Suspect named in leak of CIA hacking tools
Vault 7 code exposed secret cyberweapons
WASHINGTON — The U.S. government has identified a suspect in the leak last year of a large portion of the CIA’s computer hacking arsenal, the cyber-tools the agency had used to conduct espionage operations overseas, according to interviews and public documents.
But despite months of investigation, prosecutors have been unable to bring charges against the man, who is a former CIA employee being held in a Manhattan jail on unrelated charges.
Joshua Adam Schulte, who worked for a CIA group that designs computer code to spy on foreign adversaries, is believed to have provided the agency’s topsecret information to WikiLeaks, federal prosecutors acknowledged in a hearing in January. The anti-secrecy group published the code under the label “Vault 7” in March 2017.
It was one of the most significant leaks in the CIA’s history, exposing secret cyberweapons and spying techniques that might be used against the United States, according to current and former intelligence officials.
Some argued that the Vault 7 disclosures could cause more damage to American intelligence efforts than those by former National Security Agency contractor Edward Snowden.
He revealed extraordinary details about the capabilities of the United States to spy on computers and phones around the world, but the Vault 7 leaks showed how such spying is actually done, the current and former officials argued.
Schulte’s connection to the leak investigation has not been previously reported.
Federal authorities searched Schulte’s apartment in New York last year and obtained personal computer equipment, notebooks and handwritten notes, according to a copy of the search warrant reviewed by the Washington Post.
But that failed to provide the evidence that prosecutors needed to indict Schulte with illegally giving the information to WikiLeaks.
A government prosecutor disagreed with what he called the “characterization” by Schulte’s attorney that “those search warrants haven’t yielded anything that is consistent with [Schulte’s] involvement in that disclosure.”
But the prosecutor, Matthew Laroche, an assistant U.S. attorney in the Southern District of New York, said that the government has not brought an indictment, that the investigation “is ongoing” and that Schulte “remains a target of that investigation,” according to a court transcript of the Jan. 8 hearing that escaped public notice at the time.
Part of that investigation, Laroche said, was analyzing whether a technology known as Tor, “was used in transmitting classified information.”
In other hearings in Schulte’s case, prosecutors have alleged that he used Tor at his New York apartment, but they have provided no evidence that he did so to disclose classified information. Schulte’s attorneys have said that Tor is used for all kinds of communications and have maintained that he played no role in the Vault 7 leaks.
Schulte is in a Manhattan jail on charges of possessing, receiving and transporting child pornography, according to an indictment filed in September. He has pleaded not guilty. Schulte, who has launched a web page to raise money for his defense and post articles critical of the criminal-justice system, claims that he initially provided assistance to the FBI’s investigation.
Following the search of his apartment in March 2017, prosecutors waited six months to bring the child pornography charges.