Marc Baier, 49, Ryan Adams, 34, and Daniel Gericke, 40, worked as senior managers at a U.A.E. company between 2016 and 2019. Their work included providing computer network exploitation services - better known as hacking - for the U.A.E. government.
The services were sophisticated, including a “zero-click” intelligence gathering system that could compromise the security of a device without any input or action by its owner, the DOJ says.
Such zero-click systems can be used to illegally gain access to online accounts, computers, and mobile devices around the world. Apple Inc., currently rated the world’s top technology company, on Monday launched a major security patch to protect an estimated 1.65 billion Apple products from that type of system.
“Left unregulated, the proliferation of offensive cyber capabilities undermines privacy and security worldwide," says Channing D. Phillips, Acting U.S. Attorney of the District of Columbia.
After leaving U.S. government employment, the defendants worked for a U.S. company in 2015 that provided above board cyber services to a U.A.E. government agency.
In January 2016, they joined the U.A.E. agency. After the move, they continued to seek access to secure information held by their former employer via hacking, including information held by former colleagues.
The report by the DOJ explains that the defendants were repeatedly informed that their work constituted “defense services” under the International Traffic in Arms Regulations (ITAR) and that they therefore needed to obtain a Technical Assistance Agreement (TAA) in order to lawfully work for their new employer.
In violation of the terms of the agreement and of ITAR, they hacked their former employer’s databases in order to steal private information for a foreign government.
“These individuals chose to ignore warnings and to leverage their years of experience to support and enhance a foreign government’s offensive cyber operations," said Assistant Director in Charge Steven M. D’Antuono of the FBI’s Washington Field Office.
Court documents say financial gain motivated the defendants in their actions, noting that the U.A.E. agency offered “significant increases in their salaries.”
The U.S. and U.A.E. entities in question are left unnamed by both the DOJ and the court documents.
Mark J. Lesko, Acting Assistant Attorney General of the DOJ’s National Security Division, views the defendants as an example for others, saying that “hackers-for-hire…should fully expect to be prosecuted for their criminal conduct.”
Sheetal Patel, the CIA's assistant director for counterintelligence, circulated a letter to former agency officials earlier this year regarding “an uptick in the number of former officers who have disclosed sensitive information about CIA activities, personnel, and tradecraft,” according to the Associated Press.
The letter described a growing practice of foreign governments hiring former intelligence officers and CIA contacts “to build up their spying capabilities.”
“We ask that you protect yourself and the CIA by safeguarding the classified tradecraft that underpins your enterprise,” Patel wrote.
As part of their deal, the defendants have agreed to fully cooperate with authorities and have relinquished any foreign or U.S.-based security clearances. They are also blacklisted from obtaining any future U.S. clearances and face restrictions on future employment opportunities that fall under ITAR, are connected to the U.A.E., or pertain to hacking.
Baier, Adams, and Gericke have also agreed to pay restitution of $750,000, $600,000, and $335,000 respectively. In exchange for full cooperation, the DOJ will grant them amnesty.
Lesko says that this agreement is the first of its kind in resolving such a case.