NSA data thief caught by Kaspersky, not US officials

Report claims the Moscow-based company was contacted by Harold Martin hours before data appeared online

Kaspersky Lab reportedly played a major role in the arrest of the prolific NSA data thief at a time when the company is facing increasing pressure from the US over its alleged ties to the Russian government.

The revelation suggests that the arrest of Harold T. Martin III, a former NSA contractor, was the result of a tip-off from Kaspersky rather than through the US government's own monitoring systems.

The arrest relates to the theft of 50 terabytes of NSA and government data over a 20-year period, believed to be the largest ever breach of classified material in US history. The stolen data also included some of the NSA's most sophisticated hacking tools.

Two sources close to the case told Politico reporters under the condition of anonymity that the Moscow-based security company received strange Twitter messages back in 2016 from an account linked to Harold T. Martin III, a former NSA contractor.

The messages in question refer to two tweets made in August 2013. The first one requested a conversation with 'Yevgeny' who is believed to be Kaspersky Lab CEO Eugene Kaspersky, whose given name is Yevgeny Kaspersky. The reason for the conversation wasn't given but a second tweet swiftly followed saying "Shelf life, three weeks", suggesting that the offer was for a limited time only.

As a result, Kaspersky is said to have shared its intelligence with the NSA, which prompted Martin's arrest and a raid on his Maryland home in late December.

In the ruling against Martin, US District Court Judge Richard Bennett wrote: "The Defendant's Twitter messages ... were sent just hours before what was purported to be stolen government property was advertised and posted on multiple online content-sharing sites, including Twitter."

The stolen classified files were released by a group known as Shadow Brokers and others were later auctioned for the price of $1 million bitcoin.

"Although the Defendant's Twitter messages could have had any number of innocuous meanings in another setting," Bennett added, "these allegations regarding the context of Defendant's messages provide a substantial basis for the Magistrate's conclusion that there was a 'fair probability' that evidence of the crime of Theft of Government Property ... would be found in information associated with the Defendant's Twitter account."

Martin was charged with 20 felony charges, pleading guilty to one in court late last year.

The news is particularly shocking considering the US government has expressed concerns that Kaspersky software could be a point of vulnerability in US defences given suspected close ties to Moscow. US officials alleged that the FSB was using Kaspersky's software to illegally spy on the US government, and as a result, a ban was placed on the use of Kaspersky products in government systems.

Kaspersky has always maintained is innocence and independence from any government state.

"Kaspersky Lab is disappointed with the Court's decisions on its constitutional challenges to the U.S. Government prohibitions on the use of its products and services by federal agencies," the company said in a statement following the company's court appeal to overturn the ban.

"Since the company's inception over 21 years ago, it has always abided by the highest ethical business practices, and through our recently launched Global Transparency Initiative, Kaspersky Lab is exemplifying its ongoing commitment to assuring the integrity and trustworthiness of its products. Kaspersky Lab reaffirms that it has never, nor will ever, engage in cyber offensive activities, and the Court's decision does not conclude otherwise."

Featured Resources

Shining light on new 'cool' cloud technologies and their drawbacks

IONOS Cloud Up! Summit, Cloud Technology Session with Russell Barley

Watch now

Build mobile and web apps faster

Three proven tips to accelerate modern app development

Free download

Reduce the carbon footprint of IT operations up to 88%

A carbon reduction opportunity

Free Download

Comparing serverless and server-based technologies

Determining the total cost of ownership

Free download


Cyber attacks on manufacturing up 300% in a year

Cyber attacks on manufacturing up 300% in a year

11 May 2021

Most Popular

What should you really be asking about your remote access software?

What should you really be asking about your remote access software?

17 Nov 2021
What are the pros and cons of AI?
machine learning

What are the pros and cons of AI?

30 Nov 2021
Access brokers are making it easier for ransomware operators to attack businesses
cyber security

Access brokers are making it easier for ransomware operators to attack businesses

1 Dec 2021