Harold T. Martin III is accused of stealing mounds of classified information from the government for at least a decade, and investigators also believe some of the information was taken the old-fashioned way — by walking out of the workplace with printed-out papers he had hidden, according to U.S. officials.
The case against Martin, which was unsealed last week, raises new questions about whether the National Security Agency and other agencies are doing enough to detect and prevent their sensitive data from leaving the secure confines of government offices.
While investigators believe much of Martin’s material was removed before stringent controls were imposed in the wake of 2013 disclosures linked to former NSA contractor Edward Snowden, some say the system still failed.
When investigators searched Martin’s home, they seized several terabytes of data, which Martin stored on dozens of computers and other devices, and thousands of pages of documents, according to the officials who spoke on the condition of anonymity to discuss an open case. Investigators are still exploring whether he was connected in any way to the online leak of some of the NSA’s most powerful hacking tools in August.
“Someone was able to walk out the front door with a whole bunch of stuff from NSA,” said one congressional aide. “That’s not supposed to happen.”
Martin has been charged with theft of government property and unauthorized removal of classified materials. His attorney has said there is “no evidence” that he intended to betray his country. Martin previously worked in the Navy — he left active duty in 1992 — before taking a variety of tech jobs with government contractors, according to records and people who knew him.
In an interview, the head of the office responsible for setting policies aimed at deterring data loss said he thought the existing controls were sufficient. The question, said William Evanina, director of the National Counterintelligence and Security Center, is whether the controls were being successfully implemented.
“I don’t believe there’s anything new that we have to incorporate,” said Evanina, who declined to comment on the ongoing investigation of Martin. “We just have to do a better job to see that what we already have in place is working effectively.”
The NSA did not respond to a request for comment.
Martin worked at the NSA from 2012 to 2015. He was an employee of intelligence contractor Booz Allen Hamilton, which had also employed Snowden.
For some portion of that time, Martin was in the world’s most elite hacker shop, the NSA’s Tailored Access Operations, according to a former member of the group. One former TAO hacker said Martin worked in the unit’s front office carrying out support roles such as setting up accounts, not conducting actual operations.
Officials have not said how, precisely, they think Martin was able to take information home.
The NSA had strengthened its data controls even before Snowden. After disclosures posted by the anti-secrecy group WikiLeaks in 2010, President Obama ordered the creation of a National Insider Threat Task Force, now led by Evanina. That group crafted policies not only to avert compromises of classified information but also to detect and deter insiders who might pick up a weapon and harm others.
In the wake of the Snowden disclosures, NSA officials announced they were taking 41 specific technical measures to control data. They included “smart-tagging data” so each electronic file touched could be tracked and imposing greater oversight of personnel using the networks, NSA Deputy Director Richard Ledgett said in a February 2014 interview.
The agency also imposed a rule requiring two people to be present anytime data in server rooms was being transferred or copied, he said. But the two-person rule did not apply everywhere. Operational personnel, for instance, were exempt, former officials said.
According to former NSA officials and TAO operators, the agency’s measures were in a natural tension with a desire to get the best out of their personnel.
“The challenge remains that you at some level need to trust your employees,” said John C. “Chris” Inglis, the NSA’s deputy director from 2006 to 2014. “And [if you impose too many controls], you’re not going to get any initiative or creativity out of them. The challenge is how do you align that with your need to ensure that they don’t abuse that trust.”
The NSA, for instance, like other agencies does not impose universal checks of personnel and their belongings as they enter and leave agency buildings. Security guards conduct random checks and use their discretion.
“If you have a bag full of stuff, you’re probably going to get stopped,” said a former TAO operator. But, in general, the employee said, “Disneyland has more physical security checks than we had.”
Evanina said imposing universal body and bag checks “is not the solution we’re looking to arrive at to keep and build the trust of our employees.”
Despite all the measures that are in place, Evanina said, it is not always possible to detect an insider who is determined to find a way to thwart them.
“If someone is willing to make the decision that they’re going to exfiltrate documents or data out of an organization,” he said, “they’re going to be successful at that.”
Martin’s alleged thefts took place at a number of workplaces over the years, officials said, including the NSA, the Office of the Under Secretary of Defense for Intelligence and the Office of the Director of National Intelligence (ODNI).
He typically worked for a contractor. From 2009 to 2016, he was at Booz, which said it fired him after his arrest. Before that he was at Tenacity Solutions, which provides information technology services, officials said. He also worked in the 1990s at Computer Sciences Corp., another IT firm, officials said. While at Tenacity, Martin worked at the ODNI.
CSC confirmed Martin’s employment, but it declined to comment further. Tenacity did not return messages seeking comment.
Martin’s last job was at the Office of the Under Secretary of Defense for Acquisition, Technology and Logistics, which deals with the Pentagon’s major procurement programs — many of which are highly sensitive and classified. He also in recent years studied at the University of Maryland Baltimore County.
Roy Rada, a former adviser to Martin at the school, said Martin told him that he was in a military transition program meant for soldiers who were suffering from post-traumatic stress disorder and that he was “experiencing some difficulties in adjusting to non-war life.” He said Martin was interested in researching PTSD, particularly by using what is known as an eye tracker, a device that analyzes a person’s gaze, to detect brain malfunctions.
Christian Davenport, Julie Tate and Alice Crites contributed to this report.