DoJ: Ex-soldier tried to pass secrets to China after seeking a 'subreddit about spy stuff'
FBI agent claims sergeant with top clearance offered access to DoD tech systems
A former US Army Sergeant with Top Secret US military clearance created a Word document entitled "Important Information to Share with Chinese Government," according to an FBI agent's sworn declaration.
Joseph Daniel Schmidt, aged 29, was arrested on Friday in San Francisco after disembarking a flight from Hong Kong, officials said. He was to appear in a US District Court for the Northern District of California on Friday afternoon and would be brought to the Western District of Washington for further court proceedings, the Department of Justice said in a statement.
The DoJ said the man's last duty post was in western Washington, at Joint Base Lewis-McChord – a major Army installation – and he was charged with two federal felonies: attempting to deliver national defense information, and retention of national defense information.
The DoJ said that during active duty, Schmidt was part of the Human Intelligence ("HUMINT") squad, first working as an intelligence collector and ultimately becoming a team leader of other HUMINT collectors. His work fell under the Indo-Pacific Command, the DoD's geographic combatant unit that covers the Pacific Ocean and Indian Ocean region, including China. It noted he had been trained in "counterintelligence collections"; "Human Intelligence Operation Management"; and "Human Intelligence Tradecraft"; and also attended the department's Defense Language Institute Chinese-Mandarin training.
The DoJ said Schmidt retired from active duty in January 2020, traveling to China, then back to the US, then to Istanbul in February 2020, before returning to the US again, and then going back to China in March 2020.
The FBI's declaration doc contains numerous allegations about a level of bumbling that hardly seems credible, including an accusation that Schmidt offered to share Top Secret info via a Gmail address linked to his name. It also claims he sent the first email it cites in the document speculatively, while visiting Turkey, seemingly deciding the publicly listed email address for the Chinese Consulate in Istanbul would do, where the document accuses him of offering to share "information I learned during my career."
Also while in Turkey, an FBI agent declaration states, Schmidt used Google to research which countries don't have extradition treaties with the United States before allegedly entering several other search queries that had The Reg staffers looking over our own to ascertain how humiliating they might be in a situation where they were somehow made publicly available.
Among the alleged searches detailed in the court filing were:
- "soldier defect"
- "chinese embassy"
- "Chinese Consulate-General in Istanbul (Turkey)"
- "chinese.consulate number doesn't go through"
- "countries that dont extradite"
- "can you be extradited for treason"
- "afghanistan visa"
- "what is china's intelligence agency"
- "subreddit spying" – after which Schmidt was said to have paid a visit to Reddit to peruse a nearly empty post titled "looking_for_a_subreddit_about_spy_stuff."
According to special agent Brandon Tower, after Schmidt left for China, he later sent an email to a Chinese state-owned enterprise. Tower alleged in his declaration that the former soldier appeared to have "used Google to conduct ... research ... which identified" the company "as being under the direct control of the PRC State Council."
The testimony accuses the ex-Army sergeant of sending the following email:
Hello, I am a retired United States Army Intelligence Agent. I have a Secret Internet Protocol Routing PKI token that I would like to reverse engineer to give to the Chinese government. This type of card is what US intelligence agencies use to gain access to [Secret Internet Protocol Router Network] SIPR, the intelligence network with TOP SECRET documents and information. It is a very rare card to find outside of the intelligence community, and if used properly, it can improve China's ability to access the SIPR network.
If I give you card, can you look into the security algorithms that it uses for me? By the way, I'm sorry my Chinese is so bad. I don't know how to translate most of this terminology, and I appreciate your patience. Where can I turn in the card at? Thank you!!
Best regards, Joey
- China uses Alibaba's Euro logistic hub to spy on stuff, Belgian intelligence fears
- South Korea accuses North of Phish and Ships attack
- US govt IT help desk techie 'leaked top secrets' to foreign nation
- Routers have been rooted by Chinese spies, US and Japan warn
According to the US Army, the PKI card is an encryption key for accessing the Army's classified Secret network and related databases, referred to as the Secret Internet Protocol Router Network ("SIPRnet").
According to the filings, Schmidt used four email addresses, one Yahoo!, one Outlook address, and two Gmail addresses, all attached to the name "Joey Schmidt," "Joe Schmidt," or "Joseph Schmidt," and with the second Gmail address as the recovery email for the first. Both Gmail addresses were tied to his iCloud account, claims the DoJ. Schmidt used the second Gmail account to book trips to China while he was on active duty, using personal leave to travel there, the DoJ adds.
The FBI claims that in July 2020, just two weeks before sending the email, he was told by Hong Kong immigration authorities that he had been "overstaying in Hong Kong."
Special agent Tower went on to claim that "since his arrival in Hong Kong in early March 2020," Schmidt had been trying to find work in China and a PRC work permit/visa so he could permanently relocate to China. However, due to a variety of factors, including China's policies in response to the COVID-19 pandemic, Schmidt was having trouble obtaining a PRC visa.
"Members of our military take a sworn oath to defend our country and the Constitution. In that context the alleged actions of this former military member are shocking – not only attempting to provide national defense information, but also information that would assist a foreign adversary to gain access to Department of Defense secure computer networks," said acting US attorney Tessa M Gorman for the Western District of Washington.