Federal agents descended on the suburban Maryland house with the flash and bang of a stun grenade, blocked off the street and spent hours questioning the homeowner about a theft of government documents that prosecutors would later describe as “breathtaking” in its scale.
The suspect, Harold Martin, was a contractor for the National Security Agency . His arrest followed news of a devastating disclosure of government hacking tools by a mysterious internet group calling itself the Shadow Brokers . It seemed to some that the United States might have found another Edward Snowden , who also had been a contractor for the agency.
“You’re a bad man. There’s no way around that,” one law enforcement official conducting the raid told Martin, court papers say. “You’re a bad man.”
Later this month, about three years after that raid, the case against Martin is scheduled to be resolved in Baltimore’s federal court. But the identity of the Shadow Brokers, and whoever was responsible for a leak with extraordinary national security implications, will remain a public mystery even as the case concludes.
Authorities have established that Martin walked off with thousands of pages of secret documents over a two-decade career in national security, most recently with the NSA, whose headquarters is about 15 miles from his home in Glen Burnie, Maryland. He pleaded guilty to a single count of willful retention of national defense information and faces a nine-year prison sentence under a plea deal.
Investigators found in his home and car detailed description of computer infrastructure and classified technical operations in a raid that took place two weeks after the Shadow Brokers surfaced online to advertise the sale of some of the NSA’s closely guarded hacking tools. Yet authorities have never publicly linked Martin or anyone else to the Shadow Brokers and the U.S. has not announced whether it suspects government insiders, Russian intelligence or someone else entirely.
The question is important because the U.S. believes North Korea and Russia relied on the stolen tools, which provide the means to exploit software vulnerabilities in critical infrastructure, in unleashing punishing global cyberattacks on businesses, hospitals and cities. The release, which occurred while the NSA was already under scrutiny because of Snowden’s 2013 disclosures, raised questions about the government’s ability to maintain secrets .
“It was extraordinarily damaging, probably more damaging than Snowden,” cybersecurity expert Bruce Schneier said of the Shadow Brokers leaks. “Those tools were a lot of money to design and create.”
Yet none of that is likely to be mentioned at Martin’s July 17 sentencing. The hearing instead will turn on dramatically different depictions of the enigmatic Martin, a Navy veteran, longtime government contractor — most recently at Booz Allen Hamilton — and doctoral candidate at the time of his arrest.
Prosecutors allege Martin jeopardized national security by bringing home reams of classified information even as, they say, he once castigated colleagues as “clowns” for lax security measures. Soon after his arrest, they cast aspersions on his character and motives, citing a binge-drinking habit, his arsenal of unregistered weapons and online communication in Russian and other languages.