The sales pitch couldn’t have been more complex than, “Hey mister, wanna buy some classified information about U.S. Navy weapons systems in use on U.S. Navy ships?”  When Jay Clyde Wolff reached out to an unidentified foreign entity to try and sell information he had in his possession, he put into action a plan he no doubt had concocted prior to his discharge from the Navy in 1983. The FBI caught wind of Wolff’s intent to break trust with the United States via an unidentified “tip” and interceded. They did what the FBI does, they arranged a meet with one of their own posing as a foreign national intelligence officer.  Wolff wasn’t greedy, he asked for only $5,000-$6,000 for the weapons systems classified information. On this date, December 17, 1984, Wolff was arrested in Gallup, NM. Wolff, was 24 years old, at that time and found himself in way over his head. He pleaded guilty, and was sentenced, in June 1985, to five years in prison.

Wolff Was an insider threat realized

No doubt that the insider risk management systems in place in 1984 were not as robust as they are today in 2022. And if it wasn’t for an “unidentified tip” to the FBI, no one would have been the wiser. When he left the Navy in 1983, no one came chasing the classified documents he had in his possession and was ready to parley for quick cash.  While Wolff’s activity took place almost 40 years ago, this former U.S. Navy enlisted man’s behavior exhibited then is not different than what is being exhibited now by the insider who opts to break trust.  He took classified information prior to his discharge, hoarded it, and then attempted to monetize it after a suitable cooling off period.

More contemporary examples of Insider Threat

U.S. Air Force contractor Izaak Vincent Kemp took classified information from his work place (Air Force Research Laboratory (AFRL)  and the U.S. Air Force National Air and Space Intelligence Center (NASIC) ) from July 2016 through May 2019. He didn’t use any sophisticated techniques. He printed out the information he wanted to keep and took the papers home. No one missed the documents at Wright-Patterson Air Force Base. Instead, Kemp’s hoarding was discovered when the local Fairborn police conducted a search of his house having to deal with the allegation he was running a marijuana grow operation. The police discovered Kemp’s treasure trove of 2,500 classified documents. He got off a lot easier than Wolff. Kemp was sentenced to one year and a day for hoarding classified information. The difference between Kemp and Wolff was that Kemp had not yet attempted to monetize his hoard of classified information.

Then we can’t forget Edward Snowden, who hoarded millions of pieces of classified while employed as a contractor for NSA and the CIA. He took his stash of classified information and inflicted severe damage on U.S. intelligence sources and methods. Recently he obtained Russian citizenship. Perhaps a more extreme case, yet one which plays out far too frequently.

An equally prolific hoarder can be found in the case of Harold Martin who took suitcases and terabytes of classified data out of the NSA over the course of his 20-plus year career within the intelligence community.  Martin was sentenced to a nine-year prison term.

And many more.

Data hoarding is an insider threat nightmare

A reread of my 2017 article “Data Hoarding Among Employees Latest Insider Threat Nightmare” shows that five years later, the advice remains valid for the same reasons – information requires protection. Excerpt from 2017 piece: “Keep information as long as you need information and use the delete key with relish. Don’t allow your personnel to fall into the “I might need it someday” sinkhole. With the advent of online cloud storage solutions, the capacity to hoard has never been greater. Checks, balances, policies and procedures are your friend. The confirmed deletion of obsolete data reduces the amount of data which must be protected.  This is a plus for any within the NISPOM compliant world, where our insider threat program must detect hoarding so we do not have another instance of Martin, Pollard, or Snowden. We don’t need another counterintelligence nightmare.”

Can you detect hoarding with your insider risk management program?  Would your program today, catch Wolff’s hoarding of 1983? If the answer is no or even questionable, it’s a great time of year to make an update to the systems.

Related News

Christopher Burgess (@burgessct) is an author and speaker on the topic of security strategy. Christopher, served 30+ years within the Central Intelligence Agency. He lived and worked in South Asia, Southeast Asia, the Middle East, Central Europe, and Latin America. Upon his retirement, the CIA awarded him the Career Distinguished Intelligence Medal, the highest level of career recognition. Christopher co-authored the book, “Secrets Stolen, Fortunes Lost, Preventing Intellectual Property Theft and Economic Espionage in the 21st Century” (Syngress, March 2008). He is the founder of securelytravel.com