DOJ: Former NSA Operatives Worked as Cyber-Mercenaries, Helping Hack U.S. Systems

DOJ: Former NSA Operatives Worked as Cyber-Mercenaries, Helping Hack U.S. Systems
Photo: Drew Angerer, Getty Images

Former U.S. intelligence operatives are facing federal charges after allegedly having worked as cyber-mercenaries for the United Arab Emirates. The men, all of whom are ex-employees of the National Security Agency, are accused of helping the UAE government to break into computer systems all over the world, including some in the U.S., newly unsealed court documents claim.

Marc Baier, 49, Ryan Adams, 34, and Daniel Gericke, 40, are all charged with having broken federal laws related to computer fraud and export regulations, the Department of Justice announced Tuesday.

Between 2016 and 2019, the trio worked as senior managers at Dark Matter, an Emirati cybersecurity company employed by the government. Working out of a converted mansion in Abu Dhabi, the team was part of an operation dubbed “Project Raven,” the likes of which was staffed almost wholly by former U.S. intelligence officials. Their services helped the Middle Eastern monarchy to carry out hacking operations against its perceived enemies, including activists, political rivals and journalists, Reuters previously reported.

Part of the services provided by the Americans was the development of two “zero-click” exploit attacks — sophisticated cyber-intrusion techniques that can compromise security flaws implicit in popular mobile operating systems. Such attacks, which can be carried out without even needing to phish a target, are similar to the ones used by the notorious Israeli spyware firm NSO Group. The exploits allowed Dark Matter employees to hack into devices and “illegally obtain and use access credentials for online accounts issued by U.S. companies, and to obtain unauthorised access to computers, like mobile phones, around the world, including in the United States,” the DOJ claims.

“Raven,” which went on for years, was eventually brought to light, partially via a cadre of whistleblowers.

To settle the charges against them, the men have agreed to pay large fines, which cumulatively amount to $US1.685 million. The fines are part of a deferred prosecution agreement, effectively allowing the men to avoid any jail time.

However, court documents make it clear that what Baier, Adams, and Gericke did was plainly illegal, noting that the defendants “used illicit, fraudulent, and criminal means, including the use of advanced covert hacking systems that utilised computer exploits obtained from the United States and elsewhere, to gain unauthorised access to protected computers in the United States and elsewhere and to illicitly obtain information, material, documents, records, data and personal identifying information.”

“This agreement is the first-of-its-kind resolution of an investigation into two distinct types of criminal activity: providing unlicensed export-controlled defence services in support of computer network exploitation, and a commercial company creating, supporting and operating systems specifically designed to allow others to access data without authorization from computers worldwide, including in the United States,” said Acting Assistant Attorney General Mark J. Lesko for the Justice Department’s National Security Division. “Hackers-for-hire and those who otherwise support such activities in violation of U.S. law should fully expect to be prosecuted for their criminal conduct.”