A former acting Inspector General at the US Department of Homeland Security was today indicted for allegedly stealing internal software and data and attempting to sell it all back to his then-employer.
A 16-count grand jury indictment charges that Charles Edwards, 59, and an accomplice, oversaw a scheme to copy Homeland Security's Office of the Inspector General's (OIG) internal software, tweak it with various upgrades, then sell it to other US government agencies through a private company.
He faces counts of conspiracy to commit theft of government property and to defraud the United States, theft of government property, wire fraud, and aggravated identity theft.
It is alleged Edwards, who held the Inspector General post from 2011 to 2013, conspired with another employee after he left to download the OIG's internal software, along with internal records containing the personal information of government employees.
The US Attorney's office in the District of Columbia believes that, between 2014 and 2017, Edwards would get copies of the software and records from the database from OIG employee Murali Yamazula Venkata.
Alleged Vault 7 leaker trial finale: Want to know the CIA's password for its top-secret hacking tools? 123ABCdefREAD MORE
The software and database records were then handed over to outsourced India-based developers working for Edwards' company, Data Business Solutions, who used them as to create another software platform that they then sold to the Inspector General's office at the US Department of Agriculture, it is alleged.
In short, Edwards and Venkata wanted to steal one US government agency's software, tweak it slightly, then sell it back to another US agency, it is claimed.
"In addition to stealing DHS-OIG’s software and the sensitive government databases, Venkata and others also assisted Edwards by reconfiguring his laptop so that he could properly upload the stolen software and databases, provided troubleshooting support whenever Edwards required it, and helped him build a testing server at his residence with the stolen software and databases, which contained PII," prosecutors said.
That the developers were based overseas is significant, as it means Edwards was also sending proprietary software and the personally identifiable information of US government employees to foreign nationals, it is claimed.
If convicted, Edwards and Venkata face a maximum of five years for the conspiracy to commit theft charge, 10 years for theft of government property, 20 years for wire fraud, and a minimum of two years for the aggravated identity theft count. Venkata also faces another 20 years for destruction of records. They would also face fines of up to $250,000 for each count. ®
Sponsored: Webcast: Ransomware has gone nuclear