Since Sandia is an "at will" employer -- and they regularly remind you of this if you press issues -- people fear for their jobs. Of the several hundred colleagues I worked with during my career there, a grand total of two still talk to me -- even after the verdict. My friends in computer security that are still working there think their phones are tapped by Sandia counterintelligence, and are terrified to even call me from home. We clearly demonstrated for the jury that it is an environment of fear, created expressly to keep the employees in line.
What prompted you to conduct that independent investigation into the Sandia intrusion in the first place? As a network intrusion detection analyst, I regularly used similar "back-hacking" techniques in the past to recover stolen Sandia password files and retrieve evidence to assist in system and network compromise investigations.
We were able to better defend our networks as a direct result of the intelligence we gained. I authored in-depth analyses of these intrusions that were sent for reporting and educational purposes to the Department of Energy's (DOE) Computer Incident Advisory Capability (CIAC), investigators at the DOE Inspector General (IG), Sandia Counterintelligence, DOE Cyber Counterintelligence, Sandia IT management and my entire department. Even to a novice, it was obvious after reading the analyses how intelligence was gleaned on the adversaries.
For example, phrases substantially similar to this were used in my reports: "I used their credentials to access the systems in Brazil and China, identify their hacking tool caches, and [pulling] down all of their tools, e-mails and other information to aid in their identification." Numerous exhibits of these activities were presented at trial for the jurors. In a meeting with them after the verdict was rendered, even the less cyber-savvy folks understood what the e-mails represented.
What were you hoping to achieve through this investigation? My objective started out with a purpose similar to the other investigations I engaged in while at Sandia. The difference in this instance was that the rabbit hole went much deeper than I imagined.