WASHINGTON – Three former US intelligence officers have been hired by the United Arab Emirates for hacking crimes and violations of US export laws, which prohibit the transfer of military technology to foreign governments. Court documents made public on Tuesday.
The documents detail a conspiracy by three men to aid Emirati intelligence operatives in breaches aimed at furnishing the Emirate with advanced technology and harming the small but mighty Persian Gulf nation’s alleged enemies.
Prosecutors said the men helped Emirates, a close US ally, gain unauthorized access to “obtain data from computers, electronic devices and servers around the world, including computers and servers in the United States”.
All three men worked for Darkmatter, a company that is effectively a branch of the Emirates government. They part of a trend Former US intelligence officials expect foreign governments to enhance their capabilities to scale up cyber operations while accepting lucrative jobs.
Legal experts have said the rules governing this new era of digital mercenaries are unclear, and the allegations made public on Tuesday are an early salute by the government in the fight to prevent former US spies from becoming gun-for-hire overseas. as can be.
Three men, Mark Baer, Ryan Adams and Daniel Gerrick, Admitted to violating US laws as part of a three-year deferred prosecution agreement. If the men abide by the agreement, the Justice Department would drop the criminal prosecution. Each person would also have to pay a fine of hundreds of thousands of dollars. Men will also never be able to get security clearance from the US government.
Mr Baird worked for the National Security Agency unit that conducts advanced offensive cyber operations. Mr. Adams and Mr. Gerrick served in the military and intelligence community.
Darkmatter originated in another company, a US firm called Cyberpoint, which had originally won a contract from Emirates to help defend the country from computer attacks.
Cyberpoint received approval from the US government to work for the emirate, a necessary move to regulate the export of military and intelligence services. Many of the company’s employees worked on highly classified projects for the NSA and other US intelligence agencies.
But according to former employees, Emirates had bigger ambitions and repeatedly pressured Cyberpoint employees to exceed the limits of the company’s US license.
Cyberpoint rejected requests from Emirati intelligence operatives to try to crack encryption codes and hack websites placed on US servers – operations that would have steered away from US law.
So in 2015 Emirates founded Darkmatter – a company not bound by US law – and lured several US employees of Cyberpoint to join, including three defendants.
According to a roster of employees obtained by The New York Times, Darkmatter hired several other former NSA and CIA officers, some of whom earned salaries of hundreds of thousands of dollars a year.
The investigation into Darkmatter’s US employees has been ongoing for years, and it was unclear whether prosecutors would make charges. Experts cited potential diplomatic concerns about jeopardizing the United States’ ties with the emirate – a country that has had close ties with several US administrations in the past – as well as concerns about whether the matter should be addressed. Pushing forward may expose embarrassing details about the extent of cooperation. Darkmatter and US intelligence agencies.
There is also a reality that US laws have been slow to adapt to technological changes, which have provided lucrative work for former spies once trained to conduct offensive cyber operations against US adversaries.
In particular, the rules governing what U.S. intelligence and military personnel can provide to foreign governments and what they cannot provide were drawn up for 20th-century warfare – for example, US military strategy. But training foreign forces or selling defense equipment such as guns or missiles.
They haven’t addressed the hacking skills honed in some of America’s most advanced intelligence units and have been sold to the highest bidder.
This year, the CIA sent a blunt letter Former officials warned him against going to work for foreign governments. The letter, written by the head of the spy agency’s counter-intelligence, said it was observing the “harmful tendency” of foreign governments, either directly or indirectly, to enlist former intelligence officers to build up their espionage capabilities. was hired.
“I can’t mince words — former CIA officers pursuing this type of employment engage in activity that could undermine the agency’s mission for the benefit of American competitors and foreign adversaries,” said CIA assistant director Sheetal T Patel has written for Counter Intelligence. .
Prosecutors said Emirates gradually moved its contracts from Cyberpoint to Darkmatter, but never the three men received the necessary approvals to provide defense services to Darkmatter. Court documents said the three men and others worked in “cyber intelligence operations” of Darkmatter, which gained access to “information and data from thousands of targets around the world.”
In interviews, former Darkmatter employees said that Emirati officials were particularly focused on hacking the computer systems of the country’s main rival Qatar, but that the operation was also carried out against Emirati dissidents and journalists. they even hacked email of a Qatari minister communicating with former First Lady Michelle Obama about a planned visit to Qatar.
According to prosecutors, Mr Baird and his group purchased computer equipment from US companies for use in hacking operations. In two instances, Darkmatter paid roughly $750,000 and $1.3 million—representing how much American companies profit from selling those dangerous equipment to foreign countries and businesses.
Prosecutors said the men “expanded the breadth and sophistication of operations” that Darkmatter was providing to the Emirates government. According to court documents, the efforts were aimed at “compromising personal, corporate and government targets on computers and accounts belonging to associates, employees or relatives of the primary targets”.
Prosecutors said Cyberpoint warned Americans that it could not support Darkmatter’s intended computer exploitation operations without obtaining appropriate US authorization.
Two former employees, Lori Stroud and Jonathan Cole, left the company after becoming upset about Darkmatter’s hacking and targeting of US citizens. He said that when the married couple raised the issue with their superiors, they were sidelined.
He left the company in 2017 and began cooperating extensively with the FBI’s investigation.
“It’s a big win,” Mr Cole said in an interview on Tuesday. “This will send a message to former US intelligence operatives working overseas. They should not share American tradecraft with foreign governments.”