The New Yorker story suggests there was some digital evidence, not of upload to wikileaks but of unauthorised access and download:
And, on the sixth day of the trial, prosecutors laid out what they regarded as a coup de grâce—the digital equivalent of fingerprints at a crime scene. Even after Schulte was stripped of his administrative privileges, he had secretly retained the ability to access the O.S.B. network through a back door, by using a special key that he had set up. The password was KingJosh3000. The government contended that on April 20, 2016, Schulte had used his key to enter the system. The files were backed up every day, and while he was logged on Schulte accessed one particular backup—not from that day but from six weeks earlier, on March 3rd. The O.S.B. files released by WikiLeaks were identical to the backup from March 3, 2016. As Denton told the jurors, it was the “exact backup, the exact secrets, put out by WikiLeaks.”
That is just the password some professional working in IT-security and cutting edge hacking would pick ... in particular if they were about to commit treason by leaking states secrets.
Sounds like exactly the kind of password an emotionally immature junior employee subject to poor judgment would pick, though.
Whether that's a fair description here, I can't say--but the New Yorker story is certainly internally consistent (and, it must be said, doesn't exactly make the CIA look good, either).
It lines up with his history as a deranged narcissist.
> In a 2009 exchange... one person Schulte interacted with went by “hbp.” Another went by “Sturm.” Josh’s username was “Josh.” At one point, he volunteered to grant his new friends access to the child-porn archive on his server. He had titled it /home/josh/http/porn. Sturm, taken aback, warned Schulte to “rename these things for god’s sake.”
I bet it was a co worker who wanted to leak but also didn't want to be blamed. Or maybe even a coworker who had a grudge against the defendant and didn't care about the leaks at all.
It would be pretty easy to set up. If you work in the same room or building as a coworker how hard is it to set up a camera or a physical key logger to steal their password? Once you have someone's username and password you can make it look like they did anything. You could even do something nefarious on their computer when they went home for the evening.
You may think that as security professionals they would definitely notice a key logger, but do you honestly think _anyone_ checks the back of their computer every time they come back from a lunch break?
And, on the sixth day of the trial, prosecutors laid out what they regarded as a coup de grâce—the digital equivalent of fingerprints at a crime scene. Even after Schulte was stripped of his administrative privileges, he had secretly retained the ability to access the O.S.B. network through a back door, by using a special key that he had set up. The password was KingJosh3000. The government contended that on April 20, 2016, Schulte had used his key to enter the system. The files were backed up every day, and while he was logged on Schulte accessed one particular backup—not from that day but from six weeks earlier, on March 3rd. The O.S.B. files released by WikiLeaks were identical to the backup from March 3, 2016. As Denton told the jurors, it was the “exact backup, the exact secrets, put out by WikiLeaks.”