they’ve been presented over the last month, the details are that might prove each of the charges against Schulte (the evidence is there, but it’s highly technical). It’s unsurprising they’re confused. And now Schulte’s lawyers want to know what other outside information on the trial has gotten into jurors.

Update: The booted juror told they Post there are others who doubt Schulte’s guilt on the most serious charges.

Wiesenberg said the Schutle jury is divided, with people like her who believe the former CIA programmer to be not guilty of the worst leak in the spy agency’s history.

It’s Easy to [Claim to] Attribute Hacks to CIA after a One Month Trial on CIA’s Tools

/5 Comments/in , /by

Yesterday, closing arguments and charging instructions in the Joshua Schulte trial were presented to the jury. As I’ve noted, I think the evidence against Schulte is quite compelling, but several things have weakened the government’s case. The transcripts for the closing arguments (which will come out tonight) may provide a better sense of how strong the case is. Otherwise, we wait on the jury.

But at least one Chinese InfoSec company is not waiting. One firm just released a report claiming to ID a number of CIA’s hacking campaigns against Chinese targets, which it dubs APT-C-39. It explicitly relies on the trial record (though not the most interesting details of it, and some of the details revealed at trial seem to conflict with this report).

Proficient in the design and development of cyber weapons and possessing knowledge of intelligence operations, Joshua became one of the core backbones of the CIA’s many important hacking tools, including a key cyber weapon – Vault 7.

In 2016, Joshua took advantage of his admin privilege of the core machine room and a preset backdoor to steal the classified documents of Vault 7 and disclosed to WikiLeaks, which was published on Wikileaks website in 2017.

In 2018, Joshua was arrested and prosecuted by the U.S. Department of Justice for the Vault 7 leaks. On February 4, 2020, at a public hearing in the federal court, the federal prosecutor alleged that Joshua, as the core developer and the person in charge of the highest administrator authority of its internal arsenal, has committed “the single biggest leak of classified national defense information in the history of CIA”by disclosing the agency’s secret hacking tools to WikiLeaks.

This piece appears to be entirely reversed engineered from the leaked files and the trial record, not actual InfoSec analysis. For example, it treats “Vault 7” as CIA’s code name, not some dumb label WikiLeaks assigned to it. It claims to track campaigns from September 2008 through June 2019; yet the trial record says CIA stopped all use of tools developed before Schulte left.

It makes much of compilation time. It is true that most of the work on these tools happen in VA and most of the developers work regular hours. However, there are two remote offices, so tools targeting China could easily be customized in Asian timezones.

The compilation time of malware is a common method and statistics in the research of APT group attribution. Through the study of the compilation time of malware, we can find out the developer’s work schedule, so as to know the approximate time zone of his location.

The following table is the schedule of compilation activities of APT-C-39 (the time is based on the East 8 time zone). It can be seen that the organization’s activities are close to the schedule in Eastern U.S. time zone, which is in line with the CIA’s location. (Virginia, U.S. Eastern Time).

It also admits that it is speculating about a key point — how CIA would use all this.

We speculate that in the past eleven years of infiltration attacks, CIA may have already grasped the most classified business information of China, even of many other countries in the world. It does not even rule out the possibility that now CIA is able to track down the real-time global flight status, passenger information, trade freight and other related information. If the guess is true, what unexpected things will CIA do if it has such confidential and important information? Get important figures‘ travel itinerary, and then pose political threats, or military suppression?

Don’t get me wrong. I’m sure the Chinese state is watching the trial closely for clues on CIA’s now defunct hacking tools, as well as organizational clues to how it used to be developed (though given China’s extensive success spying on the US, doubt they’ve learned anything even remotely new from this trial). But this report, at least, looks to be a opportunistic effort to make the most of the spectacle of the US prosecuting one of its own hackers.

Update: This, from last year, is a more credible report based on Vault 7 leaks. (h/t Catalin Cimpanu)