Kaspersky, the FBI, and the 50 Terabyte Secret File Leak

According to Politico, Kaspersky Lab played a key role in the arrest of 51-year-old hacker Harold Thomas Martin, who spent 20 years stealing documents from U.S. intelligence agencies, including the National Security Agency (NSA). In total, Martin’s computers contained over 500 million documents marked “secret” and “top secret,” including source codes for hacking tools. For unknown reasons, the NSA’s own security systems failed to detect what became the largest leak of classified data in U.S. history.

Martin was arrested by the FBI two and a half years ago, but Kaspersky Lab’s involvement in his capture has only recently come to light. He attracted the attention of the Russian company after, under a false name, he asked one of their IT specialists to arrange a meeting with Eugene Kaspersky. After his correspondence with Kaspersky ended, an ad appeared on the dark web offering NSA hacking tools for sale. This prompted Kaspersky Lab to contact U.S. intelligence agencies and begin a joint investigation.

Kaspersky Lab provided the NSA with all messages from the suspected criminal, as well as data pointing to his real identity. The court documents in Martin’s case do not specify how the FBI learned his identity and home address. At the time, the NSA had no idea who was leaking classified data or how it was ending up on the black market.

Martin’s actions partially echoed those of Edward Snowden, who is currently in Russia avoiding U.S. prosecution. Like Snowden, Martin had access to NSA classified information and worked with data from the Office of the Director of National Intelligence and the U.S. Department of Defense. However, unlike Snowden, Martin did not make the copied documents public.

Martin’s lawyers argue that the prosecution has no evidence he sold or sent secret documents to anyone. They claim his possession of the files was due to a compulsive disorder—Martin allegedly lives in constant fear of losing things he might need in the future.