Skip to Content

Russian Software Firm Labeled U.S. Security Threat Helped Capture NSA Contractor In Classified Data Theft

Russian security software maker Kaspersky Lab played a key role in the 2016 arrest of a National Security Agency contractor who was stealing classified data, Politico reports.

Harold Thomas Martin III was arrested in August 2016 and indicted the following year after an FBI raid discovered copies of classified information at Martin’s Maryland home.

Facing 20 criminal charges, Martin could be responsible for the largest theft of classified government information in history.

Publicly available information previously indicated Martin was caught due to increased NSA oversight, but a new Politico report states Kaspersky Lab—a company the U.S. government deemed a security threat due to alleged connections to the Russian government—was actually the first to report Martin’s suspicious behavior.

According to Politico’s sources, Martin sent a number of cryptic Twitter messages to Kaspersky researchers under the account name “HAL999999999,” asking for a meeting with Kaspersky Lab CEO Eugene Kaspersky, also known as Yevgeny Kaspersky.

Martin’s ultimate goal is unclear, but upon determining the true identity of HAL999999999, researchers reportedly tipped off the NSA and suggested an investigation. The FBI then used the Twitter messages and evidence of the account’s user to obtain a search warrant for Martin’s home.

“We all thought [Martin] got caught by renewed or heightened scrutiny, and instead it looks as though he got caught because he was an idiot,” Stewart Baker, a former general counsel for the NSA and current partner at Steptoe and Johnson, told Politico.

“It’s irony piled on irony that people who worked at Kaspersky, who were already in the sights of the U.S. intelligence community, disclosed to them that they had this problem,” said Baker.

For years, Kasperky Lab had worked with the U.S. government helping to find hackers. In 2012, however, relations grew tense when Kaspersky discovered covert spy operations on customer computers. A few years later, Israeli hackers reportedly discovered Russian intelligence connections within the security software and notified U.S. government officials, prompting the U.S. to label Kaspersky Lab a security threat.

Kaspersky has since attempted to distance itself from Russia, moving some of its key operations to Zurich from Moscow in May 2018.

In terms of the company’s alleged role in Martin’s arrest, it seems the act has done little to regain U.S. government trust.

“I’m sure the people at Kaspersky are feeling as though they did the right thing and it did them no good,” Baker told Politico.