Advertisement

Vault 7 court case ends in mistrial on most serious charges

Joshua Schulte has been found guilty on counts of contempt of court and giving false statements to the FBI.
Joshua Schulte
The update comes more than two months after a jury found Schulte, 31, guilty of lying to the FBI and contempt of court. (CIA.gov)

A New York City jury was unable to reach a verdict Monday on a number of charges against a former CIA engineer accused of orchestrating the largest leak in agency history.

A federal jury in New York found Joshua Schulte guilty on charges of contempt of court and lying to the FBI after a monthlong trial and four days of deliberation. Jurors could not reach a decision on more serious charges of illegally transferring national defense information; unauthorized access to classified information; and theft of government property.

A hearing will be held on March 26 to determine the next steps in the case.

U.S. prosecutors argued that Schulte leaked a trove CIA hacking tools to WikiLeaks in 2016 to retaliate against co-workers and agency management for what he perceived as unfair treatment during his employment. Defense attorneys worked to convince jurors that the CIA had failed to secure its most sensitive networks, and that someone other than Schulte could have stolen documents that contained information on how the U.S. government hacked widely used consumer technology.

Advertisement

The government charged Schulte in 2018 with leaking vast details about secret CIA hacking programs to WikiLeaks, which spent six months publishing the so-called Vault 7 and Vault 8 files. Since his arrest Schulte also had been charged with conspiring to leak more classified material from behind bars, and at one point sued the government for $50 billion in lost wages.

This verdict, while significant, does not mark the end of Schulte’s saga. In addition to the March 26 hearing, he is also awaiting trial on separate charges of possessing of child pornography. Those proceedings have not yet been scheduled.

For all the inherent sensationalism that comes with a former CIA employee allegedly leaking U.S. hacking tools, this trial in the Southern District of New York mostly chronicled a long workplace dispute.

Witnesses described an often unprofessional environment in the CIA’s Engineering Development Group, where employees would spend weeks or months on tools meant to exploit software vulnerabilities in devices like smart TVs or mobile systems to spy on targets. Instead of cloak-and-dagger operations, though, the jury heard of Nerf gun fights, pranks and a competitive atmosphere that would escalate into physical altercations or racist diatribes.

As a developer, Schulte worked with a small team of CIA personnel on a project called Brutal Kangaroo, a suite of hacking tools meant to breach Windows computers via USB drives. One former co-worker who still works at the agency testified that other CIA agents referred to Schulte as “nuclear option” and “badass” because of his propensity to attack perceived office rivals when he was annoyed.

Advertisement

At one point, prosecutors said, Schulte became locked in an ongoing feud with another employee on his team, identified only as “Amol.” Schulte fabricated a story in which Amol had threatened to kill Schulte, according to one witness, while also urging CIA higher-ups to discipline Amol. When the agency determined the complaint was baseless, Schulte was moved to a different project.

Additionally, another tool Schulte was working on was taking so long to complete that his superiors brought in a contractor to finish the project. After expressing his displeasure with being removed from the project, prosecutors said, Schulte restored his access to a protected agency system and downloaded vast details about the agency’s offensive security capabilities.

However, roughly halfway through the trial, the defense team requested a mistrial on the grounds that prosecutors had failed to provide sufficient notice about an agency employee identified only as “Michael.” The CIA placed Michael on paid administrative leave in August “because of concerns he was not providing information about the defendant.” Prosecutors stated in a filing they did not suspect that Michael had any involvement in stealing CIA documents, though defense attorneys said they didn’t have proper notice to understand the full implications of Michael’s involvement in the matter.

Jeff Stone

Written by Jeff Stone

Jeff Stone is the editor-in-chief of CyberScoop, with a special interest in cybercrime, disinformation and the U.S. justice system. He previously worked as an editor at the Wall Street Journal, and covered technology policy for sites including the Christian Science Monitor and the International Business Times.

Latest Podcasts