Three former US intelligence agents admit to hacking for the UAE

·3 min read
Representative: The Justice Department accused the three former intelligence officials of committing computer fraud and violating export control laws by providing defense services without the required license (Getty Images)
Representative: The Justice Department accused the three former intelligence officials of committing computer fraud and violating export control laws by providing defense services without the required license (Getty Images)

Three former US intelligence agents admitted to committing hacking crimes against the country and providing sophisticated computer hacking tools to the United Arab Emirates, according to court documents made public on Tuesday.

The three hackers that include two US nationals and a former American citizen agreed to pay the penalty of $1.68 mn under a legal settlement with the federal government in a bid to avoid prosecution, said US Justice Department.

The operatives, Marc Baier, Ryan Adams and Daniel Gericke, all former employees of the US Intelligence community, worked as senior managers in a UAE-based company called DarkMatter, reported the New York Times. The Justice Department alleged that while working with the company, the three conducted hacking operations for the benefit of the UAE government.

The department accused the three men of committing computer fraud and violating export control laws by providing defense services without the required license.

It alleged that between 2016 and 2019, the three men provided access to “zero-click” computer hacking services which could compromise a “device without any action by the target”. These were then used to “obtain unauthorized access to computers, like mobile phones, around the world, including in the US,” said the Justice Department statement.

According to the media reports, the issue came to the fore after Lori Stroud, a former National Security Advisor and a former employee with DarkMatter raised the alarm with authorities about the Abu Dhabi-based organization hacking US citizens.

“This is progress,” she told AP, as she saw the case come to a resolution.

Lori Stroud is pictured in her home at an undisclosed location in the US, 27 September 2018 (REUTERS)
Lori Stroud is pictured in her home at an undisclosed location in the US, 27 September 2018 (REUTERS)

The UAE government has so far not issued a statement in the matter, reported AP, adding that the email sent to the officials at DarkMatter could not be delivered.

In 2018, DarkMatter’s founder and CEO, Faisal al-Bannai, had told AP that the organization does not take part in hacking. He, however, acknowledged the company’s close business dealings with the Emirati government, as well as its hiring of former CIA and NSA analysts.

The Justice Department said that on 7 September they entered into a three-year deferred prosecution agreement with the US government for their crimes. This essentially “restricts their future activities and employment and requires the payment of $1,685,000 in penalties to resolve a Department of Justice investigation” against them.

Under the terms, the three will have to immediately relinquish any foreign and domestic security clearances, face a lifetime ban on future US security clearances, and certain future employment restrictions, including a prohibition on employment that involves computer network exploitation operations.

If the accused comply with the agreement, the Justice Department will drop the criminal prosecution against them.

Mark J Lesko, acting assistant attorney general for the Justice Department’s National Security Division, called it “first-of-its kind resolution” in this kind of criminal activity. “Hackers-for-hire and those who otherwise support such activities in violation of US law should fully expect to be prosecuted for their criminal conduct,” he added.

Channing D Phillips, the acting US attorney of the District of Columbia explained that the unregulated proliferation of offensive cyber capabilities undermines privacy and security worldwide. He added that under the country’s International Traffic in Arms Regulation, even with proper licenses and oversight, a US citizen can only provide defense services in support of such capabilities. Their status as “a former US government employee certainly does not provide them with a free pass in that regard.”

“This is a clear message to anybody, including former US government employees, who had considered using cyberspace to leverage export-controlled information for the benefit of a foreign government or a foreign commercial company – there is risk, and there will be consequences,” said Bryan Vorndran, the assistant director of the FBI’s Cyber Division.

Additional reporting from the wires