15 May 2018, WP: U.S. identifies suspect in major leak of CIA hacking tools
7 March 2017, WP: WikiLeaks: The CIA is using popular TVs, smartphones and cars to spy on their owners
Trial begins for former CIA employee accused of leaking agency hacking tools
By Shane Harris
February 4, 2020
NEW YORK -- Federal prosecutors on Tuesday opened their case against a former CIA software engineer they say leaked a massive trove of the agency's secret hacking tools to take revenge on his former colleagues and bosses.
Joshua Schulte, 31, is charged with disclosing classified information to WikiLeaks after allegedly stealing it from a secretive CIA unit where he worked. In more than 8,000 pages of material published in 2017 -- known as the Vault 7 leaks -- WikiLeaks showed how the CIA breaks into smartphones and Internet-connected devices, including televisions. [1]
The disclosure "was the single biggest leak of classified national defense information in the history of the CIA," Assistant U.S. Attorney David Denton told jurors. Denton said that as a result of the disclosure, CIA operations had "come to a halt," U.S. intelligence officers serving overseas had been exposed and American adversaries were able to turn cyberweapons developed by the CIA against the United States.
Schulte has pleaded not guilty to 11 criminal counts.
Over the months that the case has wound its way to trial, Schulte's lawyers have described the government's charges as vague and overreaching. They also complained that prosecutors have been slow to share information about their case with the defense and placed burdensome rules on the handling of classified information.
Sabrina Shroff, Schulte's lead defense attorney, accused the government of prosecuting Schulte out of embarrassment over losing such a huge volume of sensitive information, and because he was "an easy target."
Shroff in her opening statement described Schulte as a brilliant computer engineer who had long dreamed of public service, but acknowledged that he had a documented history of conflict with his colleagues and managers.
"He was also a pain in the ass to everyone at the CIA," Shroff told jurors, responding to a core piece of the prosecution's argument: that Schulte was a disgruntled employee who leaked the hacking tools to retaliate against his bosses, after they failed to take his side in a dispute with a co-worker. "Being a difficult employee does not make you a criminal," she said.
Shroff said that the government had no conclusive evidence that tied the leaks to Schulte, and that the network from which the hacking tools allegedly were stolen was open to "hundreds" of people.
Schulte himself has said previously that he was targeted for speaking out against what he described as incompetent CIA management. From 2010 to 2016, Schulte worked in the CIA's Engineering Development Group, which produced the computer code published by WikiLeaks.
In a statement previously reviewed by The Washington Post, Schulte claimed that he reported "incompetent management and bureaucracy" at the CIA to the agency's inspector general and to a congressional oversight committee. He asserted that when he left the CIA, he became a suspect in the leak as "the only one to have recently departed [the engineering group] on poor terms."
Schulte had been a suspect in the disclosure long before he was ever charged with that offense. Court filings show that within days of WikiLeaks publishing the first cache of CIA materials, in March 2017, investigators traced their source back to the unit where Schulte had worked. They also concluded that the breach probably occurred while he was still employed there.
On March 13, 2017, less than a week after the original WikiLeaks publication, FBI agents searched Schulte's apartment in New York, where he had moved to take a new job after leaving the agency, and found a computer server and several external drives, as well as notebooks and handwritten notes, court filings show. Schulte was not arrested and denied to FBI agents that he had leaked the CIA materials.
But in August, Schulte was arrested after investigators searching his computer found evidence of child pornography, including more than 10,000 photos and videos, prosecutors alleged. He has pleaded not guilty to those charges, which will be tried separately.
While he was in jail in Manhattan, the government continued to investigate Schulte for the Vault 7 leaks but didn't bring charges for months. Prosecutors alleged in a hearing in January 2018 that Schulte was a "target" of the leak investigation, The Post previously reported. [2] The hearing had escaped public attention at the time.
In June 2018, prosecutors charged Schulte with violating the Espionage Act and related crimes associated with the WikiLeaks dump. Later that year, they also charged him with using a contraband cellphone while in jail to disseminate classified information to the press and use social media to claim that the FBI was framing him for the leaks.
The trial is expected to last several weeks.