How a sex worker became a defense contractor employee -- and an insider threat

An accomplished research scientist manipulated a defense contractor CEO into hiring a prostitute for a technical role. Here's how this insider threat could have been avoided.

CSO > wolf in sheeps clothing / fraud / identity theft / social engineering
sirup / Getty Images

The headline read, “How an unqualified sex worker allegedly infiltrated a top Air Force lab” and our eyes immediately rolled as we read the bizarre case of Dr. James Gord. He maneuvered a 32-year-old sex worker into a position of trust within Spectral Energies, a government contractor associated with the U.S. Air Force Research Laboratory located at Wright Paterson Air Force Base. His motivation? He wished to keep his sexual liaison sub rosa.

Stuff right out of Ripley’s Believe It or Not. While we sit and smirk at the ridiculousness of the situation, a deeper dive gives CISOs and their organizations food for thought as we dissect how Gord was able to manipulate his business partner and others to successfully place an individual within his company who had no business being there. Specifically, it underscores the value of background checks on individuals being placed into sensitive roles.

The tale has many unanswered questions that will remain unanswered as Gord passed in 2021 due to unnamed causes. We do know that he was a well-respected research scientist involved in advanced propulsion technologies. According to ResearchGate, he contributed to 502 scientific papers/publications and his work has been referenced in excess of 7,900 times.

The unqualified administrative technician

He also had an affinity for prostitutes, with whom he would visit while traveling. In Cincinnati Gord was a frequent client of a $400/night escort whom he met through Discreet Desires. He paid for this woman’s services and those of others using his government credit card to keep his liaisons off the family’s credit card bill and having his spouse discover his activities.”

Realizing this was unsustainable, he came up with a cover story for the CEO of Spectral Energies where he described a woman whom he recently met on a flight and her technical expertise and academic pedigree would be a great match for the company’s need for an “administrative technician.”

The company CEO acquiesced, and she was hired.

Every insider threat program manager is saying to themselves, “What was this academic pedigree?” According to Gord, the woman attended University of Tennessee, University of South Florida, and University of Cincinnati. Did the CEO have that pedigree checked? Apparently not. The Air Force Office of Special Investigations (AFOSI) later did, and they determined in less than 24 hours the individual never matriculated at any of the identified universities.

Intent on making the charade viable, Gord arranged for her to “chair a scientific panel at an upcoming Research and Applications of Photonics in Defense (RAPID) conference as a technical expert.”  

It did not take long for the woman’s lack of expertise to percolate to the top and the CEO noted that not only was she not competent in their field, but she also lacked basic office skills, such as using Microsoft Word.

The CEO and Gord had words; Gord admitted his ruse. The CEO consulted an employment attorney about his intent to terminate the woman for substandard performance and inappropriate relationship with the program manager. Gord then threatened the CEO, saying that Gord was a senior research scientist at AFRL, and that as the CEO, of Bangladeshi descent, was an immigrant the old boys club at AFRL would never believe him if he disclosed the information about a scientist as well respected as Gord.

At this point, March 15, 2019, the CEO of Spectral Energies brought the AFOSI into the mix with the claim, “Gord was regularly soliciting prostitution while on the installation and while traveling on official U.S. Air Force business.” The federal search warrant issued, under seal, in late-2019, details just how fortunate the AFRL was that Gord’s interest was strictly hedonistic, as a means to fund a continued engagement with the prostitute and not a third party’s effort to infiltrate Spectral Energies and by extension the AFRL.

How Gord created a national security risk

Looking back through the clear-eyed view of 20/20 hindsight, we see weaknesses that Gord exploited by to facilitate the woman obtaining a position of trust. First and foremost, he used his personal relationship with the CEO of the firm to influence the hiring decision. A routine background check would have discovered the falsification of her resume and put an end to the shenanigans immediately.

Then we have Gord’s desire to educate her on the ins and outs of working with the Air Force at Wright Patterson, he provided to her the organizational structure of the Combustion and Laser Diagnostics Research Complex (CLDRC) at the AFRL and the layouts of various areas within the lab associated with the company’s work. While not classified, nor particularly sensitive, it was necessary as part of the charade.

Additionally, Gord’s government-issued laptop when reviewed in August 2019 by AFOSI showed years of illegal activity being memorialized in files, to include his alleged relationship with “escorts” who were foreign nationals associated with countries “considered to be a U.S. national security risk.” Gord, who enjoyed the trust and confidence of the nation, carried a national security clearance. One of the requirements every cleared individual has is to identify contact with foreign nationals. The court document indicates these individuals were discovered during August 2019 review.

The fact that Gord used the government issued device to conduct his activities begs the question of why the IT team responsible for monitoring and maintaining Gord’s device did not discover his misuse of the device.

What ifs surrounding the Gord insider threat case

What if this was a competitor or nation-state-sponsored activity using a well-qualified individual? Add all the above together and it isn’t a stretch to this same scenario being used as a means to:

  1. Infiltrate a competitor or a nation-state actor into the mix with the goal to exploit the access the company enjoyed with the U.S. Air Force.
  2. Use Gord’s behavior (or others within the AFRL community who had relations) as a linchpin to a coercive pitch to provide classified materials to hostile intelligence service or competitor.

The value of having a formal onboarding process that includes background checks cannot be overemphasized. Having such a process would have revealed the subterfuge and any threat (if any) caused by the individual would have been neutralized.

Copyright © 2022 IDG Communications, Inc.

7 hot cybersecurity trends (and 2 going cold)