Ex-CIA Hacker Convicted for ‘One of the Most Damaging Acts of Espionage in American History’

Joshua Schulte, a former CIA hacker, was found guilty of stealing national defense information and then leaking it to WikiLeaks.

Schulte’s leak was dubbed Vault 7 by WikiLeaks, and a U.S. Department of Justice prosecutor Damian Williams called it on Wednesday “one of the most brazen and damaging acts of espionage in American history,” a leak that included “some of our most critical intelligence tools known to the public and, therefore, our adversaries.”

On Wednesday, a jury in Manhattan convicted him of all the nine counts he was facing, which together could carry a sentence of 80 years in prison, according to the New York Times.

The case stems from a leak in 2017, when WikiLeaks began publishing thousands of documents and some source code of CIA hacking tools. 

The leak included information on unknown software vulnerabilities—called zero-days in cybersecurity lingo—for iOS, Android, Microsoft Windows, and Samsung smart TVs. The inclusion of source code in the leak was highly controversial. WikiLeaks initially withheld it, and promised to alert the tech companies involved to help them fix the bugs, but was slow to reach out to them, but eventually published some of it. The leak also included curious information like the fact that the CIA had called a hacking tool Aeris, after the Final Fantasy VII character, and a CIA repository of emoticons.

In other words, the leak was a treasure trove of CIA information. 

A former colleague of Schulte told the New Yorker that the leak made her sick to her “stomach,” and that the “information getting out into a forum like that can hurt people and impact our mission. It’s a huge loss to the organization.” Sean Roche, the CIA’s Deputy Director for Digital Innovation when Schulte was working at the agency, called the leak the “equivalent of a digital Pearl Harbor,” arguing that the CIA had to shut down “the vast, vast majority” of operations while it was evaluating the damage caused by the leak. 

“It immediately undermined the relationships we had with other parts of the government as well as with vital foreign partners, who had often put themselves at risk to assist the agency. And it put our officers and our facilities, both domestically and overseas, at risk,” Roche said when he testified in court. 

Unlike Chelsea Manning, who in 2010 gave WikiLeaks thousands of secret documents pertaining to the Iraq and Afghanistan wars because she wanted the public to know of war crimes and change how people looked at those wars, Schulte was more motivated by hatred of the CIA and to spite his former colleagues, according to Schute’s former colleagues, who spoke to the New Yorker. 

Schulte, who had really bad OPSEC, has another federal case still pending for possession of child exploitation material, which the feds allege Schulte had on his laptop when they raided his apartment. 

Subscribe to our podcast, CYBER. Subscribe to our new Twitch channel.