FBI suspects former CIA employee of leaking trove of hacking tools

16 May 2018

Image: KOBRYN TARAS/Shutterstock

The US government has identified a suspect in the high-profile leak of CIA hacking tools last year.

In March of 2017, WikiLeaks published more than 8,000 classified documents detailing hacking tools and strategy of the CIA. At the time, the CIA and FBI said a criminal investigation would be launched to find the culprit behind the biggest leak since the Snowden files.

Yesterday (15 May), The New York Times reported that a prime suspect had already been identified by US authorities. In March last year, the FBI searched the New York apartment of Joshua A Schulte, a former CIA software engineer who had created malware used to access the machines of terrorism suspects.

Sanctions for WikiLeaks Vault 7 suspect

Following the search, agents stopped Schulte from travelling to Mexico for a holiday, confiscating his passport. Authorities also retrieved documents from both the CIA and NSA, as well as a number of electronic devices belonging to the suspect.

The leak, which was referred to as Vault 7, was one of the largest in US history. In August, prosecutors separately charged Schulte with possession of child abuse imagery, as agents apparently found 10,000 images on a server he built as a business in 2009 while at university in Austin, Texas. The images were found during the initial search in March by agents suspecting him of involvement in the CIA data breach.

Criticism of US criminal justice system

Following the filing of the August charges, Schulte was told not to leave New York City and to stay off computers. In December 2017, he was jailed after he violated these conditions. Apparently the suspect had accessed his email as well as TOR, a clear violation of the boundaries set by authorities. Since then, he has posted a series of essays under a pseudonym on Facebook, criticising the US justice system. Court papers suggest he was aware of encrypted images of children existing on the server.

A case against Schulte relating to the Vault 7 leaks has still not been brought by the US government. Lawyers for Schulte say dozens of people have access to the server he started in 2009. According to HuffPost, photos taken in April 2015 (which were obtained from one of Schulte’s phones) allegedly depicted him assaulting his female roommate, and this was confirmed by prosecutors in Virginia.

Lawyers for Schulte have repeatedly called for a decision to be made in relation to the accusations that he was behind the Vault 7 leak. Prosecutors say they plan to file a new indictment in the next 45 days. Some of Schulte’s family members believe he is a scapegoat for the CIA’s massive security fumble.

At the time of the leaks last year, the CIA released a sombre statement, saying: “The American public should be deeply troubled by any WikiLeaks disclosure designed to damage the Intelligence Community’s ability to protect America against terrorists and other adversaries.”

Ellen Tannam was a journalist with Silicon Republic, covering all manner of business and tech subjects

editorial@siliconrepublic.com