Ex-NSA Worker Caught Selling Classified Papers Stolen Through System Misconfiguration
The FBI said Jareh Dalke reached out to multiple foreign government officials, including the Tor site of SVR, the Foreign Intelligence Service of Russia.
In what has proven to be a highly incriminating sting operation by the FBI, a former intelligence worker has been apprehended for attempting to leak top-secret information. The employee, Jareh Sebastian Dalke, worked at the National Security Agency (NSA) for less than a month in 2022.
Jareh Sebastian Dalke, a 30-year-old resident of Colorado Springs, was employed at the NSA as an Information Systems Security Designer from June 6, 2022, to July 1, 2022. During his short stint at the agency, Dalke managed to procure and print three classified documents using his top secret clearance.
“This is a case where a brand-new, externally vetted employee mishandled very sensitive information,” Jordan Schroeder, managing CISO at Barrier Networks, told Spiceworks. “By limiting the access of new employees to a very strict scope, this can provide a probationary period of risk mitigation while the employee normalizes to the organization’s standards and culture.”
“Furthermore, it is also important to conduct regular access reviews to ensure employees do not have a creeping scope of access to sensitive data, or that they have not been granted inappropriate levels of access.”
Dalke circumvented this by exploiting a misconfiguration and his high clearance level without raising alarms.
The documents, two of which were classified as “Top Secret” and the one as “Secret,” had information on foreign targeting of U.S. systems and information on U.S. cyber operations and other information. Dalke attempted to sell these in exchange for money to someone he thought was linked to a foreign government. In fact, the buyer turned out to be an FBI Online Covert Employee (OCE).
In the FBI’s criminal complaint filed in a Colorado district, Dalke was noted to be in a debt of $237,000, for which he initially shared excerpts from the three documents to prove what he had procured was indeed legitimate over an encrypted email service.
Dalke also believed that the U.S. “is not as great as it thinks it once was. It is all about the businesses and their money, not anything about the people or those that serve it to include the military.” Dalke himself served in the U.S. Army as an E-3 Private First Class.
The former NSA employee was paid 30.77 units of the cryptocurrency worth approximately $4,818.04 twice as a sign of good faith to build trust. Dalke’s total price for all three classified documents was $85,000, of which $11,422.53 (71.8 units) was transferred on September 5 to a crypto wallet he provided for the excerpts.
For the remaining transactions, Dalke suggested digitally meeting in Denver, CO, as he was apprehensive about traveling to Washington, D.C. He was arrested at this location on September 28, 2022.
See More: Kaspersky Uncloaks Cyber Espionage Campaign by China’s TA428 Since Jan 2022
It is unclear exactly which government Dalke tried to sell the information to. However, the FBI’s complaint mentions he reached out to multiple published channels for a response, including the Tor site of SVR, the Foreign Intelligence Service of Russia.
Dalke has a B.S. in Cybersecurity and Information Assurance from Western Governors University. He also has a Master’s Degree from Norwich University, specializing in cyber policy and technical vulnerability analysis. He is also pursuing his Doctorate at American Military University, focusing on cyber affairs and advanced persistent threats.
Julia O’Toole, CEO of MyCena Security Solutions, told Spiceworks, “This one person was intentionally set up and caught, but how many aren’t? The question of access distribution and control is harder in the digital world, especially when employees make their own digital keys, which are passwords.”
O’Tool suggested network access encryption and segmentation to control access to critical information.
Schroeder added, “Organizations can use purpose-built tools to analyze the permissions granted across all systems to discover obscure combinations of permissions that would result in inappropriate levels of access that are not obvious in a top-down review.”
“Finally, training, culture-building, and proactively meeting the needs of employees so that they do not feel the need to be inappropriately creative in meeting their own needs, either through intentionally harmful or even well-meaning violation of policy, is also critical.”
Dalke is being charged under the Espionage Act, which criminalizes sharing documents from National Defense Information with non-U.S. government officials who intend to cause harm to the U.S. If found guilty, he faces a life imprisonment sentence or death.
Let us know if you enjoyed reading this news on LinkedIn, Twitter, or Facebook. We would love to hear from you!
MORE ON CYBERCRIMES
