Shawn Carpenter

Last updated
Shawn R. Carpenter
Occupation(s) Cyber security analyst and whistleblower

Shawn R. Carpenter is a cyber security analyst and whistleblower (previously employed by Sandia National Laboratories) who tracked down a Chinese cyberespionage ring that is code-named Titan Rain by the FBI. He came to national attention when his story was reported on in the September 5, 2005 issue of Time magazine.

Contents

Early life

Carpenter served in the United States Navy for six years. It was also reported that he was a retired Army major. https://content.time.com/time/press_releases/article/0,8599,1098911,00.html

Titan Rain

Initial discovery

Carpenter was an employee of Sandia National Laboratories, investigating security breaches in its networks. However, upon tracking several breaches of Sandia, Lockheed Martin Corporation, Redstone Arsenal, and even NASA, dating back to 2003, Carpenter noticed patterns that began to appear to link the attacks to a single group. He was impressed by the meticulous, voracious, and swift manner (sometimes completed in less than 30 minutes) in which the hackers operated. Such observations led him to alert the federal government of his findings.

The Titan Rain hacking operation was first reported in an August 25, 2005 Washington Post article by Bradley Graham, which didn't mention Carpenter. Graham listed anonymous government officials as his sources.

Carpenter terminated by Sandia after refusing to drop issue

After informing his supervisors of the breaches, he was told that his only concern should be Sandia computers and to drop the issue. His employment was later terminated when Carpenter disobeyed his management and communicated the information about the security breaches first to United States Army Cyber Counterintelligence Special Agents. They verified his report and later brought in the FBI. The FBI requested a Senior DAC Counterintelligence agent known in the counterintelligence community by the nickname "Doc" to handle Carpenter and lead the operation on behalf of the FBI. For almost half a year, Carpenter was a confidential informant for the FBI before Sandia discovered his actions. Carpenter reportedly felt betrayed by the termination, as he viewed his actions as a service to his country, similar to his previous military service.

According to Carpenter, during his termination hearing at Sandia, Bruce Held, Sandia's chief of counterintelligence, yelled,"[you're] lucky you have such understanding management... if you worked for me, I would decapitate you! There would at least be blood all over the office!" [1] During the subsequent court case, Held testified that he did use the word "decapitate" and, while he did not recall using the word "blood," would not contest it. He also apologized. [1]

Carpenter sues Sandia

Carpenter sued Sandia National Laboratories for wrongful termination and defamation; a jury awarded him almost $4.7 million in compensatory and punitive damages on February 13, 2007. The jury more than doubled the punitive damages requested by Carpenter's attorneys Thad Guyer, Stephani Ayers, and Philip Davis. The 13-person New Mexico state district court jury determined that Sandia's handling of Shawn Carpenter's termination was "malicious, willful, reckless, wanton, fraudulent or in bad faith." Juror Ed Dzienis said, "If they (Sandia) have an interest in protecting us, they certainly didn't show it with the way they handled Shawn." Alex Scott, the jury forewoman, said jurors were upset by the lack of documentation of the process and by the "reckless behavior on the part of Sandia to not have adequate policies in place for employees about hacking, and the cavalier attitude about national security and global security."

Carpenter's wife, Dr. Jennifer Jacobs, testified at the trial. Jacobs, a former Sandia scientist, nuclear engineer, West Point graduate, and Army Reserve Major, said Sandia management questioned her loyalty to the company after her husband was fired. Jacobs left Sandia and was later appointed as a White House Fellow, and was a director at the United States National Security Council. In an interview with the Albuquerque Journal, Jacobs stated, "The point for us all along was this is bad for the country to have contractors like Sandia Corporation behaving this way -- with impunity. And if other citizens don't do this, it's the beginning of the end for our country. That's what we kept coming back to: This is what we have to do, because it's what we expect of others."

As of March 2007, Carpenter is employed at NetWitness Corporation, a startup headed by Amit Yoran, former director of the National Cyber Security Division within the United States Department of Homeland Security.

Sandia appeals verdict, then drops appeal

In March 2007, Sandia National Laboratories retained three additional attorneys at the international corporate defense firm of Baker Botts. In post-trial motions, Sandia's attorneys unsuccessfully argued to throw out the jury verdict, to reduce the judgment to zero, and for a new trial. Carpenter's attorneys successfully argued a motion for post-judgment interest. During the appeals process, Sandia was ordered to pay an interest rate of 15% per year on the final judgment of $4,742,146.66 (plus attorney fees).

On October 14, 2007, The Albuquerque Journal published a story ("Analyst, Sandia Settle Suit") that stated that Sandia had dropped its appeal of the verdict. [2] According to the story, the judgment had been accumulating 15 percent interest since the verdict in his favor in February 2007. The piece also related that Carpenter continues to work in the national security area for clients in the intelligence community, federal agencies, and the military.

See also

Related Research Articles

<span class="mw-page-title-main">Sandia National Laboratories</span> National laboratory in Albuquerque, New Mexico.

Sandia National Laboratories (SNL), also known as Sandia, is one of three research and development laboratories of the United States Department of Energy's National Nuclear Security Administration (NNSA). Headquartered in Kirtland Air Force Base in Albuquerque, New Mexico, it has a second principal facility next to Lawrence Livermore National Laboratory in Livermore, California, and a test facility in Waimea, Kauai, Hawaii. Sandia is owned by the U.S. federal government but privately managed and operated by National Technology and Engineering Solutions of Sandia, a wholly owned subsidiary of Honeywell International.

<span class="mw-page-title-main">Robert Hanssen</span> American double agent spy (1944–2023)

Robert Philip Hanssen was an American Federal Bureau of Investigation (FBI) agent who spied for Soviet and Russian intelligence services against the United States from 1979 to 2001. His espionage was described by the Department of Justice as "possibly the worst intelligence disaster in U.S. history".

<span class="mw-page-title-main">InfraGard</span> FBI Initiative for Public-Private Sector Infrastructure protection

InfraGard is a national non-profit organization serving as a public-private partnership between U.S. businesses and the Federal Bureau of Investigation. The organization is an information sharing and analysis effort serving the interests, and combining the knowledge base of, a wide range of private sector and government members. InfraGard is an association of individuals that facilitates information sharing and intelligence between businesses, academic institutions, state and local law enforcement agencies, and other participants dedicated to preventing hostile acts against the United States.

The Government of China is engaged in espionage overseas, directed through diverse methods via the Ministry of State Security (MSS), the Ministry of Public Security (MPS), the United Front Work Department (UFWD), People's Liberation Army (PLA) via its Intelligence Bureau of the Joint Staff Department, and numerous front organizations and state-owned enterprises. It employs a variety of tactics including cyber espionage to gain access to sensitive information remotely, signals intelligence, human intelligence as well as influence operations through united front activity targeting overseas Chinese communities and associations. The Chinese government is also engaged in industrial espionage aimed at gathering information and technology to bolster its economy, as well as transnational repression of dissidents abroad such as supporters of the Tibetan independence movement and Uyghurs as well as the Taiwan independence movement, the Hong Kong independence movement, Falun Gong, pro-democracy activists, and other critics of the Chinese Communist Party (CCP). The United States alleges that the degree of intelligence activity is unprecedented in its assertiveness and engagement in multiple host countries, particularly the United States, with economic damages estimated to run into the hundreds of billions according to the Center for Strategic and International Studies.

<span class="mw-page-title-main">Titan Rain</span> Series of coordinated attacks on American computer systems

Titan Rain was a series of coordinated attacks on computer systems in the United States since 2003; they were known to have been ongoing for at least three years. The attacks originated in Guangdong, China. The activity is believed to be associated with a state-sponsored advanced persistent threat. It was given the designation Titan Rain by the federal government of the United States.

The timeline of the Cox Report controversy is a chronology of information relating to the People's Republic of China's (PRC) nuclear espionage against the United States detailed in the Congressional Cox Report. The timeline also includes documented information relating to relevant investigations and reactions by the White House, the U.S. Congress, the Federal Bureau of Investigation (FBI), and United States Department of Justice.

<span class="mw-page-title-main">Director of the Federal Bureau of Investigation</span> Head of the Federal Bureau of Investigation

The director of the Federal Bureau of Investigation is the head of the Federal Bureau of Investigation, a United States federal law enforcement agency, and is responsible for its day-to-day operations. The FBI director is appointed for a single 10-year term by the president of the United States and confirmed by the Senate. The FBI is an agency within the Department of Justice (DOJ), and thus the director reports to the attorney general of the United States.

<span class="mw-page-title-main">Eric O'Neill</span> Security consultant, former FBI counter-espionage operative

Eric Michael O'Neill is an American former FBI counter-terrorism and counterintelligence operative. He worked as an Investigative Specialist with the Special Surveillance Group (SSG) and played a major role in the arrest, conviction, and imprisonment of FBI agent Robert Hanssen for spying on behalf of the Soviet Union and Russia. His book written about this experience, Gray Day: My Undercover Mission to Expose America's First Cyber Spy, was published in spring 2019. He is a public speaker and security expert who lectures internationally about espionage and national security, cybersecurity, fraud, corporate diligence and defense, hacking, and other topics.

This page is a timeline of published security lapses in the United States government. These lapses are frequently referenced in congressional and non-governmental oversight. This article does not attempt to capture security vulnerabilities.

<span class="mw-page-title-main">Department of Defense Cyber Crime Center</span> United States defense organization

The Department of Defense Cyber Crime Center (DC3) is designated as a Federal Cyber Center by National Security Presidential Directive 54/Homeland Security Presidential Directive 23, as a Department of Defense (DoD) Center Of Excellence for Digital and Multimedia (D/MM) forensics by DoD Directive 5505.13E, and serves as the operational focal point for the Defense Industrial Base (DIB) Cybersecurity program. DC3 operates as a Field Operating Agency (FOA) under the Inspector General of the Department of the Air Force.

Thad McIntosh Guyer is an American civil rights and whistleblower lawyer, lecturer and advisor with an international law practice based in Oregon. He is known for defending whistleblowers in retaliation cases at large institutions including the United Nations, World Bank, International Labour Organization and African Development Bank.

<span class="mw-page-title-main">Chinese espionage in the United States</span>

The United States has often accused the People's Republic of China of attempting to unlawfully acquire U.S. military technology and classified information as well as trade secrets of U.S. companies in order to support China's long-term military and commercial development. Chinese government agencies and affiliated personnel have been accused of using a number of methods to obtain U.S. technology, including espionage, exploitation of commercial entities, and a network of scientific, academic and business contacts. Prominent espionage cases include Larry Wu-tai Chin, Katrina Leung, Gwo-Bao Min, Chi Mak and Peter Lee. The Ministry of State Security (MSS) maintains a bureau dedicated to espionage against the United States, the United States Bureau.

Cyberwarfare by China is the aggregate of all combative activities in the cyberspace which are taken by organs of the People's Republic of China, including affiliated advanced persistent threat (APT) groups, against other countries.

<span class="mw-page-title-main">FBI Counterintelligence Division</span> US FBI special division

The Counterintelligence Division (CD) is a division of the National Security Branch of the Federal Bureau of Investigation. The division protects the United States against foreign intelligence operations and espionage. It accomplishes its mission of hunting spies and preventing espionage through the use of investigation and interaction with local law enforcement and other members of the United States Intelligence Community. In the wake of the September 11, 2001 attacks, the division's funding and manpower have significantly increased.

<span class="mw-page-title-main">Sean M. Joyce</span> American law enforcement officer

Sean M. Joyce was the 14th Deputy Director of the Federal Bureau of Investigation.

<span class="mw-page-title-main">Josh Campbell (journalist)</span>

Josh Campbell is an American correspondent with CNN, former U.S. intelligence community official, and military veteran. He serves as an adjunct senior fellow and national security policy researcher with the Center for a New American Security.

Cyber spying on universities is the practice of obtaining secrets and information without the permission and knowledge of the university through its information technology system. Universities in the United Kingdom, including Oxford and Cambridge, have been targets, as have institutions in the United States and Australia.

Michael A. Sussmann is an American former federal prosecutor and a former partner at the law firm Perkins Coie, who focused on privacy and cybersecurity law. Sussmann represented the Democratic National Committee (DNC) and retained CrowdStrike to examine its servers after two Russian hacker groups penetrated DNC networks and stole information during the 2016 U.S. elections.

China is regularly accused by the United States and several other nations of state-organized economic espionage and theft of intellectual property, in violation of international trade agreements. The espionage and theft would not be limited to business, but also include academia and government. The Ministry of State Security (MSS), united front groups, and their affiliates have been reported as frequent perpetrators of such theft.

References