22 years of jail time sentenced for ex-NSA employee

A former National Security Agency (NSA) employee has been sent to jail for trying to send confidential National Defense Information (NDI) documents to Russia.

What happened 

Jareh Sebastian Dalke, a former U.S. National Security Agency (NSA) employee, has been sentenced to 262 months in prison for attempting to transfer classified documents to Russia. Despite only working for the agency for a short period (June 6 to July 21, 2022), Dalke made contact with someone he thought was a Russian agent but was actually an undercover FBI agent. 

Dalke sent snippets of top-secret National Defense Information (NDI) documents obtained during his tenure, demonstrating his willingness to share information, and demanded $85,000 in return. Dalke was arrested (September 2022) after transferring files to the undercover agent at Union Station in Denver. In October 2023, he pleaded guilty to the crime, admitting that he intended to injure the United States and benefit Russia by sharing the information. FBI Director Christopher Wray emphasized that this case serves as a warning to those entrusted with national defense information. 

In the know

The disclosure of confidential (and sensitive) information to a rival or enemy by someone from the opposition organization is an example of an insider threat. An insider threat refers to the risk posed to an organization's security, data, or assets by individuals within the organization, such as employees, contractors, or business partners. These individuals have authorized access to the organization's systems, facilities, or information, but may misuse or abuse their privileges for malicious purposes. Insider threats can manifest in various forms, including theft of sensitive data, sabotage, espionage, fraud, or unintentional disclosure of confidential information. 

Insiders with access to sensitive information can cause significant harm to organizations, resulting in financial losses, reputational damage, legal consequences, and disruption to operations. In this scenario, this could result in political disruptions and possibly a war.

See also: 3 insider threats you need to plan for

What was said?

Following the arrest of Dalke, Christopher Wray, director of the FBI, said that "this sentence should serve as a stark warning to all those entrusted with protecting national defense information that there are consequences to betraying that trust."

Dalke pleaded guilty to the crime, and "as part of his plea agreement, Dalke admitted that he willfully transmitted files to the FBI online covert employee with the intent and reason to believe the information would be used to injure the United States and to benefit Russia," the U.S. Justice Department said. 

Why it matters 

Insider threats pose a significant threat to the security of an organization across various dimensions. One of the foremost risks is the potential for data breaches, wherein insiders with access to sensitive information may intentionally or inadvertently leak or steal data, leading to the exposure of confidential information, trade secrets, or personal data. 

Data breaches may result in sensitive information being exposed. The exposure of such sensitive information could potentially jeopardize ongoing operations, compromise intelligence sources and methods, and undermine the country's defense capabilities. Additionally, there is a broader impact on trust and confidence in the intelligence community, both domestically and internationally. The breach may erode trust among allies and partners who rely on the U.S. for intelligence sharing and cooperation. Domestically, there may be concerns about the effectiveness of security protocols and vetting processes within the NSA and other government agencies.

FAQs

What is the NSA?

The NSA, or National Security Agency, is a United States government intelligence agency responsible for collecting, processing, and analyzing foreign communications and intelligence information.

What is a data breach?

A data breach refers to an incident in which sensitive, confidential, or protected information is accessed, disclosed, or stolen by an unauthorized individual or entity. 

How can organizations prevent insider threats?

Preventing insider threats requires a multifaceted approach that combines technological solutions, policy frameworks, and organizational culture. Here are several strategies that organizations can implement to mitigate the risk of insider threats:

• Access control: Limit access to sensitive data and systems based on the principle of least privilege, ensuring that employees only have access to the information and resources necessary for their roles.
• User monitoring: Implement user activity monitoring tools to track and analyze employee behavior, detecting unusual or suspicious activities that may indicate insider threats.
• Security policies and procedures: Establish clear policies and procedures for handling sensitive information, accessing systems, and reporting security incidents. Enforce these policies consistently across the organization, and regularly review and update them to address emerging threats.
• Background checks and vetting: Conduct thorough background checks and vetting processes for employees, contractors, and third-party vendors to ensure trustworthiness and integrity. Periodically review access privileges and conduct security audits to identify and address potential risks.
• Encryption and data protection: Encrypt sensitive data both in transit and at rest to protect it from unauthorized access or disclosure. Implement robust data loss prevention (DLP) solutions to monitor and control the movement of sensitive information within the organization.