US Intelligence Hackers Available For Hire

Three former US intelligence operatives have admitted to breaking US laws by carrying out hacking operations for the United Arab Emirates.  

The three men worked for DarkMatter, a company that is effectively an arm of the UAE government where they undertook sophisticated hacking operations targeting victims in America and around the world. 

Their  work is allegedly to have included hacking into servers, computers and phones around the world, targeting  the accounts of human rights activists, journalists and rival governments. 

The US justice department said the former intelligence officers, US citizens Marc Baier and Ryan Adams, and former US citizen Daniel Gericke, initially worked for a US company that provided cyber services to a UAE government agency in compliance with the International Traffic in Arms Regulations (ITAR).

In 2016, the three men joined the UAE-based company as senior managers and began carrying out hacking operations for the benefit of the UAE government without obtaining the required licences from the US.

According to the Justice Department. Baier, Adams and Gericke have admitted to deploying a sophisticated cyberweapon called “Karma” that allowed the UAE to hack into Apple iPhones without requiring a target to click on malicious links, according to court papers. Karma allowed users to access tens of millions of devices and qualified as an intelligence gathering system under federal export control rules. But the operatives did not obtain the required U.S. government permission to sell the tool to the UAE, authorities said.

The three are also accused of stealing documents, personally identifiable information and passwords from computers in the United States and around the world.

The regulations require companies to obtain pre-approval from the US government prior to releasing information regarding a hacking operation and to agree not to target US citizens and permanent residents or US entities. Over the next three years, it alleged, they supervised the creation of two similar sophisticated "zero-click" computer hacking and intelligence gathering systems - "Karma" and "Karma 2" - that could compromise a device without any action by the target and allowed users to access tens of millions of devices made by a US technology company that was not identified.

The Justice Department said employees of the company had leveraged the systems to illegally obtain and use credentials for online accounts issued by US companies, and to obtain unauthorised access to computers and mobile phones around the world, including in the US. Bryan Vorndran, of the FBI's cyber division, added: "This is a clear message to anybody, including former US government employees, who had considered using cyberspace to leverage export-controlled information for the benefit of a foreign government or a foreign commercial company – there is risk, and there will be consequences."

The justice department said it filed the charges against the three men under a deferred prosecution agreement that requires them to pay financial penalties, sever ties with UAE intelligence or law enforcement agencies, and never again seek a US security clearance. The operatives have now agreed to pay $1.7m to drop the charges of computer fraud, access device fraud and violating export controls.

This appears to be part of a growing trend highlighted earlier this year by the CIA of foreign governments hiring former US intelligence operatives to strengthen their own spycraft, a practice officials have said risks exposing US secrets. The CIA warned earlier this year about "an uptick in the number of former officers who have disclosed sensitive information about CIA activities, personnel, and tradecraft." 

In 2020, Congress passed a law requiring US intelligence agencies to provide Congress with an annual assessment of risks posed by retired and former intelligence personnel who contract with foreign governments.

US Dept of Justice:      NPR:     Reuters:     Reuters:      Esquire:        BBC:       Sky:      WION

You Might Also Read: 

Outsourced Cyber Spying:

 

« Cyberspace & Outer Space Are New Frontiers For National Security
EU Proposes Legislation To Secure Connected Devices »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

SmartSearch

SmartSearch

SmartSearch is a leading online provider of Anti-Money Laundering and Fraud Prevention Services.

VMworld

VMworld

VMworld is a global conference for virtualization and cloud computing, including associated security issues.

CyberOne

CyberOne

CyberOne (formerly Comtact) offer a full stack cybersecurity service to ensure our customers understand the cyber maturity of their organisation.

Woz U

Woz U

Woz U provides best-in-class technology training for Learners, Higher-Ed and Corporations. We focus on the most in-demand occupations such as Software Development, Data Science and Cyber Security.

SecureMe2

SecureMe2

SecureMe2 ‘s mission is to make organizations more responsive to digital threats by deploying smart technology in a highly accessible way.

Dutch Accreditation Council (RvA)

Dutch Accreditation Council (RvA)

RvA is the national accreditation body for the Netherlands. The directory of members provides details of organisations offering certification services for ISO 27001.

MagicCube

MagicCube

MagicCube is a device independent IoT security platform that protects against on-device, cloud, and network attacks.

European Cyber Security Conference

European Cyber Security Conference

EU Cyber Security Conference will debate what Europe’s response to evolving threats in a dynamic global risk landscape should look like and what the next steps for all actors of the ecosystem.

MailChannels

MailChannels

MailChannels protects companies against malicious email threats. Used by 750+ hosting providers around the world.

N2K Networks

N2K Networks

N2K Networks is the world’s first “news to knowledge” network. The news to knowledge network is how you stay at the cutting edge in a rapidly changing world.

BlueCat Networks

BlueCat Networks

BlueCat is the Adaptive DNS company. Our mission is to help the world’s largest organizations thrive on network complexity, from the edge to the core.

Brennan IT

Brennan IT

For over 25 years, Brennan’s expert team has helped businesses achieve real success through innovative and secure technology solutions.

ThreatNG Security

ThreatNG Security

ThreatNG is redefining external attack surface management (EASM) and digital risk protection with a platform of unmatched breadth, depth, and capabilities in thwarting technical and business threats.

Indian Cyber Security Solutions (ICSS)

Indian Cyber Security Solutions (ICSS)

Indian Cyber Security Solutions is an Enterprise Cyber Security Platforms company offering Cyber Security & Technical Education and Compliance & Penetration Testing Services.

Circle Security

Circle Security

Circle’s breakthrough security API unifies solutions for identity and data security into one architecture and empowers organizations to secure their identity, data and privacy in their applications.

Edera

Edera

Edera is changing the way containers are run and secured, making isolation a reality and fundamentally transforming computing in the process.