If you’re going to have security clearance at the National Geospatial-Intelligence Agency, then you should know that anytime you step out of your designated dataset, someone is going to know. That’s why it is hard to believe that Brian Keith Montgomery, an intelligence analyst at the NGIA, unwittingly viewed information regarding a classified operation that he did not have authorization to view. Even though it was within his security clearance, there was a warning that “only officials participating in the operation were allowed to use the password” to view this particular data. Even though he was authorized to use that same password to view other data, he apparently did not see the warning informing him who could and could not view THIS operation’s information.
While motive may be that he was just being a curious geek, he will no doubt learn a harsh lesson about being nosey.
From wired.com, Kevin Poulsen writes:
An analyst at a Defense Department spy satellite agency faces federal hacking charges after allegedly poking around in a top-secret system used in a classified terrorism investigation involving the FBI and the U.S. Army.
Brian Keith Montgomery worked on a covert program for the National Geospatial-Intelligence Agency — the spy agency in charge of satellite and aerial image collection. On April 9, he was carrying out his duties when he saw a message that “provided significant detail about a classified operation” that was unrelated to his job, according to an affidavit filed by a Pentagon investigator.
The operation is not detailed in the affidavit (.pdf), but there is a reference to the 902nd Military Intelligence Battalion, an Army counterintelligence unit based at Fort Meade in Maryland, with a presence at more than 50 other locations inside and outside the United States. The 902nd faced controversy in 2005, when NBC News published documents showing the the unit had been spying on American anti-war protesters. Under the guise of fighting terrorism, the group had filed intelligence reports on legal demonstrations, including a weekly protest at an Atlanta recruiting station, and a protest at the University of California at Santa Cruz.
According to the government, Montgomery ignored a security warning in the message he saw, and twice logged in to a classified system used in the terrorism investigation: first on April 9, when he stayed on for two hours, and then on April 14. He’d gotten the password from another classified message to which he also had legitimate access.
Curiously, just by accessing the system, Montgomery endangered the terrorism investigation, and “caused harm to the U.S. Army and the FBI,” according to the affidavit by Dexter Wells, an agent with the Defense Criminal Investigative Service.
Montgomery’s alleged motives are unclear, but he told DCIS that he was very interested in the information in the program, Wells wrote. Montgomery also told investigators that he thought he was allowed to log in to the system, and hadn’t noticed a warning saying that only officials participating in the operation were allowed to use the password.
“It was not until I was called on the carpet, that I went back and read the warning notice in the message traffic,” Montgomery allegedly told DCIS.
The nature of the system at issue is not clear, but it was used from all around the United States as part of the terrorism investigation, and was being monitored by the FBI at the time of his alleged access. That’s evidently what led to the probe of Montgomery, who worked at a National Geospatial-Intelligence Agency facility at Fort Belvoir in northern Virginia.
There are no allegations that Montgomery did anything with the information he obtained.
He’s charged with a single count of gaining unauthorized access to a protected computer or exceeding authorized access, and obtaining classified information. Prosecutors in the Eastern District of Virginia, where Montgomery was charged Friday, did not return a phone call.