In 2016, federal agents arrested NSA contractor Harold Martin for stealing up to 50TB of classified information, and reports claimed that included offensive hacking technology designed to break into foreign computer networks. Sources for the data he took included the NSA, CIA and US Cyber Command over two decades between 1996 and 2016. On Friday, U.S. District Judge Richard Bennett sentenced Martin to nine years in prison for the offense -- per his plea agreement, even as each of the twenty charges against him could have carried up to a 10 year sentence -- and while that has ended the case, it didn't answer all the questions.
Around that same time, the "Shadow Brokers" started leaking classified NSA hacking tools online, tools that included exploits later used by malware like NotPetya and WannaCry. According to CyberScoop, the judge noted a suspicious Twitter message linked to an account Martin supposedly operated that went out hours before the leaks, and the government declined to comment further.
Prosecutors told the judge they never found proof he shared the documents from anyone, and speculation about how the group got its classified information is still unconfirmed. As for Martin, his sentence includes credit for three years already served, as well as three years of supervised release.