Join me to hear the story of Jareh Sebastian Dalke, a spy who tried to share classified NSA secrets with Russia! This is eCrimeBytes Season 2 Episode 21 – Espionage With Jareh Sebastian Dalke – Act 1: The NSA Job.
Sources:
- https://www.justice.gov/opa/pr/former-nsa-employee-pleads-guilty-attempted-espionage
- https://www.courtlistener.com/docket/65409940/united-states-v-dalke/
- https://www.courtlistener.com/docket/65386661/united-states-v-dalke/
Transcript:
00:00:10:00 – 00:00:36:10
Keith
Hey, ya crazy bastards. Welcome to another week of eCrimeBytes. This is where I research the court documents and roast the criminals so you don’t have to. All right, so this week in season two, episode 21, this is espionage with Jareh Sebastian Dalke. Okay, so this criminal. His name is Jerry Sebastian Dalke. He’s around 30 years old when this happened.
00:00:36:10 – 00:00:54:24
Keith
And the crime that I’m gonna tell you about, it’s in the technical terms, it’s attempt to transmit national defense information to an officer or agent of a foreign government, a.k.a. espionage, spy stuff. So that was the reason why I picked this case, is we haven’t done a spy case in a while, and I just thought this one was interesting.
00:00:54:24 – 00:01:12:36
Keith
So I picked it up. And here you go. I hope you enjoy it. The victims in this case, I would say it’s all of the United States because he shares some secrets that I’ll tell you about in a minute. Technology in this case, we’re going to be talking about electronic documents, just standard PDFs, word documents, type of things like that.
00:01:12:36 – 00:01:33:35
Keith
Nothing, nothing real complex. And apparently printers. I tell you, I haven’t printed documents in a long time. So I was really surprised to see that the crime involved a lot of printing. Well, stick around and you’ll see what I mean. All right. So I’m going to get right into act number one for this episode. And it’s called the NSA Job.
00:01:33:39 – 00:02:06:42
Keith
Now, the NSA, for the quarter of you that are actually outside the U.S. and may not know who that is, it’s the National Security Agency. And it’s just an agency that deals with a lot of secrets in relation to other foreign countries. You know, like it’s basically the spies of the United States. So the NSA, when you work there, you would need different types of classifications.
00:02:06:42 – 00:02:26:31
Keith
So and again, if you’re from the U.S., I apologize. This is repeat for you. I’m trying to say this for people who might be out of the country that don’t understand this stuff because it will be important later on. So you get this classification and depending on what the classification is, that’s the level of information that you can view inside the government.
00:02:26:35 – 00:02:59:19
Keith
And there are a bunch of different levels. There’s three of them that I know about and I’m going to talk to you about for this episode. There’s secret clearance. There is top secret clearance, and there is sensitive compartmented information or SCI, and it’s basically increasing levels of trust with that employee once you give them that classification. So secret being the least level of trust and SCI being the most level of trust or the most secret of secrets.
00:02:59:24 – 00:03:24:55
Keith
So once you are cleared into one of these levels, you’re bound for life to keep this information secret. It’s not like you can leave the government and then go print in the paper everything that you learned about when you worked for the government. You’re constantly reminded of these obligations. Even if you leave the government, there’s forms, paperwork and interviews and stuff like that where they say, Hey, you know all that shit that we gave you that was secret, you can’t tell anybody.
00:03:24:56 – 00:03:53:39
Keith
So it’s not like somebody leaving would even forget about the fact that they have to keep this stuff secret because the government reminds you over and over and over. Now, most classified data exists on segregated networks, meaning like air gapped, not on the Internet type of networks. That’s to make it harder to smuggle out of work. Okay. So if you’re working at the NSA and you can’t get to the Internet, you can’t just send a file somewhere.
00:03:53:39 – 00:04:16:38
Keith
And now you’ve got to figure out a different way to get that file out of the NSA if you’re trying to be a spy. In this case, it looks like documents can be printed inside these government agencies. So that looks like the mode of transportation here. That’s as much information as I can figure out. And I’ll give you a little more details later on as they become more important.
00:04:16:43 – 00:04:43:01
Keith
So who is Dalke? He’s a U.S. citizen. He lives in Colorado Springs, Colorado. He has a Bachelor of Science in cybersecurity and Information Assurance in 2019. So what that means is he’s in my industry. He does cybersecurity and he understands things about cybersecurity, like how investigations will work, how people will try to track other people doing bad things on computers.
00:04:43:01 – 00:05:04:09
Keith
So as a spy, having that background, I think would be useful to him. He also has a master’s degree with a research focus in cyber policy and technical vulnerability analysis. So again, cybersecurity topics. So this guy has a cybersecurity background and he decides to be a spy against the United States.
00:05:04:09 – 00:05:06:37
Keith
On his it was like his resume or something like that,
00:05:06:37 – 00:05:27:59
Keith
he purported to be skilled in being able supervise investigations, supervise network intrusion investigations, computer forensics information systems enabled fraud. So kind of the stuff that we’re talking about that he does as a criminal, this is the stuff he knows to investigate, which makes it a little more twisted.
00:05:27:59 – 00:05:49:41
Keith
He also says that he has training related to digital forensics and incident response, dark Web investigations, open source intelligence, which means that that means like going out there on the Internet and other sources and try to put a picture together about something and advanced persistent threats, which is your type of hackers that don’t just do a drive by hacking.
00:05:49:41 – 00:06:17:17
Keith
They usually target a company and really try to burrow themselves into that company and keep that access to that company once they hack into them. So he is supposed to know about all this stuff in cybersecurity that I work on day to day. So keep that in mind as he’s being a spy because he’s under he should be able to understand a lot of these things that they will use to investigate and eventually catch him.
00:06:17:22 – 00:06:48:25
Keith
So a little more about Dalke, he is in the years of 2015 through 2018, a member of the U.S. Army. So that allowed him to hold a secret security clearance since 2016. So if you remember earlier, I talked about all these these levels and secret was the first one. And then there’s top secret and then there’s SCI. Well, just being the member of the group that he was part of, he has a secret clearance at this point in 2016.
00:06:48:29 – 00:07:18:23
Keith
He was also a volunteer of Colorado Rangers. And I was like, What the fuck are those people? So I had to go online and look it up and it basically it’s like the Texas Rangers, so think Walker, Texas Ranger, but just colder because it’s in Colorado, apparently. And then he also volunteers for various law enforcement groups. So he it’s I found it odd that he decided to become a spy when he had a very law enforcement focused background.
00:07:18:27 – 00:07:19:47
Keith
That’s why I’m telling you about this.
00:07:19:47 – 00:07:36:10
Keith
So he has his job at the NSA. I told you about the NSA earlier, the National Security Agency. And in let’s see, it was June six of 2022. He became a civilian employee there. And, you know, you don’t have to worry about the civilian part, it just means he’s not part of the military.
00:07:36:15 – 00:07:58:51
Keith
He served until July 1st, 2022. And if you do a little math there, I said June six through July 1st, that’s 25 days. He only worked 25 days at the NSA. I would think right there, that would be a red flag to the NSA, that there might be something up with this guy because a 25 day job is just amazing.
00:07:58:56 – 00:08:22:59
Keith
Anyways, so at the NSA, he was an information system security designer. So he used the background that I talked about earlier with his bachelor’s and his masters to design systems and processes and things like that for the computers and their networks behind the scene for NSA in Maryland. To do this job, he held a top secret clearance and an SCI clearance.
00:08:22:59 – 00:08:46:05
Keith
So now he has all three of those clearances that I talked about earlier, the secret top secret and SCI. So he has them all. He has access to a lot of information if he needs it. So shortly after starting at the NSA, he all of a sudden says, I need a nine months leave of absence. I have a family member with a medical condition.
00:08:46:10 – 00:09:04:28
Keith
And I tried to figure out if that was bullshit or if it was a real thing. I kind of think it might have been a real thing. I don’t know this for sure either way, but just kind of how it read in the paperwork, it sounded like it might be a real situation. So for whatever reason, he needs to leave for nine months, right?
00:09:04:33 – 00:09:27:10
Keith
He asks for leave. And the NSA probably said, Fucker, you just started here. Nine months? You haven’t even worked here a week yet. How am I going to give you nine months? They said, Nope, denied. And so and June 28th, he said, I’m resigning from the NSA, which again should probably be a red flag if he held all those clearances when he was only in there for a few weeks.
00:09:27:15 – 00:09:45:09
Keith
So later on in September 28th of 2022, he reapplied for and accepted a new position at NSA in Maryland. Okay, so keep that in mind. This is going to come up later. This is important to the whole spy story.
00:09:45:09 – 00:09:54:25
Keith
So now I’m going to take you for it’s July 29th of 2022. So it’s only a few weeks after he resigned.
00:09:54:30 – 00:10:18:34
Keith
There’s this FBI undercover agent and they send an email to an email address hosted overseas. Now, they didn’t say where it was hosted overseas. I’ve done enough of these cases. I think they were talking about Protonmail. They didn’t say Protonmail, but it sounded like Protonmail. So if you don’t know what I’m talking about, think Protonmail. That’s the type of thing we’re talking about here.
00:10:18:39 – 00:10:21:55
Keith
They were talking about encryption and things like that. That’s what made me think about Protonmail.
00:10:21:55 – 00:10:31:36
Keith
So the email says, it starts out, I heard that I should reach out to you to discuss items of mutual benefit, which is already sounding like a spy novel, right?
00:10:31:36 – 00:10:58:36
Keith
I mean, that’s a that’s a great spy line, right? First of all, it’s not clear why the FBI knew to send this email to this email address. I dug around for the paperwork. You know, only the public information is public. The FBI knew some way, shape or form to send this email to this email address and basically start the spy conversation that I started with this line.
00:10:58:41 – 00:11:19:38
Keith
I wish I knew why they knew the email. I imagine maybe there was a chat or something online and it was like, Hey, you can reach me through this email. And this is where the story kind of started for the FBI. But this is where the FBI steps in. This recipient email belonged to Dalke. Surprise, surprise. Right. He’s the subject of this episode.
00:11:19:42 – 00:11:50:33
Keith
So Dalke is now talking to an FBI undercover agent that Dalke thinks is a foreign nation. Specifically, he thinks it’s Russian operatives. Okay, he then August 1st of 2022, this is he’s not a NSA anymore. And he’s having this conversation with somebody who he thinks is a Russian operative. He says, let’s stick with the secure email. And then the undercover says, sure, what do you propose?
00:11:50:38 – 00:12:19:18
Keith
Well, Dalke has a proposition for him. Okay. Dalke claims to have gone into a government position because he was, quote unquote, he questioned our role in damage to the world in the past by a mixture of curiosity for secrets and a desire to cause change. So basically, if I read between the lines there, he was not happy with the United States’s stance on some things, and he thought they caused damage to the world.
00:12:19:18 – 00:12:50:37
Keith
And I think this is what allowed him to think in his mind that this was okay. He then tells the undercover who he thinks is a Russian operative. He says, I’ve exfiltrated some information that is very high level. And reading between the lines, we’re talking about classified high level information. Dalke then claims he was on temporary assignment. He didn’t have access currently, but he will be back at the NSA and he’s going to be at another government agency soon.
00:12:50:46 – 00:13:17:32
Keith
So remember earlier when I said he applied for and accepted another position at the NSA in September? Well, ding, ding. That’s what he’s talking about here to this supposed Russian operative where he’s saying, I’m going back to work for the government. So he’s saying I can probably get a shitload of data for you. He then says I have data relating to foreign targeting of U.S. systems and information and cyber operations, among other topics.
00:13:17:32 – 00:13:41:01
Keith
So you can imagine this is my realm now that we’re talking about. We’re talking about cybersecurity type of things, and it’s probably vulnerability assessments of different things that the United States has out there. That’s, you know, either that they’re using for investigations or maybe that they’re using for defense or maybe that they’re using for offense. He’s willing to share that with the Russians is what this is.
00:13:41:01 – 00:13:42:15
Keith
That’s what this boils down to.
00:13:42:15 – 00:14:07:06
Keith
He said., and I thought this is interesting for the tech folks out there, including myself. I was thinking, okay, well, did he just have access to all this shit as a basically a sysadmin or a network admin? It sounds like he didn’t. What he told the operative was he had this information due to a misconfiguration in a system that granted him access to information beyond what he should have.
00:14:07:11 – 00:14:31:23
Keith
Now, I thought about that phrase for a moment. Is that because someone accidentally misconfigured something or does that mean because Dalke was there being an admin that he misconfigured something maybe on purpose so he had access to this stuff? So he didn’t specify in the court document. But when I’m trying to think through what could be happening in the chronological timeline there, that those two scenarios popped up in my mind.
00:14:31:23 – 00:14:52:00
Keith
I wondered, you know, was it somebody’s mistake or was was this a purposeful thing that he caused as a misconfiguration? But either way, he has a ton of information he shouldn’t have, and he’s now willing to give it to the Russians, according to what he’s telling this FBI undercover over email. And he may ask yourself why, Dalke, why would you do this to
00:14:52:00 – 00:15:18:54
Keith
the United States? Well, number one reason he was in debt. That’s what the court paperwork said. He was in a lot of debt. He also says he had and this is a quote, There is an opportunity to help balance scales of the world while also tending to my own needs. So basically he’s saying I can kind of screw over the United States and maybe balance the scales while you give me money for that.
00:15:18:58 – 00:15:43:25
Keith
And then he specified some cryptocurrency for payment. They didn’t say what cryptocurrency. Tt could have been Bitcoin could have been Monero. I have no idea. But they did go on and Dalke asked the Undercover who he thinks is a Russian operative to prove themselves as a Russian by some sort of sign. The undercover was unable. They didn’t specify what Dalke asked for.
00:15:43:25 – 00:16:09:33
Keith
They didn’t specify why the undercover couldn’t do it, but he was unable. So you would think at this point Dalke would say, fuck this shit, this is definitely not the Russians. I’m out of here. Negative, negative. And if you remember, tangent for a second. If you remember back to our Season one, episode 12, we had Spies and Naval Nuclear Secrets in Annapolis, Maryland.
00:16:09:38 – 00:16:33:13
Keith
They did the exact same thing where they said, I want you to prove that you’re I believe it was Russian in that one, too. I want you to prove you’re this foreign country. And they had the embassy fly a fucking flag at this foreign embassy. The United States asked them and they cooperated and flew their flag to let the spies think that they were actually talking to this foreign country.
00:16:33:18 – 00:17:01:05
Keith
So if you’re hearing this and you’re thinking this is just, you know, how can somebody prove themselves? It happens. It happened in that episode and it was amazing because then the spies in that episode went, Holy shit, we’re talking to the Russians or Chinese or whoever. It wasn’t that that when I’m not sure if they specified, but they were convinced that they were talking with this foreign nation and they basically led right into the FBI’s trap at that point.
00:17:01:09 – 00:17:23:36
Keith
In this case, whatever Dalke asked for, the FBI couldn’t do it. They said, We can’t do that. Dalke didn’t stop. He was like, All right, let’s keep going. All right. So now we’re talking about on August 5th of 2022. This is a few days later. The undercover then asks Dalke, he says, I want proof of your classified access.
00:17:23:41 – 00:17:55:17
Keith
So then Dalke says, no problem. Here’s three documents. Here’s an excerpt. Out of three documents at the top secret, SCI level, document number one is a 22 page threat assessment of Russia’s military offensive capabilities. Dalke printed this on June 17th, 2022 at the NSA. The excerpt that he gave to the Russians or what he thinks he gave to the Russians was the cover page and the table of contents.
00:17:55:17 – 00:18:13:23
Keith
So it wasn’t actually the content, but he was trying to prove that he had the content. And I had to stop here for a moment because this is the moment where I read that he printed it and I thought, okay, first of all, he printed it at the NSA. I haven’t printed anything in 2023 or 2022 that I can remember.
00:18:13:28 – 00:18:31:35
Keith
So that just seems like a weird thing to be printing out classified documents at work. I don’t work in the classified world. Maybe this happens all the time. Just seemed weird to me. So not only did he print it, but somehow he got it out of the NSA, right? Because he’s. He’s got it at this point. Did he stuff it in his underwear?
00:18:31:47 – 00:18:58:13
Keith
Did he keister it? Who knows how he got it out of the NSA. They didn’t specify here. So I had a lot of questions that were unanswered in the court documents, unfortunately. Document number two was a 31 page document. Again, we’re only on document two. It’s three documents. Document two is a 31 page document about update to a certain crypto program Dalke printed this on June 22nd, ‘22 at the NSA.
00:18:58:18 – 00:19:23:23
Keith
The excerpt is four pages of this document. So again, he’s just giving you a sample. He’s saying, I’ve got this classified document. The last and third document was a 40 page document containing info related to the U.S. defense capabilities, a portion of which is related to Russia. He printed this as well on June 22nd of 22 at the NSA.
00:19:23:28 – 00:19:45:17
Keith
And this excerpt, it’s two pages of this document. So in whole he has three documents that basically talks about the offensive and defensive capabilities of the United States with respect to Russia, but also other nations. And he’s saying, I have the excerpts of these and I’m willing to give you all three of these documents for some kind of payment.
00:19:45:21 – 00:20:12:43
Keith
So the undercover FBI, who’s pretending to be Russia at this point paid Dalke $16,499 in crypto, so almost $16,500. But I guess there was probably like a a fee in there that almost took off almost a dollar. So that’s why the number wasn’t perfect. Anyways. Dalke. So they, they watch this money. Dalke took some of this money and moved it into his actual real bank account.
00:20:12:43 – 00:20:36:12
Keith
Like real money bank account, not cryptocurrency but real brick and mortar money bank account. They saw that happen on August 26 of 2022. So then you can imagine Dalke is now probably feeling a little better. He thinks he’s really talking to the Russians at this point. The FBI goes, thank Christ, we caught this guy before he talked to the Russians.
00:20:36:17 – 00:21:10:31
Keith
They’ve they’re only out $16,000 at this point. So they come back together on August 26, 2022, and Dalke says to the undercover who he thinks is a Russian, he says, Listen, I’ve got $237,000 in debt. So almost a quarter million dollars in debt. $93,000 of it., so almost 100,000 of that, is coming due very soon. He requested $85,000 in return for all the information he currently had on him.
00:21:10:36 – 00:21:34:05
Keith
And then he said, I will be happy to chip away at the amount that remains meaning of his debt with additional future information shared to you. So he plans on staying a mole inside the NSA and giving who he thinks are the Russians documents over time to eventually pay off his debt that he has of almost a quarter million dollars.
00:21:34:10 – 00:21:56:47
Keith
Crazy, right? And a little tangent here. I know from the whole classified investigation process that debt is one of the things that they look at very heavily because of situations exactly like this. So how Dalke got to be a quarter million dollars in debt had his hand on all that classified information, only worked at the NSA for less than a month;
00:21:56:52 – 00:22:03:03
Keith
it just you would think that somebody would be looking at him very, very hard, very quickly.
00:22:03:03 – 00:22:25:27
Keith
So Dalke and the undercover at this point, they agree on to an exchange of this information. The exchange was to happen at this digital dead drop. Now, again, if you remember back with the Annapolis Spies episode, if you heard that one, I kept stressing that law enforcement always wants you to get somewhere physically so they could either arrest you or prove it’s
00:22:25:30 – 00:22:48:07
Keith
you. Spies should want to do the exact opposite. I don’t want to physically go anywhere. I want to go somewhere on a computer network and I want to stay somewhere else far away safe over a VPN. That didn’t happen in this case. It didn’t happen in the Annapolis spy case and it’s probably the reason why they were caught. So they agreed that there’s going to be this digital dead drop.
00:22:48:07 – 00:23:14:22
Keith
And I use air quotes because it’s not really a digital dead drop if a person physically has to be there. Right. It’s only digital in the sense that once the person’s there, the file is handed over digitally. So how this happens is Dalke is supposed to show up at Union Station in Denver, Colorado, between 11:30 a.m. and 3:30 p.m. on September 28th of 2022.
00:23:14:27 – 00:23:45:27
Keith
This is the big date here. The undercover gave him information necessary to access a secure connection. Now I read that as meaning a Wi-Fi connection, it says, including a network name, which that’s why I thought it was a Wi-Fi connection. It’s 20 digit security key, which I imagine is a Wi-Fi security key, an FTP address, which I imagine has some server on that wi fi network that they set up a username and password.
00:23:45:27 – 00:24:17:44
Keith
Then to get into that FTP server, if you don’t know what FTP is, don’t worry about it. Okay? It’s a file transfer protocol. It’s just it’s a file server. Okay? It’s like any other file server, you might use. It’s just a different protocol. So what happens is they’re expecting Dalke to go there, hook up his computer to this wi fi with all these passwords that he’s supposed to know, and then transfer these files onto this file server that they set up for him on this network.
00:24:17:49 – 00:24:42:39
Keith
So Dalke agrees with this, and then he finishes with, If the Americans ever get this information, I am afraid it will make obvious who shared this information. But if you can get approval for this last accommodation, I am sure I can get you the documents quickly. And with that I got a pause for you on Act one, because we’re setting up, we’re setting up for the dead drop.
00:24:42:51 – 00:25:02:17
Keith
Okay? So if there’s anything you liked in this episode, please like, subscribe, thumbs up, follow whatever the positive affirmation is on your platform that you’re watching this on or listening to me on. If you can share this with your friends, that’d be awesome too. If anybody you think likes true crime podcast with some jokes thrown in, that’s that’s this.
00:25:02:17 – 00:25:17:11
Keith
So please do share it with them. And with that, I hope you come back tomorrow because it’s going to be our concluding act. Act number two, the dead drop, where I’m going to talk about what happens at this dead drop. But we’re going to talk about what happens when Dalke gets caught, too. And we’re going to finish this case out to the end.
00:25:17:15 – 00:25:20:16
Keith
So I hope to see you back tomorrow. Thanks. Bye.
Leave a Reply