On May 18, The US Department of Justice (DoJ) charged an FBI Employee for allegedly removing and improperly retaining documents of importance to national security. The indictment and its details were unsealed three days later.
The analyst in question, Kendra Kingsbury, 48, is accused of abusing her security clearance to remove a slew of different documents and store them in her home. The alleged incidents happened over 13 years of her employment, from 2004 to 2017. Twenty separate documents are mentioned in the indictment.
Kingsbury had Top Secret clearance, which allowed her to access the documents. This means she passed the FBI’s background checks and was trained on properly handling sensitive data.
Still, she removed documents that could compromise national security if made public. The files mentioned in the indictment are mostly internal correspondences, emails, presentations, and intelligence notes. Kingsbury extracted the files directly or simply did not forward them to their intended recipients.
FBI Employee Threatens National Security
Only some of the documents are mentioned in the indictment, so the full extent of the data breach is unknown. The data covers a massive range of subjects, from cybersecurity intelligence to info on emerging terrorist groups associated with Al Qaeda. The info also addressed the FBI’s open investigations and capabilities to address counterintelligence efforts of other actors.
Alan E. Kohler, the Jr. Assistant Director of the Counterintelligence Division, stated that the breadth and the depth of the retained data are astonishing. Both he and DoJ’s Assistant Attorney General John C. Demers expressed intent to restlessly pursue other insider threats.
Kingsbury had no reason to access many of the documents, meaning she also violated the FBI’s “need to know” principle. By storing the documentation in her personal residence, she exposed it to being potentially stolen and risked national security, which the charges reflect as well.
The breach is one of the many cybersecurity challenges the FBI has faced in recent months. A few others include Colonial Pipeline and DC PD falling to ransomware. Both might have happened in part due to insiders working on behalf of ransomware groups.
While external malware threats still exist, internal actors remain among the most significant issues for government organizations and companies. Proper access controls, backups, and other security measures are paramount for everyone working with sensitive and irreplaceable data.