Trio of former US spies admit to providing high-tech hacking technology to United Arab Emirates after they left the government and agree to pay $1.7 million in penalties to avoid charges
Three former U.S. intelligence and military operatives have admitted providing sophisticated computer hacking technology to the United Arab Emirates and agreed to pay nearly $1.7 million to resolve criminal charges in an agreement that the Justice Department described Tuesday as the first of its kind.
The defendants - Marc Baier, Ryan Adams and Daniel Gericke - are accused of working as senior managers at a UAE-based company that conducted hacking operations on behalf of the government. Prosecutors say the men provided hacking and intelligence-gathering systems that were used to break into computers in the United State and elsewhere in the world.
The case, in federal court in Washington, accuses the former U.S. officials of violating American laws related to export control and computer fraud. It appears to be part of a growing trend highlighted just months ago by the CIA of foreign governments hiring former U.S. intelligence operatives to bolster their own spycraft - a practice officials have said risks exposing information about U.S. secrets.
Three former U.S. intelligence and military operatives agreed to pay a fine of nearly $2 million and admitted they gave hacking technology to the United Arab Emirates
The charges were filed under a deferred prosecution agreement that, in addition to requiring a $1.68 million payment, will also force the men to cooperate with the Justice Department's investigation and to sever any ties with any UAE intelligence or law enforcement agencies. If they comply with those terms for three years, the Justice Department will not move forward with any prosecution.
As part of the agreement, the three men did not dispute any of the facts alleged by prosecutors.
The Justice Department described it as the 'first-of-its-kind resolution of an investigation into two distinct types of criminal activity,' including providing unlicensed technology for hacking.
'Hackers-for-hire and those who otherwise support such activities in violation of U.S. law should fully expect to be prosecuted for their criminal conduct,' Mark Lesko, acting assistant attorney general of the Justice Department's national security division, said in a statement.
'This agreement is the first-of-its-kind resolution of an investigation into two distinct types of criminal activity: providing unlicensed export-controlled defense services in support of computer network exploitation, and a commercial company creating, supporting and operating systems specifically designed to allow others to access data without authorization from computers worldwide, including in the United States,' said Lesko.
Prosecutors said the trio left a U.S.-based company that was operating in the UAE to joined an Emerati company that would give them 'significant increases' in their salaries.
Lori Stroud, a former National Security Agency employee, said she worked with the three men in the UAE at U.S.-based CyberPoint and then for UAE-owned DarkMatter
The trio did work in Abu Dhabi for the United Arab Emirates, after spending years learning about hacking technology in the US
The companies aren´t named in charging documents, but Lori Stroud, a former National Security Agency employee, said she worked with the three men in the UAE at U.S.-based CyberPoint and then for UAE-owned DarkMatter. The company´s founder and CEO, Faisal al-Bannai, told The Associated Press in 2018 that DarkMatter takes part in no hacking, although he acknowledged the firm´s close business ties to the Emirati government, as well as its hiring of former CIA and NSA analysts.
Stroud said in a Reuters investigation the group ended up 'targeting US persons.'
'I am working for a foreign intelligence agency who is targeting U.S. persons,' she said. 'I am officially the bad kind of spy.”
Prosecutors said that between January 2016 and November 2019, the defendants 'expanded the breadth and increased the sophistication' of operations being providing to the UAE government. They bought exploits to break into computers and mobile devices from companies around the world, including those based in the U.S, according to the Justice Department.
According to the government release, the trio got preapproval for their original work.
However, 'between January 2016 and November 2019, the defendants and other ... employees expanded the breadth and increased the sophistication of the ... operations that CIO was providing to the U.A.E. government. For example, over an 18-month period, CIO employees, with defendants’ support, direction and supervision, created two similar “zero-click” computer hacking and intelligence gathering systems that leveraged servers in the United States belonging to a U.S. technology company (U.S. Company Two) to obtain remote, unauthorized access to any of the tens of millions of smartphones and mobile devices utilizing a U.S. Company Two-provided operating system.'
That includes one so-called 'zero-click' exploit - which can break into mobile devices without any user interaction - that Baier bought from an unnamed U.S. company in 2016.
Lawyers for Adams and Gericke did not immediately return messages seeking comment, and a lawyer for Baier declined to comment.
The Justice Department described each of them as former U.S. intelligence or military personnel, and said their work for the UAE-based company began after they had left the government. Baier is identified in a 2019 Reuters news story as previously having worked in an elite hacking unit of the NSA.
The CIA warned in a letter earlier this year about 'an uptick in the number of former officers who have disclosed sensitive information about CIA activities, personnel, and tradecraft.'
The letter sent to former CIA officials was signed by Sheetal Patel, the agency´s assistant director for counterintelligence. It described as a 'detrimental trend' a practice of foreign governments hiring former intelligence officers 'to build up their spying capabilities.' Some listed examples included using access to CIA information or contacts for business opportunities as well as 'working for state-sponsored intelligence related companies in non-fraternization countries.'
'We ask that you protect yourself and the CIA by safeguarding the classified tradecraft that underpins your enterprise,' Patel wrote.
No comments