Jake Williams, a former member of the NSA's elite Tailored Access Operations Unit, vented his feelings on Twitter a few hours after the indictments were handed down on Friday.
"Let me be clear that: I am NOT a Russia sympathiser I am mad as hell that Russia interfered in our elections (FFS, I was personally outed by a Russian intelligence operation – of course I dislike them)," he wrote. "But charging military/gov hackers is dumb and WILL eventually hurt the US."
For all my fellow US citizens pointing out that Russia committed espionage and we should charge them, don't be naive - we hack too. And it largely keeps you safe. When the first US gov hacker is charged and/or arrested I can't wait to watch you change your opinions.— Jake Williams (@MalwareJake) July 13, 2018
He said he was basing this statement on the conclusion that the Shadow Brokers, a group that has leaked NSA exploits on the Web, are Russian. "If you disagree, fine. It doesn't change the fact that I'm mad at the Russians for interfering with the elections (evidence of that is undeniable)."
The indictments said there was no allegation that any American was a knowing participant in the alleged unlawful activity or knew they were communicating with Russian intelligence officers. "There is no allegation in the indictment that the charged conduct altered the vote count or changed the outcome of the 2016 election", it added.
Agree that any move is likely to cause complications. Naming and charging their hackers individually does invite a response in kind. And that's something I for one definitely don't want.— Jake Williams (@MalwareJake) July 13, 2018
As the Russians named in the indictment are never going to show up for trial in the US, the lengthy statement of claims will remain just that: claims.
Williams has good reason to fear exposure: last year, after he wrote an article about the Shadow Brokers, a group that has released exploits from the NSA, the Brokers issued a series of tweets, since deleted, that included details of operations in which Williams was involved.
One central underlying theme that I see in today's GRU indictment is that attackers will use the minimal level of effort required to accomplish their goals. Here, they used spear phishing, domain and email typo squatting, and even used CCleaner to cover their tracks. #APT pic.twitter.com/ZbDh4yCZRE— Jake Williams (@MalwareJake) July 13, 2018
Given that, for a while Williams restricted his travel abroad; he runs a business known as Rendition Infosec and is in demand as a trainer in various parts of the world.
"For all my fellow US citizens pointing out that Russia committed espionage and we should charge them, don't be naive – we hack too," he wrote on Friday.
To your last point, why is naming the Russians individually necessary? Things go to trial all the time with names like "unindicted co-conspirator #1" etc...— Jake Williams (@MalwareJake) July 13, 2018
"And it largely keeps you safe. When the first US gov hacker is charged and/or arrested I can't wait to watch you change your opinions."
There are numerous ex-NSA hackers who run their own infosec operations. One of the better known people is Dave Aitel, who ran a company known as Immunity, which he sold recently.
But there are few who are so prominent as Williams.