This article is more than 1 year old

Alleged Vault 7 leaker trial finale: Want to know the CIA's password for its top-secret hacking tools? 123ABCdef

Tales of terrible security, poor compartmentalization, and more, emerge from the Schulte hearings


Michael was a co-worker of Schulte’s, and they were, reportedly, friends insofar as any of them were friends with one another.

While Schulte was allegedly stealing the documents – which the CIA says he did by creating a backup of the machine holding the tools, saving that backup to a portable storage device, and then reverting the system back to before the backup, deleting all the logs on the way – he was also chatting over IRC with Michael. It was April 20, 2016, around 5.30pm.

Joshua Schulte asked Michael if he was going to the gym. Michael said he was. Josh arranged to meet him there. But when he didn’t turn up, Michael asked Josh what was going on, and Josh explained that one of their co-workers had kept him talking over some matter for 30 minutes.

He’s a pain in the ASCII to everybody. Now please acquit my sysadmin client over these CIA Vault 7 leaking charges


It is possible Schulte was trying to keep Michael away from his screen while he stole the CIA’s most valuable hacking tools. And it seems that Michael was suspicious. Because in the reams of electronic documents the FBI went through during its investigation, it found a screenshot Michael had taken, on his computer, that showed him monitoring the exact server the tools were stolen from while they were apparently being stolen.

Michael never mentioned the screenshot. And when quizzed about it, he admitted he had taken it but refused to discuss it any further. And he wasn’t obliged to either: any interview of a CIA agent by the FBI is voluntary.

However, one day after Michael refused to explain why he had a screenshot of the server while its contents were being drained, the CIA put him on administrative leave, noting that it “views Michael's lack of cooperation as a significant and untenable risk to the security of the operations on which he now works and any new tools he deploys."

It also explained that Michael was being suspended for “his unexplained activities on the computer system from which the ... data was stolen, known as the DevLAN, and raises significant concern about his truthfulness, trustworthiness, and willingness to cooperate with both routine reinvestigation processes and the criminal investigation into the theft from his office.”

Michael testified against Schulte at his trial. But he never mentioned being put on leave, and the government only supplied the suspension to the defense after he started testifying, removing any real opportunity Shroff had to dig into what had happened [PDF] and why.

She still doesn’t know. Nor do the jurors. They now have to decide whether Joshua Schulte – King Josh, the Vault Asshole – is guilty of selling out the CIA, and put him away for most of the rest of his life, or whether he was just a difficult man in an extraordinary job who has been setup, knowingly or not, by a spy agency intensely embarrassed by the loss of some of its most valuable weapons. ®

More about

More about

More about


Send us news

Other stories you might like