Well, well, well, looks like Jareh Sebastian Dalke wanted to play James Bond and sell classified information to a foreign government. From June 6, 2022, to July 1, 2022, he was an Information Systems Security Designer at the NSA, but apparently, that wasn’t exciting enough for him.
With a thirst for adventure and a mountain of debt, Dalke decided to dip his toes into the high-stakes world of espionage. He stole classified documents like a boss, and then asked a “foreign nation” (wink, wink) to deposit some sweet cryptocurrency into his wallet for the goods. What could go wrong, right? Well, turns out it was actually his friendly neighborhood FBI office who deposited the funds.
According to the articles in the links listed at the end of this post, Dalke also tried to reach a Russian government website on the Tor network.
Jareh Sebastian Dalke, 30, was an employee of the National Security Agency (NSA) where he served as an Information Systems Security Designer from June 6, 2022, to July 1, 2022. According to the affidavit in support of the criminal complaint, between August and September 2022, Dalke used an encrypted email account to transmit excerpts of three classified documents he had obtained during his employment to an individual Dalke believed to be working for a foreign government. In actuality, that person was an undercover FBI agent. Dalke subsequently arranged to transfer additional classified information in his possession to the undercover FBI agent at a location in Denver, Colorado. The FBI arrested Dalke on Sept. 28, after Dalke arrived at the specified location.
…
Dalke told that individual that he had taken highly sensitive information relating to foreign targeting of U.S. systems and information on U.S. cyber operations, among other topics. Dalke represented to the undercover FBI agent that he was still employed by the U.S. government but said he was on a temporary assignment at a field location. Dalke requested compensation via a specific type of cryptocurrency in exchange for the information he possessed and stated that he was in financial need.
To prove he had access to sensitive information, Dalke transmitted excerpts of three classified documents to the undercover FBI agent. Each excerpt contained classification markings. One excerpt was classified at the Secret level, and two excerpts were classified at the Top Secret level. In return for this information, the FBI undercover agent provided the requested cryptocurrency to an address Dalke provided.
On or about Aug. 26, 2022, Dalke requested $85,000 in return for additional information in his possession. Dalke also told the FBI undercover agent that he would share additional information in the future, once he returned to the Washington, D.C., area. Although he was not employed by the NSA while communicating with the FBI, Dalke re-applied to the NSA in August 2022.
https://www.justice.gov/opa/pr/former-nsa-employee-arrested-espionage-related-charges
An interesting note in an SC Magazine article states Dalke claimed the information he obtained was through misconfigurations:
Dalke said at least some of the information he obtained was due to a misconfiguration in NSA systems that allowed him to gain higher access privileges than he was warranted. Investigators appear to have caught Dalke in part because internal NSA records show he was the only one who printed out the stolen documents, with each one printed out over three separate days in the span of a week. Money was exchanged through cryptocurrency, and he opened an account in his own name the same day they made the deal.
https://www.scmagazine.com/analysis/insider-threat/former-nsa-employee-charged-for-trying-to-sell-national-cyber-secrets
Further Reading:
- https://www.justice.gov/opa/pr/former-nsa-employee-arrested-espionage-related-charges
- https://www.courtlistener.com/docket/65386661/united-states-v-dalke/
- https://www.courtlistener.com/docket/65409940/united-states-v-dalke/
- https://www.scmagazine.com/analysis/insider-threat/former-nsa-employee-charged-for-trying-to-sell-national-cyber-secrets
Leave a Reply