On Wednesday, a New York jury convicted Joshua Schulte, a former Central Intelligence Agency engineer, on the nine counts he faced (as first reported @InnerCityPress) following the biggest leak in the agency’s history. Dubbed Vault 7, files and information shared by WikiLeaks in 2017 revealed a host of tactics and exploits used by the CIA to hack into its targets’ computers, iPhones or Android phones, and even Samsung smart TVs.
CIA spokeswoman Tammy Thorp said in a statement given to The edge, “Today’s verdict affirms that maintaining the security of our nation’s cyber capabilities is of the utmost importance. It’s essential to the safety of the American people, and it’s essential to our advantage against adversaries abroad. As stated in the lawsuit, unauthorized disclosures not only jeopardize US personnel and operations, but also provide our adversaries with tools and information to harm us.
Schulte, the subject of a long portrait in the New Yorker who described it as “abrasive” and then went into much worse detail, was arrested in 2018, originally charged with possession of child pornography, and has been in jail ever since.
The article details the Operations Support Branch (OSB), where Schulte worked and allegedly built hacking tools by quickly turning prototypes into real exploits that could monitor or steal information from the targeted person’s devices. He reports that investigators obtained evidence against Schulte through his own personal security breaches, such as storing passwords on his phone that could be used to access his encrypted storage.
This even enters into the problems faced by investigators in obtaining the documents from Vault 7 – they remained classified despite being leaked and publicly available on the internet, leading FBI officials to download the cache via Wi-Fi in a Starbucks on a freshly purchased laptop that immediately became officially classified, stored in a supervisor’s office and accessible only with Top Secret clearance.
Additional charges accusing him directly of stealing classified national defense information and sending it to WikiLeaks were later filed. In 2020, the government’s first attempt to prosecute Schulte ended in a mistrial as a jury found him in contempt of court and lying to FBI investigators, but could not s hear about the rest.
This spurred the just-concluded second trial, where Schulte chose to represent himself. The charges he was convicted of all relate specifically to collecting, stealing and transmitting classified information and obstructing justice for lying to investigators about it. He has not yet been convicted, pending the resolution of the other charges against him for possession and transport of child pornography.
The Associated press reports that prosecutors argued that after feeling ignored and disrespected for his work environment complaints, Schulte exacted revenge on the CIA by stealing and disclosing the same exploits he helped create. In his defense, Schulte unsuccessfully argued that he was being used as a scapegoat for the government’s failure to protect dangerous hacking tools. There is evidence to support this argument, such as The Washington Post reported in 2020 that an internal investigation by the CIA’s WikiLeaks task force found the unit’s security to be “woefully lax”, with users sharing administrator-level passwords and a lack of control over the access to historical data or the use of removable USB drives, and that was years after the Snowden leaks. Schulte claimed that no reasonable cause was established and that hundreds of people had access to the information that could have been the source of the leaks.
In a statement released after the verdict, U.S. Attorney for the Southern District of New York, Damian Williams, said: “When Schulte began to harbor resentment toward the CIA, he secretly collected these tools and provided them to WikiLeaks, part of our most critical information. tools known to the public – and therefore to our adversaries. His statement ended by saying, “Schulte was convicted of one of the most brazen and damaging acts of espionage in American history.”