Intelligence Operational Rule No. 1: Don’t get caught.
Intelligence Operational Rule No. 2: In the wilderness of mirrors, a source may have many faces.
On Tuesday, WikiLeaks released thousands of top-secret CIA documents outlining the penetration of encrypted-communication platforms. WikiLeaks claims these documents were acquired by an American citizen concerned about the abuse of civil liberties by U.S. intelligence agencies.
While we will have to wait for more evidence to know for sure, the circumstantial evidence already points to Intelligence Operational Rule No. 2, i.e., Russian involvement.
First, Russian intelligence services despise the CIA for its recruitment of Russian agents on Russian soil. They are always desperate to embarrass the agency. Second, as John Schindler, a former NSA counterintelligence officer, has argued for years, WikiLeaks is not an independent accountability agency, but rather a veiled cutout for Russian intelligence. Many American intelligence officers believe WikiLeaks to be a known quantity. Indeed, in March 2016, when WikiLeaks first began releasing Democratic-party officials’ e-mails, I was confident that Russia’s GRU intelligence service was responsible. This January, the U.S. Intelligence Community (IC) publicly confirmed the same.
Moreover, anyone genuinely concerned about civil-liberties abuses would have approached the congressional intelligence-oversight committees or an anti-surveillance U.S. journalist. In the intelligence world, approaching Julian Assange or the Russians is the same thing. The leaker/s is either an idiot or a traitor.
Regardless of their source or motivation, however, these leaks will have real-world implications for America and our allies. First off, by detailing how the U.S. and its allies access encrypted-communications apps, WikiLeaks has added another chapter to terrorists’ operational-security textbooks. This is especially concerning in relation to Daesh (a.k.a. ISIS), which has long relied on encrypted-communications apps such as Telegram to communicate with its attack cells in Europe. They had assumed those apps were relatively safe from intelligence services’ interception. And in recent years, especially since the Paris attacks, French and British intelligence services have worked to maintain this erroneous Daesh perception. That will now change.
Using the WikiLeaks material, software developers will develop new apps that preclude replicated intrusions, hardening their vulnerabilities to intelligence services’ access. And now, knowing their vulnerability, it is likely that suspects in ongoing counterterrorism investigations will “go dark.” The same thing occurred after the Edward Snowden leaks. Let’s be clear, this will hurt the fight against Daesh. Though, of course, Russia wouldn’t mind that outcome.
These leaks will also discourage foreign cooperation with U.S. intelligence at the margins. While cooperation between the U.S. and its allies will continue in areas such as counterterrorism-intelligence sharing (our allies need U.S. intelligence to protect their people), these leaks will inject hesitation against cooperating in areas such as the development of new intelligence platforms (e.g., app exploitation), high-risk joint-intelligence operations (similar to what happened after Senator Feinstein’s 2014 CIA witch-hunt), and the sharing of the most classified national-caveat intelligence (such as the identity of a source in a hostile government).
The upshot here is that WikiLeaks has again made the U.S. look like a leaky house.
Some effects will be more nuanced. As a British government official put it to me, “These leaks won’t really affect U.K.–U.S. cooperation, but they might affect ‘x’ Middle Eastern nations in dealing with the U.S. or the U.K. They might decide the Russians can better keep their secrets.”
The upshot here is that WikiLeaks has again made the U.S. look like a leaky house. And that perception fosters a psychological-political drip effect — encouraging our allies to fear that the U.S. IC is a colander for their secrets. This degrades the crucial component of any intelligence partnership: trust. If each prospective intelligence operation with America is judged to be likely to one day leak, that operation is far less likely to occur. For Western intelligence services that serve under politicians accountable to electorates, the increased risk of future domestic blowback is a serious concern.
This can all be seen to be squarely in Russia’s interest. It’s notable, for example, that in its analysis of the CIA leaks, WikiLeaks drew attention to the joking language with which the CIA instructs its intelligence officers to access Germany. Publicizing this joking guidance language is designed to anger the German political leaders and people, and to make the U.S. appear arrogant and unworthy of friendship (especially in the era of Trump, who is hated in Germany). Also interesting is WikiLeaks’s repeated reference to the involvement of British intelligence in developing CIA access platforms. By releasing this information now, WikiLeaks may hope to embarrass and separate German chancellor Angela Merkel from the U.S., and aggravate U.K. intelligence officers in their meetings with their U.S. counterparts. Those splits in the Western alliance are priority Russian strategic objectives. Remember, Putin’s strategy is always aggressive, conniving, and pursuant of complex multi-level effects.
We shall see what follows in the days ahead. Perhaps Russia had no hand in this. More likely is that WikiLeaks has once again shown its hand. Whether it knows its master or not, like the KGB colonel it serves, WikiLeaks’s false shield of truth serves only the Lubyanka’s unyielding sword.