US Intelligence Hackers Available For Hire

Three former US intelligence operatives have admitted to breaking US laws by carrying out hacking operations for the United Arab Emirates.  

The three men worked for DarkMatter, a company that is effectively an arm of the UAE government where they undertook sophisticated hacking operations targeting victims in America and around the world. 

Their  work is allegedly to have included hacking into servers, computers and phones around the world, targeting  the accounts of human rights activists, journalists and rival governments. 

The US justice department said the former intelligence officers, US citizens Marc Baier and Ryan Adams, and former US citizen Daniel Gericke, initially worked for a US company that provided cyber services to a UAE government agency in compliance with the International Traffic in Arms Regulations (ITAR).

In 2016, the three men joined the UAE-based company as senior managers and began carrying out hacking operations for the benefit of the UAE government without obtaining the required licences from the US.

According to the Justice Department. Baier, Adams and Gericke have admitted to deploying a sophisticated cyberweapon called “Karma” that allowed the UAE to hack into Apple iPhones without requiring a target to click on malicious links, according to court papers. Karma allowed users to access tens of millions of devices and qualified as an intelligence gathering system under federal export control rules. But the operatives did not obtain the required U.S. government permission to sell the tool to the UAE, authorities said.

The three are also accused of stealing documents, personally identifiable information and passwords from computers in the United States and around the world.

The regulations require companies to obtain pre-approval from the US government prior to releasing information regarding a hacking operation and to agree not to target US citizens and permanent residents or US entities. Over the next three years, it alleged, they supervised the creation of two similar sophisticated "zero-click" computer hacking and intelligence gathering systems - "Karma" and "Karma 2" - that could compromise a device without any action by the target and allowed users to access tens of millions of devices made by a US technology company that was not identified.

The Justice Department said employees of the company had leveraged the systems to illegally obtain and use credentials for online accounts issued by US companies, and to obtain unauthorised access to computers and mobile phones around the world, including in the US. Bryan Vorndran, of the FBI's cyber division, added: "This is a clear message to anybody, including former US government employees, who had considered using cyberspace to leverage export-controlled information for the benefit of a foreign government or a foreign commercial company – there is risk, and there will be consequences."

The justice department said it filed the charges against the three men under a deferred prosecution agreement that requires them to pay financial penalties, sever ties with UAE intelligence or law enforcement agencies, and never again seek a US security clearance. The operatives have now agreed to pay $1.7m to drop the charges of computer fraud, access device fraud and violating export controls.

This appears to be part of a growing trend highlighted earlier this year by the CIA of foreign governments hiring former US intelligence operatives to strengthen their own spycraft, a practice officials have said risks exposing US secrets. The CIA warned earlier this year about "an uptick in the number of former officers who have disclosed sensitive information about CIA activities, personnel, and tradecraft." 

In 2020, Congress passed a law requiring US intelligence agencies to provide Congress with an annual assessment of risks posed by retired and former intelligence personnel who contract with foreign governments.

US Dept of Justice:      NPR:     Reuters:     Reuters:      Esquire:        BBC:       Sky:      WION

You Might Also Read: 

Outsourced Cyber Spying:

 

« Cyberspace & Outer Space Are New Frontiers For National Security
EU Proposes Legislation To Secure Connected Devices »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Bryan Cave LLP

Bryan Cave LLP

Bryan Cave LLP is a global business and litigation law firm. Practice areas include Data Privacy and Security.

Solarflare

Solarflare

Solarflare is a leading provider of intelligent networking I/O software and hardware platforms that accelerate, monitor and secure network data.

Council of Europe - Cybercrime Programme Office (C-PROC)

Council of Europe - Cybercrime Programme Office (C-PROC)

The Cybercrime Programme Office of the Council of Europe is responsible for assisting countries worldwide in strengthening their legal systems capacity to respond to cybercrime

Cyber Data-Risk Managers

Cyber Data-Risk Managers

Cyber Data-Risk Managers Pty Ltd is an insurance broker based in Melbourne, Australia specializing in Cyber insurance / Data breach insurance.

Kenexis

Kenexis

Kenexis is a consulting engineering firm providing services for process hazards analysis, fire and gas mapping, and industrial cybersecurity.

TEISS

TEISS

Teiss.co.uk is a website dedicated to providing information about cyber security. TEISS also provide a series of conferences and events focused on cyber security.

Aspen Insurance

Aspen Insurance

Aspen is a leading diversified specialty insurance and reinsurance company. Products offered include cyber insurance.

Flipside

Flipside

Information Security training provider specialized in personalized training and security awareness campaigns.

Charterhouse Müller UK

Charterhouse Müller UK

Charterhouse Müller UK are a leading service provider for end of life IT services including data erasure and secure IT asset disposal.

Civic Technologies

Civic Technologies

Civic’s Secure Identity Platform (SIP) uses a verified identity for multi-factor authentication on web and mobile apps without the need for usernames or passwords.

Cyber Risk Institute (CRI)

Cyber Risk Institute (CRI)

CRI is a not-for-profit coalition of financial institutions and trade associations working to protect the global economy by enhancing cybersecurity and resiliency through standardization.

Pakistan Telecommunication Company Limited (PTCL)

Pakistan Telecommunication Company Limited (PTCL)

Pakistan Telecommunication Company Limited (PTCL) is the largest integrated Information Communication Technology (ICT) company of Pakistan.

Bittnet Training

Bittnet Training

Bittnet Training is the leader in the IT Training market in Romania. We develop the IT skills of IT professionals as well as those who wish to start a career in IT.

Kodem Security

Kodem Security

Our mission is to make AppSec simple. Meet the world’s first dynamic software composition analysis platform. Only Kodem uses runtime intelligence to determine application risk.

Nukke

Nukke

Nukke offers advanced cybersecurity software and tailored solutions for your business.

Backslash Security

Backslash Security

With Backslash, AppSec teams gain visibility into critical risks in their apps based on reachability and exploitability.