Tuesday, 16 August, 2022 — CovertAction Magazine
A federal jury in New York last month convicted former CIA officer Joshua Schulte on nine felony counts under the Espionage Act for providing information to Wikileaks that became known as Vault 7.
Schulte has consistently denied that he was the source of the information.
Two years ago, he was convicted on two of the original 11 charges, while the jury hung on the remaining nine.
The most recent trial, in which Schulte represented himself, was on those nine counts, and he now faces as many as 80 years in prison. Schulte is yet to be tried on state child pornography charges.
Prosecutors had literally no evidence that Schulte had taken the data from the CIA and transferred it to Wikileaks.
But they contended that he was a computer genius who is so brilliant that he was able to cover his tracks.
They alleged that he leaked the information because he was a disgruntled former CIA employee who hated his boss, couldn’t get along with his coworkers, and sought revenge against the Agency.
That was enough for the jury.
Sketch of Schulte during his trial. [Source: nypost.com]
CIA Deputy Director for Digital Innovation Sean Roche called the Vault 7 leak “a digital Pearl Harbor.”
Sean Roche [Source: federalnewsnetwork.com]
Chief prosecutor Damian Williams said the revelations were “one of the most brazen and damaging acts of espionage in American history.” And Vice magazine said it was “the worst leak of CIA information ever.”
Damian Williams [Source: justice.gov]
The CIA leadership apparently thought the leak was so damaging that then-CIA Director Mike Pompeo ordered the Agency to come up with a plan to kidnap or to kill Julian Assange in London. One former Trump Administration national security official said that Pompeo and other senior CIA leaders, “were completely detached from reality because they were so embarrassed about Vault 7. They were seeing blood.”
Mike Pompeo [Source: countercurrents.org]
All of the major media outlets reported on the finalization of Schulte’s case. What they haven’t reported on, though, is exactly what Schulte was accused of leaking in the first place.
What did we learn from Vault 7?
Vault 7 was a series of 24 collections of documents totaling hundreds of thousands of pages that included the most sophisticated computer hacking, surveillance, and cyberwarfare tools that the CIA ever developed.
Wikileaks published the first tranche, called “Year Zero,” on March 7, 2017.
Just this first installment contained more information than all of that released by Edward Snowden and included vulnerabilities known to the CIA within web browsers, including Google Chrome, Microsoft Edge, Mozilla Firefox, and Opera and the operating systems of most of the world’s cellphones, including Apple’s iOS and Google’s Android.
The fact that the CIA knew about these vulnerabilities and didn’t inform the companies was a violation of a longstanding policy that the Agency claims to have that it would assist U.S. tech companies with their security if it learned of security weaknesses.
Instead, it exploited those problems in its digital operations. We have no idea if the Agency used these vulnerabilities to spy on Americans. Ashley Gorski, an American Civil Liberties Union staff attorney said at the time, “Our government should be working to help the companies patch vulnerabilities when they are discovered, not stockpile them.”
Ashley Gorski [Source: aclu.org]
A second Vault 7 revelation came on March 23, 2017 and included accounts of CIA efforts to hack Apple’s iPhones and Mac computers.
Additional tranches were released every week or two until September 2017.
Their revelations included proof that the CIA was able to hack into cars’ computer systems and could take over control of the vehicle.
Was the purpose of this to force the vehicle off the road? Off a cliff? Into a tree? The CIA never commented.
Still other documents showed how CIA officers could take over an unsuspecting person’s smart TV and turn its speaker into a microphone to surreptitiously bug a room, even while the television appears to be turned off.
Yet other documents showed that the CIA was running digital operations against the National Security Agency (NSA). It is unclear whether this was done as an exercise between the two agencies or if it was something more sinister.
Other revelations were that the CIA had created a program to track documents transferred by would-be whistleblowers to media outlets (the program is called “Scribblers”), malware that can take over and control computers using the Microsoft Windows 10 operating system (called “Athena”), and malware that can be transferred from one “clean” computer to another through internal systems that are otherwise protected by anti-virus software (called “Pandemic”).
Schulte’s revelations were not limited to software. He also revealed a program called “HammerDrill,” that injects a trojan horse onto CDs and DVDs and then documents information on the discs for later transmission to the CIA.
An operation called “Dark Matter” revealed security vulnerabilities unique to Apple operating systems. And Schulte revealed that the CIA had compromised vulnerabilities in a huge range of Cisco Systems router models. Apple and Cisco spent untold millions of dollars to redesign their products and correct the security flaws.
Despite the fact that this was supposedly the worst data breach in the history of the CIA, Schulte and his revelations did not get much press play.
There are several likely reasons for this. First, Schulte claimed innocence. He insisted that he was not a whistleblower and he has maintained throughout his ordeal that he did not provide Wikileaks with anything.
Second, the state of New York, simultaneously with the federal charges, charged Schulte with multiple counts of child pornography, which has given many of Schulte’s natural supporters pause.
Prosecutors maintained that they only discovered the pornography when they seized the computer hard drives in Schulte’s apartment while looking for Vault 7 information. Schulte’s defense to the child pornography charges will be that he considers himself to be a libertarian anarchist and that he set up a server to allow people unfettered “free speech,” something akin to the 4chan and 8chan servers.
He maintains that he has not “received” or “disseminated” any child pornography personally. However, when child pornographers saw that Schulte’s server supported “unfettered free speech,” they used it to trade illegal images and videos. Schulte is adamant that none of the pornography was his. His protestations likely won’t matter.
I’m of two minds on Joshua Schulte. On the one hand, the American people have a right to know what the government is doing in their name, especially if what the government is doing is illegal. On the other hand, Schulte is adamant that he is not the person who provided Wikileaks with the information. Does that mean we walk away from Schulte and celebrate an anonymous whistleblower?
Either way, one of the things that I feel strongly about is the treatment that Schulte has endured.
He has been held in barbaric conditions over the past two years, kept in a literal cage in solitary confinement at the Metropolitan Correctional Center (MCC) in Brooklyn, New York.
Picture of solitary confinement cell at New York’s Metropolitan Correctional Center in Brooklyn where Schulte was kept for two years. [Source: oig.justice.com]
Now that he has been convicted, he’ll likely be placed in a Special Administrative Unit or a Communications Management Unit in a maximum-security or Supermax penitentiary.
The government will seek to cut him off from the rest of the world for as long as possible. That alone should be worth our interest and disgust.