US govt IT help desk techie 'leaked top secrets' to foreign nation

A US government worker has been arrested and charged with spying for Ethiopia, according to court documents unsealed Thursday.

Abraham Lemma, 50, a Silver Springs, Maryland resident and a naturalized United States citizen who was born in Ethiopia, was detained on August 24 after allegedly sending classified US national defense information to an Ethiopian intelligence agent. He has worked in various American government agencies since 2019.

Crucially, Lemma was an IT help desk technician assigned to the Bureau of Intelligence and Research with the US Department of State (DOS) since at least 2021. In addition to that dept, where he worked at night, he was also a contract management analyst at the US Department of Justice during the day, according to prosecution documents [PDF].

Both of these positions gave him access to classified information, and he's held top-secret security clearance since at least 2020.

Oddly enough, Lemma's alleged espionage activities came to light during an investigation into the DOS's handling of national defense information following the arrest of Air National Guardsman Jack Teixeira, who has been accused of leaking classified Pentagon documents on Discord, earlier this year.

"During this review, information was uncovered indicating that a Department of State information technology contractor may have removed, retained, and transmitted classified national defense information without authorization," DOS spokesperson Matthew Miller said in a statement.

According to a criminal complaint against him, between December 19, 2022 and August 7, 2023, Lemma copied, printed, and downloaded classified and top-secret information from more than 100 US intelligence reports, the majority of these relating to Ethiopia, without authorization.

He then allegedly transmitted classified national defense information, "including documents, photographs, notes, maps," and other data relating to Ethiopia and neighboring countries over an unnamed encrypted messaging app. This included satellite imagery from the region that was marked "top secret," photos of a military compound, and other information detailing military activities in the region.

According to the court documents:

Lemma also received thousands of dollars that, according to the Feds, coincided with his travels to Ethiopia and dates when he allegedly swiped and shared the classified materials. For example: on July 15, Lemma is said to have tried to deposit $11,773.84 in cash at a Maryland bank, while "angrily discouraging an employee" from filing a currency transaction report, as mandated by the US Treasury.

"Lemma downloaded classified reports from DOS close in time to this July 15, 2023 deposit — specifically, Lemma copied at least 16 reports July 11-14, 2023," court documents claim.

• Sysadmin and spouse admit to part in 'massive' pirated Avaya licenses scam
• Russian allegedly smuggled US weapons electronics to Moscow
• TransUnion reckons big dump of stolen customer data came from someone else
• Feds raise alarm over Snatch ransomware as extortion crew brags of Veterans Affairs hit

And after returning from a trip to Ethiopia on April 30, 2022, he allegedly deposited $4,300 on the day of his return.

"Review of Lemma's US Bank 1 account records further revealed that Lemma made several large deposits, totaling in excess of $55,000, into US Bank 1 between January 1, 2022 until July 17, 2023," according to the criminal complaint. 

Lemma has been charged with delivering national defense information to aid a foreign government, conspiracy to deliver national defense information to aid a foreign government, and the willful retention of national defense information.

The two espionage charges carry a potential penalty of death or life in prison, while the willful retention charge carries a maximum of 10 years behind bars. ®