Jul 29, 2023
FBI communications may also have been compromised by an engineer working on Tennessee Air Force base, a search warrant reveals.
The Pentagon is investigating what it has called a “critical compromise” of communications across 17 Air Force facilities by one of its engineers, according to a search warrant obtained by Forbes. The document also details evidence of a possible breach of FBI communications by the same employee, who worked at the Arnold Air Force Base in Tennessee.
The government had been tipped off by a base contractor that the 48-year-old engineer had taken government radio technologies home, effectively stealing them for his own use, according to the warrant, which alleged the amount of pilfered equipment was worth nearly $90,000.
When law enforcement raided his home, they found he had “unauthorized administrator access” to radio communications tech used by the Air Education and Training Command (AETC), “affecting 17 DoD installations,” according to the warrant. The AETC is one of nine “major commands,” defined by the Pentagon as “interrelated and complementary, providing offensive, defensive, and support elements” to Air Force HQ.
While the government didn’t detail the breadth or nature of the information taken, these new allegations come just three months after another major breach of Pentagon security. In that incident, it was alleged Air National Guard employee Jack Teixera leaked sensitive information related to the war in Ukraine on social platform Discord. Teixera pleaded not guilty in June, while the DoD made plans to improve its security measures to prevent similar breaches.
Because the engineer has not been charged, Forbes is withholding publication of his name. He did not respond to requests for comment. Neither the Department of Defense nor the Air Force had responded to requests for comment. The Justice Department declined to comment.
During the raid, investigators also discovered an open computer screen showing the suspect was running a Motorola radio programming software, “which contained the entire Arnold Air Force Base (AAFB) communications system,” according to the warrant.
They also claimed to have found evidence the suspect had possible access to communications of the FBI and various Tennessee state agencies, though authorities did not provide more information on what data he had obtained.
The FBI hadn’t provided comment at the time of publication, though the search warrant revealed it was working with the Air Force on the investigation.
According to the warrant, “witnesses and co-workers” told investigators that the suspect “sold radios and radio equipment, worked odd hours, was arrogant, frequently lied, displayed inappropriate workplace behavior and sexual harassment, had financial problems, and possessed [Arnold Air Force Base land mobile radio] equipment.” A colleague had twice reported him because of “insider threat indicators” and unauthorized possession of Air Force equipment, investigators said.
According to his LinkedIn page, the suspect has a long history in cybersecurity as well as radio communications. He claims to have carried out numerous tests of the Arnold Air Force Base’s security, improved protection of radio communications on the site and had knowledge of the encryption used on government data.
A document detailing the forensics on technologies seized from his home revealed that he had a USB containing “administrative passwords and electronic system keys” for the AETC radio network. Also retrieved from flash drives were “local law enforcement radio programming files,” On another USB drive were “Motorola radio programming files,” which, when opened, presented a warning banner noting they were U.S. government property. Meanwhile, installer files recovered in the search came with a “CONFIDENTIAL RESTRICTED” pop-up when opened.