A former employee of the National Security Agency (NSA) in the United States has been detained on suspicion of attempting to sell sensitive information to a foreign agent who was actually a Federal Bureau of Investigation undercover agent (FBI).
From June 6 to July 1, 2022, Jareh Sebastian Dalke, 30, worked for the NSA for less than a month as an information systems security designer as part of a temporary assignment in Washington, D.C.
Dalke also held a Secret security clearance, which he earned in 2016, and was a member of the U.S. Army from around 2015 to 2018, according to an affidavit submitted by the FBI. While employed by the NSA, the defendant also had a Top Secret security clearance.
The Justice Department (DoJ) stated in a press statement that Dalke “used an encrypted email account in August and September 2022 to transfer extracts of three secret documents he had collected during his employment to an individual Dalke thought to be working for a foreign government.”
Further National Defense Information (NDI) is said to have been transferred from Dalke to the undercover FBI agent at an unidentified location in the U.S. state of Colorado. On September 28, the law enforcement organization apprehended him after going to the predetermined spot.
On July 29, 2022, Dalke started talking to the person he thought was connected to the foreign government. He claimed in them to have stolen private information about foreign attacks on American systems as well as details about American cyber operations.
Some of the information provided relates to the NSA’s plans to update an unnamed encryption program as well as threat evaluations involving private U.S. defense capabilities and the offensive capabilities of foreign governments.
According to the DoJ, “Dalke requested $85,000 on or about August 26, 2022 in exchange for additional information in his possession,” adding that “Dalke agreed to transmit additional information using a secure connection set up by the FBI at a public location in Denver,” which ultimately resulted in his capture.
The DoJ is mum on the identity of the foreign power, but there are hints that it might be Russia given that Dalke said he tried to contact someone through “a submission to the SVR TOR site.”
It’s important to note that, according to The Record, SVR, Russia’s Foreign Intelligence Service, established a SecureDrop-like anonymous information sharing platform on the dark web in April 2021 to share information on “critical threats to the security of the Russian Federation.”
The fact that Dalke’s “background connects back to your country” and that he had “question[ed] our involvement in damage to the world in the past” were additional motivating factors, according to email correspondences with the agent.
The former NSA employee has been accused of three Espionage Act offenses, which, if found guilty, may result in the death penalty or a sentence of up to life in prison.
Dalke’s detention comes just days after Edward Snowden, a former U.S. intelligence contractor who is accused of espionage for disclosing multiple surveillance programs operated by UKUSA community members, was awarded Russian citizenship.
In a related development, scientists at the Citizen Lab at the University of Toronto exposed “fatal” security holes in the websites the U.S. Central Intelligence Agency (CIA) used as a front for covert communications with its informants, leading to the capture and execution of numerous assets in China and Iran.
The now-defunct means of communication made use of hundreds of what appeared to be trustworthy websites, such as the soccer news site Iraniangoals[.]com, where inputting a password into the search bar prompted a hidden chat interface to appear, according to Reuters.
By combining publicly accessible content from the Internet Archive’s Wayback Machine with iraniangoals[.]com, the Citizen Lab said it was possible to map the network of 885 sites that were active between 2004 and 2013, a process that could have been completed by a “motivated amateur sleuth.”