Hours before a 2016 leak of some of the National Security Agency’s most closely guarded hacking tools, a former NSA contractor sent a cryptic Twitter message that prompted alarm on the part of federal investigators, a federal judge has revealed.
Messages that the former NSA computer security specialist, Hal Martin, sent via Twitter appear to have led to an FBI raid on his Maryland home and to his arrest on charges of retaining a vast trove of classified information there without permission, according to a newly released court ruling.
Passages in the decision from U.S. District Court Judge Richard Bennett were deleted from a version made public by the court, but the remaining details suggest that Martin used the popular social media service to reach out to the Shadow Brokers, the group that released the NSA hacking tools in August 2016 through the attention-grabbing technique of an online auction.
“In these messages, @HAL_999999999 asked for a meeting with the [redacted] and stated ‘shelf life, three weeks,’” Bennett wrote, describing the government’s assertions in court filings still under seal. “The Defendant’s Twitter messages … were sent just hours before what was purported to be stolen government property was advertised and posted on multiple online- content-sharing sites, including Twitter.”
The judge said the FBI maintained that Martin, who had worked for what was known as the NSA’s Tailored Access Operations unit, had access to the information advertised online that summer. Bennett said the combination of factors made him a logical suspect.
“Although the Defendant’s Twitter messages could have had any number of innocuous meanings in another setting,” Bennett added, “these allegations regarding the context of Defendant’s messages provide a substantial basis for the Magistrate’s conclusion that there was a ‘fair probability’ that evidence of the crime of Theft of Government Property … would be found in information associated with the Defendant’s Twitter account.”