John Rowe, an engineer with 40-plus years of cleared U.S. defense sector experience was arrested on December 16 for attempted espionage. An arrest which may not have ever occurred had it not been for the initiative of a facility security officer (FSO) and an information security officer (ISO). These individuals may have worked at separate companies, but their encounters with Rowe demonstrated he was an insider threat risk to their respective companies and their client – the United States Government.
FSO reports Rowe as an insider threat
In mid-April 2017, the FSO at “Company-3” assessed Rowe to be an insider threat and reported him as such to the Defense Counterintelligence and Security Agency (DCSA). The FSO made this determination based on a review of social media posts, specifically one in which he “had revealed information regarding U.S. military fighter jets … to a woman he thought might be a Russian spy. On August 15, 2017, Rowe’s contract with the company ended, as did the FSO’s ability to provide follow-up. A review of Rowe’s LinkedIn profile shows him to have been employed by BAE Systems as a software test engineer from December 2015 through August 2017, where he claimed to have developed test plans for the EPAWSS (Eagle Passive Active Warning Survivability System) upgrade on the F-15 avionics.
ISO reports Rowe for security violations and suitability
In late-October 2017, Rowe is hired by “Company-4” and on November 2, 2017, he signs the requisite documents to allow his security clearance to be transferred, and he begins work on a contract involved with the U.S. Air Force aerospace technology. Again, referring to Rowe’s LinkedIn profile, from November 2017 through March 2018 (five months) he worked for Cobham as a software test engineer, involved in upgrading classified test functions running within a visual engineering environment.
The criminal complaint goes on to detail how on February 20, 2018, he attempted to sneak into the classified work space with a USB drive and was stopped by a colleague. “When questioned by the employee, Rowe stated that he was attempting to install software from the thumb drive onto a computer in the classified space.” During a conversation eight days later with the company’s Information Security Officer (ISO), Rowe inquired, “about the possibility of simultaneously holding a U.S. security clearance and a Russian security clearance.” Rowe’s employment was terminated shortly thereafter, in March 2018 based on “multiple security violations.”
The FBI stings Rowe
No doubt DCSA and the FBI were aware of Rowe as a security risk, and that his U.S. government security clearance could be easily reactivated by an unsuspecting company within the next couple of years. It wasn’t until March 2020 that the FBI sting operation was launched, an operation which ensnared Rowe and provided demonstrable evidence that not only had he been an insider threat risk, he was every company’s nightmare. He had squirreled away classified documents which he willingly provided to an individual he believed to be associated with Russian intelligence (FBI undercover employees) as evidence by the FBI sting operation.
On March 9, 2020, in Lead, SD, a female undercover FBI employee (UCE-1) approaches Rowe posing as an agent of the Russian government. Rowe is told that her government was interest in his knowledge of sensitive information. Rowe shared how he was interested in “moving to Russia and providing information to the Russian government. ”
The content of the conversation between Rowe and the undercover FBI employee is remarkable, the following portion, most ironic. During the March Meeting, ROWE told he how he had been wanting to work for the Russians:
ROWE: I’ve been saying this to people. I said, “I’m gonna go work for the Russians.” I’ve been saying that for the last two years.
UCE-1: And we-we’ve-we heard you–
ROWE: Then you show up. [laughs]
UCE-1: –we heard you. That’s why I’m here.
He would go on to reveal to her classified information concerning the U.S. Air Force during this initial encounter. The relationship transitioned to an email relationship with a second undercover FBI employee (UCE-2) out of the Philadelphia division of the FBI. From March through November 2020, over 300 emails would be exchanged between the two. FBI’s UCE-1, who made initial contact, came back on the scene in September 2020, when she returned to Lead to meet face-to-face with Rowe. At that time she asked if he was willing to travel to Philadelphia to meet with her, his “Russian” email interlocutor and other Russian officials. He jumps at the chance.
What Rowe does next, leave no doubt he is a national security risk.
The criminal complaint details the Rowe’s eagerness to engage with the Russian Federation. He demonstrated that he knew the relationship needed to be kept secret. In October 2020, he formed his own company, JMR Automation Technologies, LLC, perhaps to serve as a conduit for the expected remuneration from his new client.
His imagination with respect to clandestine espionage tradecraft, however, ran wild. Rowe morphed into what can only be described as full-on Maxwell Smart mode, when he disguised his phone as a piece of footwear to avoid detection as part of his preparation to travel to Philadelphia.
Rowe provides the FBI with classified information
On November 11, 2020, Rowe provided to the undercover FBI employee classified materials, via an email. The material was identified as have come from “Company-2” and a “U.S. Agency.” A review of Rowe’s LinkedIn profile shows he operated as a test engineer for a period of five months and which required him to have received an active Single Scope Background Investigation (SSBI) which permitted him to be read into a Top Secret/SCI program associated with the CIA.
Clearly Rowe had been squirreling away classified documents which insider threat risk programs did not detect. That said, it was two individuals working within the National Industrial Security Program at their respective employers who saw something, and reported it, which initiated the neutralization of the threat posed by Rowe to the national security of the United States.
Rowe is arrested
A year would pass, and Rowe’s LinkedIn profile shows him engage with his own company JMR Automation, in Lead, S.D. The affidavit doesn’t share with us whether the trip to Philadelphia, in the midst of the first year of the COVID pandemic took place.
What we do know is that one year later, the FBI requests an arrest warrant, on December 14, 2021 given there was “probable cause to believe that ROWE attempted to communicate national defense information to the Russian government, with intent or reason to believe that it would advantage that foreign nation, when he emailed classified NDI to UCE-2 under the belief that UCE-2 was a Russian agent, in violation of Title 18, United States Code, Section 794(a).”
Sadly, Rowe, a software test engineer with 40-years of classified engagements, closes out his career as a wannabe Maxwell Smart for the Russian Federation. Rowe was arrested on December 16 and will appear make his first court appearance today at 1100 hours in Rapid City, South Dakota.