Author Topic: Intel Matters  (Read 296547 times)





Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 69122
    • View Profile
Jane Harman: The Spooks are Spooked
« Reply #704 on: February 24, 2020, 01:35:39 PM »
second post

Trivia:  The author of this piece was my Democrat opponent when I ran for Congress in 1992.  At one of the debates an older man came up to me and introduced himself as Dick Harman.

"You must be very proud of your daughter" I said.

"She's my wife."

Both an awkward and a funny moment.

Turns out Dick was the president of Harman Electronics and the money of their June-November marriage enabled Jane to finance her campaign with a loan of $900,000.

After she won, of course she held fundraisers "to pay off her campaign debt" i.e. the money went straight into her pocket.

She served for a three or four terms IIRC.  With all the defense contractors in the district (South Bay, Los Angeles) she became known as "GI Jane" for her support of relevant military spending.  She is now a regular on the Sunday morning talk shows.
=========================================================

It’s a really bad day at the office when the spooks are spooked. That’s what happened on Wednesday when President Trump announced that Richard Grenell, the ambassador to Germany, will become the acting director of national intelligence. Though Mr. Grenell is credited with effectively pushing the White House’s agenda on Iran and China, he has virtually no intelligence experience and is viewed as very partisan. This rattled the spy community and stoked fears that a purge may be coming, fears that seemed to be confirmed on Friday when Mr. Grenell ousted his office’s No. 2 official. In fact, our whole country should be spooked.

Mr. Grenell was appointed after the president reportedly became angered by a congressional briefing that said Russia is trying to help him in the 2020 election by meddling in the Democratic primaries. So Mr. Trump removed Joseph Maguire, the highly regarded acting director of national intelligence, and temporarily assigned Mr. Grenell, who is keeping his other roles.

Reports say that Kashyap Patel, a former National Security Council staff member who sought to discredit the Russia inquiry, is a senior adviser to Mr. Grenell. The worry is that this new team is meant to do one thing: undermine the core mission of the intelligence community, which is to speak truth to power.


We’ve seen this movie before, and it didn’t end well. In 2004, the C.I.A.’s director, Porter Goss, forced out career experts over a counterintelligence dispute. A review of that activity by the Silberman-Robb Commission ultimately resulted in Mr. Goss’s resignation. The coming purge could be far worse.



With acting cabinet secretaries everywhere, the Departments of Homeland Security and State hollowed out, and the recent departure of high-profile, nonpolitical appointees on the National Security Council staff (the Vindman brothers and Victoria Coates), the judgment and experience about who wants to attack us and where is basically gone. This creates an enormous risk to our country.

While our intelligence community is the most impressive in the world, we can’t see and know everything. No nation can. So we rely on other intelligence services. And not just the ones of Australia, Britain, Canada and New Zealand that, along with the United States, make up the “Five Eyes” intelligence alliance. We also need allies with eyes and ears in places we just can’t go, like North Korea and China. A purge of our best and brightest intelligence officers will signal to them that new management is coming, and current relationships aren’t useful any longer.

Allied services also won’t trust us if our own officers face constant pressure to politicize intelligence. That means reporting streams will dry up, we won’t get early warning on planned attacks and we will lose critical knowledge about the decisions adversaries are making that may not have consequences today, but could have huge ones in the next decade. It’s impossible to know how many clues we will miss if our intelligence community is isolated from the world and the president’s daily brief only reinforces what the administration wants to hear.

A so-called house clearing could damage our intelligence abilities for at least a generation. Recruitment and retention will of course plummet, and those officers and analysts left won’t have the mentorship or the experience to ensure our assessments are based on truth.

For the sake of our country, I hope Mr. Grenell makes a careful assessment of the intelligence community’s capacities and impressive work force before making further changes. How dangerous it would be if we lose the tip of the spear against those who would destroy us.

Jane Harman, a Democrat, represented California in the House from 1993 to 1999 and from 2001 to 2013.

The Times is committed to publishing a diversity of letters to the editor. We’d like to hear what you think about this or any of our articles. Here are some tips. And here’s our email: letters@nytimes.com.

Follow The New York Times Opinion section on Facebook, Twitter (@NYTopinion) and Instagram.









Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 69122
    • View Profile
Hezbollah Honey Trap
« Reply #705 on: March 18, 2020, 12:07:34 AM »
Lessons From a Hezbollah Honey Trap
Scott Stewart
Scott Stewart
VP of Tactical Analysis, Stratfor
7 MINS READ
Mar 17, 2020 | 11:00 GMT

(JARIRIYAWAT/SHUTTERSTOCK)

HIGHLIGHTS

The arrest of a U.S. military translator accused of spying for Hezbollah shows that state intelligence agencies are not the only ones who can conduct human intelligence operations.

Honey traps continue to be an effective tactic that can be used against anyone at any age.

Employees of governments, companies and organizations that could be targeted for recruitment by state or nonstate intelligence officers should be educated about such tactics.

FBI special agents arrested Mariam Taha Thompson, an American contract interpreter, Feb. 27 in Arbil, Iraq. Thompson, who held a top-secret security clearance, has been charged with passing classified information to a man with links to the Lebanese militant group Hezbollah. Following her arrest, the 61-year-old Thompson, who is from Rochester, Minnesota, reportedly waived her Miranda rights and admitted to interviewing agents that she had passed information to a man with whom she was romantically involved, and that the man had a nephew in the Lebanese Interior Ministry. Under further investigation, she admitted that she suspected the nephew was likely linked to Hezbollah. Thompson's Lebanese paramour was reportedly overseas when she passed him the classified information.

Tradecraft

According to the indictment in this case, investigators determined that on Dec. 30, 2019, one day after the U.S. military launched airstrikes against a number of targets associated with a faction of the Iranian-backed popular mobilization units (PMU), Kataib Hezbollah, Thompson's use of classified computer systems changed dramatically. The audit logs allegedly reflected that she repeatedly accessed classified reports she had no legitimate need to access for her job. Incidentally, this was the same day that Kataib Hezbollah militia members stormed the U.S. Embassy in Baghdad. The indictment specified that between Dec. 30 and Feb. 10, Thompson accessed 58 classified files related to eight human intelligence sources who were providing information to the U.S. military in Iraq. These files, reportedly classified at the secret level, included the true names, personal identification data and photographs of the human intelligence sources. She also reportedly viewed operational cables that detailed specific information provided to the U.S. military by those sources.

The Big Picture

Espionage has long been referred to as the world's "second oldest profession." While much attention is being paid to cybersecurity in the present age, people who ignore the persistent threat of human intelligence do so at their own peril.

See Security

According to the indictment, Thompson then memorized the information about the sources and later made detailed notes about the sources that she wrote in Arabic (presumably to help avoid the scrutiny of security). She then showed the notes to her paramour over a video chat she had with him via her cellphone. During a search of Thompson's living quarters, investigators recovered one of these notes that she had hidden under her mattress. The recovered note reportedly provided the names of three of the sources, noted that their phones should be monitored, and warned that an unidentified person the U.S. military was targeting should be warned. According to the indictment, the person Thompson said should be warned is a member of a designated foreign terrorist organization. Presumably, this person was a leader in one of the Iraqi PMUs designated foreign terrorist groups, or perhaps even in the Islamic Revolutionary Guards Corps-Quds Force. IRGC-QF leader Gen. Qassim Soleimani and Kataib Hezbollah leader Abu Mahdi al-Muhandis were killed in a U.S. airstrike Jan. 2, so it is unlikely one of them was the target Thompson sought to warn.

After obtaining a subpoena for the contents of a social media account used by Thompson's handler, the FBI recovered a still image of a second note that listed the details of two other human intelligence sources.
 
It is unclear if the information Thompson passed was later used to target the human intelligence sources she identified. But even if her betrayal did not result in the deaths of the sources or their families, it at the very least severely compromised several human intelligence operations providing the U.S. military with invaluable information about the IRGC and the Iraqi PMUs.

Lessons

We can draw several lessons from this case. The first is that human intelligence operations, including honey traps, are not just the purview of state actors such as Chinese, Cuban or Russian intelligence agencies. Hezbollah clearly demonstrated that it has a sophisticated, transnational intelligence capability.

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 69122
    • View Profile
Pompeo's advisory board
« Reply #706 on: May 27, 2020, 09:12:51 PM »
https://www.politico.com/news/2020/05/27/mike-pompeos-cia-advisory-board-rankled-agency-veterans-283350

A friend seriously savy in these things comments:

"After Brennan, it’s abundantly clear that the Agency needs a shakeup.  This sort of thing is further evidence of that.  There are plenty of little bureaucrats who hate being challenged, and who hide behind behind classification.  They’re also huge on the idea of “independence,” which is a crock of shit."





Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 69122
    • View Profile

G M

  • Power User
  • ***
  • Posts: 26643
    • View Profile
How we got here
« Reply #712 on: August 13, 2020, 01:22:40 PM »

DougMacG

  • Power User
  • ***
  • Posts: 18127
    • View Profile
Re: How we got here
« Reply #713 on: August 13, 2020, 03:09:58 PM »
https://www.youtube.com/watch?v=Z1EA2ohrt5Q

He called it exactly. 

"Unlike me, you have nowhere to defect to."

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 69122
    • View Profile


Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 69122
    • View Profile




ccp

  • Power User
  • ***
  • Posts: 18353
    • View Profile
time for libs to admit
« Reply #720 on: December 23, 2020, 09:16:35 AM »
we are at WAR with China

G M

  • Power User
  • ***
  • Posts: 26643
    • View Profile
Re: time for libs to admit
« Reply #721 on: December 23, 2020, 11:19:54 AM »
we are at WAR with China

They are on China's side.


Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 69122
    • View Profile
WJ: A pardon for Snowden?
« Reply #723 on: December 28, 2020, 06:56:14 PM »
an Snowden Bamboozle Trump?
He stole American security secrets. His allies cajole the President for a pardon.
By The Editorial Board
Dec. 27, 2020 4:17 pm ET
SAVE
PRINT
TEXT
741

Edward Snowden is displayed on a screen as he speaks during a video conference in 2019.
PHOTO: JORG CARSTENSEN/AGENCE FRANCE-PRESSE/GETTY IMAGES



Donald Trump ran for President on wiping out the Islamic State and stopping China’s economic predations. Edward Snowden’s illegal disclosures weakened America’s defenses against foreign terrorists and boosted Beijing’s cyber-espionage against the U.S.

OPINION: POTOMAC WATCH
Trump Demands More Covid Money


SUBSCRIBE
So why are there murmurs that the President is considering a pardon for the unrepentant former National Security Agency (NSA) contractor, who stole over a million American national-security documents and absconded to Hong Kong and then Moscow?

In office Mr. Trump was stung repeatedly by grandiose government leakers who thought they stood above the democratic process. That description also fits Mr. Snowden, who never formally registered complaints about U.S. intelligence policies while contracting for the government, but has since made himself a celebrity with claims of moral righteousness.

But Mr. Trump seems to be in a mood to break things as his term comes to a close, and Mr. Snowden’s defenders have sought to appeal to the President’s suspicion of the U.S. intelligence agencies to entice him toward a midnight pardon. The likes of Roger Stone and Senator Rand Paul suggest that Mr. Snowden is a useful figure in Mr. Trump’s campaign against the intelligence establishment.


NEWSLETTER SIGN-UP
Opinion: Morning Editorial Report
All the day's Opinion headlines.

PREVIEW
SUBSCRIBED
It would be a travesty if the President fell for this. The victims of Snowden-style treachery are ordinary Americans, not Mr. Trump’s “deep state” foes. A pardon for Mr. Snowden’s behavior would invite more of it.

Mr. Trump has supported law enforcement, but if intelligence methods can be stolen with impunity, border security and drug enforcement would be weakened. Mr. Trump can boast of confronting China’s abuses, but Mr. Snowden stole information about NSA surveillance that protects Americans from Chinese military hacks.

Perhaps Mr. Trump thinks that only his critics in the security bureaucracies see Mr. Snowden as a traitor. But a 2016 report by Rep. Devin Nunes’s House Intelligence Committee detailed Mr. Snowden’s abuses, writing that “if the Russian or Chinese governments have access to this information, American troops will be at greater risk in any future conflict.” In 2014 then- Lt. Gen. Michael Flynn told Congress that “the greatest cost” from Mr. Snowden’s leaks would likely be “human lives on tomorrow’s battlefield.”

Mr. Trump divides the world into friends and enemies, and it’s true that officials in America’s intelligence apparatus have attacked him throughout his Presidency. The promotion of Trump-Russia conspiracies by the likes of former Director of National Intelligence James Clapper and former CIA Director John Brennan will undermine those agencies’ credibility with tens of millions of Americans for years.

If the President is persuaded to give Mr. Snowden a reprieve, their behavior will have helped create the political cover for him to do so. Yet the responsibility for betraying the security of the American people would rest on his shoulders alone.


Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 69122
    • View Profile
GPF: CIA's Jakarta Method
« Reply #724 on: June 02, 2021, 06:55:43 AM »
What We're Reading: Ugly History
Weekly reviews of what's on our bookshelves.
By: Phillip Orchard
The Jakarta Method
By Vincent Bevins

“The Jakarta Method” traces the evolution of U.S. Cold War anti-communist tactics in the Third World (his word, not mine, which, as he points out, was not originally a pejorative term). It does this primarily through the lens of Indonesia, which functioned as perhaps the foremost crucible of CIA experimentation and mass atrocity.

It's an ugly history, to put it mildly. The U.S. was never particularly good at or interested in distinguishing between the sorts of center-left, anti-imperialist movements that popped up all over the developing world following the collapse of colonialism and the tightly Soviet-aligned movements capable of truly threatening core U.S. interests. Nor was it particularly good at accurately gauging Soviet intentions and capabilities of pulling countries into its orbit. As often as not, the governments that ultimately sided with Moscow did so in order to keep CIA-backed enemies at bay.

More accurately, any whiff of leftism or non-alignment was deemed susceptible to metastasizing into Stalinism and therefore required extermination. (Unless, that is, it was the Khmer Rouge in Cambodia, whose anti-Vietnam stance earned it U.S. backing even after its members exterminated 20 percent of Cambodia's population. Center-left movements in Western Europe also tended to get a pass.)

What did evolve, though, were the CIA’s tactics. Humiliating, ham-fisted attempts to deal with leftist movements with direct force early on – e.g. the Bay of Pigs, bombings in Indonesia in 1958 – gave way to a strategy of more subtle manipulation, centered primarily on economic coercion, cooption of local oligarchs and military elites, and support for whatever methods they thought best suited for eliminating received communist threats once and for all. In Indonesia, after Suharto's takeover, this took the form of a staggering mass murder campaign that resulted in the deaths of around a million Indonesians, not to mention another few hundred thousand East Timorese. (See also: The wonderful and haunting documentary, “The Act of Killing.”) Again, it was ugly. But it evidently worked. Indonesia became a reliable U.S. ally for the remainder of the Cold War, and “the Jakarta method” was adopted as an anti-communist blueprint by governments across Southeast Asia, Africa and Latin America.







Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 69122
    • View Profile


Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 69122
    • View Profile

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 69122
    • View Profile

G M

  • Power User
  • ***
  • Posts: 26643
    • View Profile
Corrupt AND inept
« Reply #735 on: October 17, 2021, 07:53:49 AM »
https://www.thedrive.com/news/2821/cia-forgets-plastic-explosives-in-a-working-school-bus

Explains a lot, doesn’t it?

BTW, detection dogs used by US LE don’t use live explosives for training purposes. Why did the CIA?


Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 69122
    • View Profile
George Friedman: Intelligence and Love
« Reply #737 on: November 26, 2021, 05:58:39 AM »


November 26, 2021
View On Website
Open as PDF

    
Intelligence and Love
Thoughts in and around geopolitics.
By: George Friedman
In the Bible, Matthew 5:44 enjoins you to love your enemies. The Jewish Passover Seder begins with the words, “Remember Laban the Syrian who injured our father Jacob.” These passages would suggest that Christianity is a religion of peace and forgiveness, while Judaism is a religion of war. But ignoring the fact that Christianity can be as warlike as any other religion, and Judaism as pacific, the paradox here is this: The greatest weapon of war is intelligence – understanding the enemy, his intentions and his capabilities. Without intelligence, wars are lost. The Christian notion of loving your enemy is the foundation of intelligence, and therefore of war.

It’s been said that you cannot grasp the enemy’s intentions without understanding him. I would put it more radically: You must become him. You must see what he sees as he does, fear what he fears, lust after what he lusts after, and from this understand what he will do and how he will do it because, being him, it is what you would do and how you would do it. If you hate your enemy, the hatred will blur your vision, telling you things that you believe about him rather than the things he believes. Analysis is therefore a form of madness whereby you split yourself in two, merging one part with the enemy and stowing away part of yourself for safekeeping.

I thought of this dilemma after I wrote a recent piece called “Russia’s Move.” A few people wrote to me asserting that I did not mention the evil of Russian President Vladimir Putin or the primitive nature of Russian culture. The charges were true insofar as I excluded moral judgment. To understand Russia’s moves, I needed to see the situation as Putin or a Russian would. I am a Hungarian refugee whose family fled Soviet power, so my own view might comport with those of my critics. But I cannot permit myself the comfort of moral superiority. I must understand them as they understand themselves.

The idiosyncrasies of conflict are such that it’s rare to find leaders or warriors who think of themselves as evil. They think the others are evil. They think they are the protectors of decency. Adolf Hitler did not think he was immoral, nor did millions of others. Putin would say that the U.S. violated fundamental understandings with Russia made at the time of the fall of the Soviet Union and that the evil arrogance of the United States is responsible for all that has followed. He would say that the ruthless American actions of overthrowing a constitutionally elected president in Ukraine violated all norms of decency. This is not a hypothetical argument; it’s one that I’ve heard from numerous Russians.

If your goal is to defeat an enemy, you must first understand his nature fully, and you can’t do that if your goal is to feel morally superior. The question of who is worse might make for a worthwhile conversation in a Viennese coffee shop, where you will always prove your superiority to your own satisfaction, but it does not win wars. I have had to put myself in the place of many leaders and nations at various times. And in embracing them, I found none who thought they were evil.

Here’s another example. Not so long ago, the Japanese invaded China. The U.S. demanded that the Japanese withdraw from China. Japan refused. Washington proceeded to freeze Japanese assets in the United States, interfered with Tokyo’s ability to buy oil, and sought to cripple its economy. The Japanese concluded that if they compromised, they would be permanently subservient to the U.S. They went to war believing that the United States started the war.

The debate of who was in the right and who wasn’t is a subject for moralists. The American problem is that it did not anticipate what Japan would do and was therefore surprised at Pearl Harbor. It was surprised because it saw Japan as evil, not as it saw itself. The U.S. could not predict that Japan would choose war and did not imagine its people were brave and bright enough to hit Pearl Harbor. U.S. intelligence analysts didn’t understand the fear the U.S. engendered or how recklessly the U.S. was acting. Washington therefore failed to avoid war or at least failed to control its opening. It’s true that Japan committed atrocities in China. But in concentrating on how evil and stupidly wicked the Japanese were, the U.S. failed to imagine the possibility of American defeat.

So whether Putin is good or evil is a nice conversation to have. But if you want a sense of what he might be thinking, start with the fact that he doesn’t think he is evil and grasp what he is afraid of and confident in. Empathize with him. He is a former KGB officer and a patriot who watched his country collapse and be treated with disdain. Feel the pain he feels and then grasp how intelligent he is. Then it is possible you might catch a glimpse of his next move.

Analysts must bury themselves in the countries and leaders they’re dealing with. It’s their job to know the leader’s mind, and to do that, passages like Matthew 5:44 are essential. Loving your enemy is the means to destroy him. Hating him blinds you to his fundamental strength: the fact that he believes deeply in his virtue. And if you don’t understand the pride and patriotism of someone like Putin, you will never contain him.

The public will inevitably draw moral judgments. It will make clever counters difficult but not impossible. But if the people charged with predicting the actions of nations succumb to the pleasures of moral judgment, then all is lost. There is no one I regard as more evil than Hitler, and I have probably spent more time in his head than in anyone else’s. I had to understand him, and that meant I had to feel what it meant to be him. I had to imagine the Western Front in World War I, his capture of a group of French soldiers single-handedly, the award of the Iron Cross, and then German capitulation. Imagine risking your life so others could surrender while you lay blinded by poison gas in a hospital. In “The Old Man and the Sea,” Ernest Hemingway’s title character said, “Fish, I love you and respect you very much. But I will kill you dead before this day ends.” That is the strange logic of analysis.


Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 69122
    • View Profile
GPF: The impact of the Uke War on Russki espionage, part one
« Reply #739 on: April 15, 2022, 04:31:14 PM »
The Impact of the Ukraine War on Russian Espionage in Europe, Part I
undefined and Director of Analysis at RANE
Sam Lichtenstein
Director of Analysis at RANE, Stratfor
14 MIN READApr 15, 2022 | 14:35 GMT





Police on April 8, 2022 guard the Russian Embassy in Helsinki, Finland. Amid the intense global media coverage of the military conflict in Ukraine, another battle is being waged largely in the shadows: Russia's spy network across Europe is being decimated.
Police on April 8, 2022 guard the Russian Embassy in Helsinki, Finland.

(JUSSI NUKARI/Lehtikuva/AFP via Getty Images)

Amid the intense global media coverage of the military conflict in Ukraine, another battle is being waged largely in the shadows: Russia's spy network across Europe is being decimated. In a statement on April 11, French authorities announced that they had uncovered an unspecified "clandestine operation" being carried out by "six Russian agents under diplomatic cover" who officials said would be removed from the country. The statement came shortly after a series of coordinated moves the week before in response to alleged Russian war crimes in Bucha, Ukraine, when multiple European countries and the European Union itself said they would expel nearly 270 Russian diplomats they implicitly or explicitly accused of being spies.

Their announcements came after similar statements from a host of other European countries that had already flagged more than 150 Russian diplomats for expulsion since the invasion of Ukraine in February. With varying degrees of specificity regarding alleged espionage, each country said the diplomats being expelled had violated the terms of their diplomatic status. Cumulatively, this wave (which will all but certainly grow) is by far the largest mass diplomatic expulsion in history, more than doubling the approximately 150 Russian diplomats Western countries expelled in 2018 — at the time, the largest expulsion since the Cold War — following the poisoning of former Russian intelligence officer Sergei Skripal in the United Kingdom.

While unprecedented in scale, the expulsions are unsurprising. Last April, a former British spy chief estimated that only a tenth of Russian spy operations in Europe have been uncovered, and in June the head of Germany's domestic intelligence agency told an interviewer that Russian espionage on German soil had reached Cold War levels. These represent just a small fraction of the steady drumbeat of warnings from Western intelligence services over increasingly frequent and flagrant Russian espionage operations in Europe that until now had not faced serious European pushback. Just as Russia's invasion of Ukraine has reinvigorated European defense planning, it also appears to have finally forced a reckoning over Russian espionage. But while the mass removal of alleged spies is undoubtedly a major setback to the Kremlin's spying activities in Europe, there are undoubtedly limitations and trade-offs in effectiveness that we will explore in this first part of a two-part series.

Persona Non Grata
More than most countries, Russia uses its foreign embassies and consulates not merely to conduct diplomacy, but to pursue espionage. As is widely acknowledged and alluded to in France's April 11 statement, some diplomats work under "official cover," in which they operate under diplomatic immunity doing ostensibly legitimate work, but then either in tandem or wholly in place of that also work as spies. Contrary to most action movies, the vast majority of this work does not involve car chases through city streets, but instead crucial human intelligence, or "humint," work like recruiting and handling assets, facilitating and overseeing various in-country operations, and sending constant intelligence updates back home.

Even for Russia, whose intelligence services are vast and capable, the loss of more than 400 officers will undoubtedly complicate and in some cases cripple its humint efforts in Europe. This is particularly the case as some countries — like Estonia, Latvia and Lithuania — have not merely kicked out Russian spies, but also closed some of the Russian consular offices from which they operate. Others, like Slovakia and Slovenia, have capped the number of Russian personnel allowed at diplomatic facilities, meaning that Russia cannot simply send replacements for expelled personnel. To give a sense of scale, according to the Czech Republic, which had already expelled dozens of Russian diplomats last year after public revelations of Russian sabotage in the country in 2014, there are now just six Russian diplomats in Prague, down from more than 100 this time last year.

Not only will Russia be forced to draw on far fewer spies, but those who do remain under diplomatic cover in Europe will have to act much more carefully, especially because they will presumably face even more intense scrutiny from local security services. Last month, even before the most recent and largest wave of expulsions, Belgian authorities said they had observed a decrease in Russian spying ahead of a coordinated set of NATO, EU and G-7 meetings in Brussels. "They are less active, they have become more cautious and observe a lot of the security rules," a Belgian security spokesperson said of Russian spies' recent activities.

This may also have to do with another related challenge for Russian spies: a collapse in morale, not only within their ranks but also among their recruited assets. While it is very hard to verify reports of discontent within Russian security services over the country's campaign in Ukraine, presumably at least some spies deployed in Europe have serious misgivings, especially because they are exposed to Western news and lifestyles. Even if they still believe the Kremlin's narrative, they may resent the way in which President Vladimir Putin has publicly dressed down his security chiefs (their bosses), and they are likely closely monitoring rampant reports of mass firings within military and intelligence agencies. Regardless of veracity, these accounts can make spies less motivated to do their work, a challenge that may also befall Russian assets in Europe. While some individuals will continue to pass information to Russian handlers no matter what happens, it is safe to assume that others may be questioning their activities. After all, even if they're not appalled by Russian activities in Ukraine, seeing reports of mass diplomatic expulsions leads to an obvious question: Will I be found next?

As a final complication, those spies who do remain may make tempting targets for European recruitment as double agents. Even if they're not pro-Western ideologues, they also very well may blame the Kremlin for tarnishing Russia's reputation and causing the mass expulsion of their colleagues. In fact, during the Cold War, many of the West's greatest successes "turning" Russian spies were people who had a strong sense of Russian nationalism but felt their leaders were leading their country toward calamity. Even the mere suggestion that some personnel may be targets for recruitment by Western security services could cause distrust within the ranks of Russia's spy network and force Russian personnel to spend more time monitoring each other than conducting operations. In what is a remarkable example of online trolling, in recent weeks the FBI has been sending geolocated targeted advertisements near the Russian Embassy in Washington urging personnel there to provide information to U.S. authorities.

Russians NOC-ing at the Door
Nonetheless, these impacts will diminish over time. For one thing, spies can be replaced. While it is true that some countries have taken steps to make this harder, precedent indicates that Russia will send replacements, requiring European security services to once again try to work out who is a legitimate cultural attaché or first secretary and who is a spy. Certainly, this game of musical chairs will not enable new personnel to merely pick up where their expelled comrades left off. For instance, cover stories will need to be created and assets will need to be turned over to new handlers. But ultimately a strong espionage network like Russia's will be sufficiently resilient to withstand the loss of personnel, even when numbering in the hundreds. This is particularly true in Europe, where freedom of movement makes it simple for spies in one country to conduct operations in another. This means it will be easier for Russia to exploit more permissive operating environments in the bloc to base its regional espionage activities. Hungary, for instance, is a notable EU outlier in not dismissing any Russian personnel.

Moreover, no matter the loss of Russian spies on the ground, the value of humint comes much more from the access of recruited assets than the talents of the handlers overseeing them. Even if some assets may be questioning their cooperation with Russian intelligence services, the four frequently cited reasons for agreeing to pass information — money, ideology, coercion, and ego (known more frequently by the acronym MICE) — can be powerful motivators. Moreover, those who have long served as Russian assets presumably already understand the type of government for which they are working, having seen repeated prior acts of Russian brutality. Furthermore, while some assets may worry about being detected by their country's security services and therefore seek to end their activities, Russian spies have a powerful retort: if you stop cooperating, you don't have to worry about your own security services finding you because we will expose you to them (or do worse). Unlike Russian diplomats under official cover who only need to worry about being sent home, recruited assets are therefore somewhat trapped: either continue to pass information or stop but at the risking of facing jail time, blackmail, or even violence — not an unreasonable concern given Russia's track record of targeted assassinations on foreign soil.

Adding to the resilience of Russian espionage operations — but cognizant that estimating these things is inherently difficult — Russia is, with the possible exception of China, probably the most prolific user of spies who operate under "non-official cover" (commonly known as NOCs). Unlike officially accredited diplomats who have immunity and operate out of embassies and consulates, NOCs do not have a publicly known, direct link to their home government and lack an official cover story to hide their intentions. Although this means they are more vulnerable if discovered, they are also much more difficult to identify in the first place. This means they will also remain in Europe, despite the mass expulsions. While Americans may be familiar with so-called Russian "illegals" (popularized by the fictionalized television show "The Americans" and the real-life arrests in 2010 of 10 Russian NOCs who posed as ordinary citizens), Russia is believed to use a much wider array of NOCs in Western countries.

By posing as everyday citizens, NOCs by definition may be able to access information diplomatic spies under official cover cannot obtain. To be sure, developing an effective NOC is a time-consuming, challenging task. Moreover, given that they lead ostensibly normal lives, much of the information they acquire may be seemingly benign. Even non-classified information, however, can be valuable, and their jobs may afford them unique abilities to carry out various espionage activities. For instance, in one of the rare recent incidents in which a Russian NOC was successfully prosecuted in the West, in 2016 Evgeny Buryakov plead guilty in exchange for a reduced sentence for being part of a conspiracy in which he operated under the cover of being an employee at the New York office of the Russian state-owned development bank Vnesheconombank. During his tenure, Buryakov helped two Russian diplomatic spies under official cover recruit local assets and gather information about U.S. sanctions on Russia, efforts to develop alternative energy sources and sensitive financial industry data.

While Buryakov was mainly an information provider (though he did make some operational suggestions, including for a clandestine information warfare campaign targeting Canada), other NOCs can cause much more damage. In a now-infamous case, in 2018 the two Russian intelligence officers who poisoned Sergei Skripal in Salisbury, England, posed as tourists. While notable in that the would-be assassins were later identified after showing some sloppy tradecraft, the operation also showed just how easy it can be for NOCs to move throughout Europe and return home safely to Russia. A string of other suspected Russian targeted hits, sabotage efforts and other espionage operations in Europe is testament to this. And despite their identities being compromised and scores of Russian diplomats under official cover being expelled from Western countries, brazen Russian operations on European soil did not stop, such as the slaying in broad daylight of an ethnic Chechen, Georgian national in a Berlin park just over a year after the attempted killing of Skripal.

Even when not carrying out hits, NOCs can still make major operational contributions, especially when it comes to handling recruited assets who may now be without their Russian handlers. Given that in-person meetings are by no means the primary form of communication (a trend the pandemic has accelerated for spies, just as it has for regular workers), NOCs should be able to relatively easily rely on clandestine communication methods, such as encrypted mobile communications apps or "dead drops" (where individuals leave pass items and/or messages at a secret location to avoid directly meeting) to help communicate as they cover for their expelled comrades.

As in the cases of Buryakov and the assassins, some Russian NOCs may be willing conspirators, but others may be coerced. Russian intelligence officers are widely suspected of pressuring citizens or people of Russian heritage abroad to work for them. This is generally believed to occur when Russian spies pressure their marks through some sort of personal "kompromat" or a threat to their family and/or friends back home in Russia. Unsurprisingly, by definition verifiable accounts of these activities are rare, but there are sufficiently plausible rumors to assume Russia can also lean on this cohort to help make up for the mass expulsions.

In other cases, no coercion is needed. Russian intelligence services are well-known for working with sympathetic members of Russian communities abroad to exploit their established position in country to report information back to Moscow and even conduct operations on their own, such as generating protests to spur social unrest. At a minimum, they can help lay the groundwork for deployed operatives to arrive. For instance, mysterious explosions in 2014 at Czech ammunition storage facilities — which gained attention last year when new evidence emerged implicating Russia and, more specifically, the two Salisbury "tourists" — could not have occurred without some sort of on-the-ground assistance, be it to provide advance site surveillance, local housing or other supporting activities.

There are even concerns that, just as diplomats under official cover are getting expelled, Russia may be exploiting the outflow of Ukrainian refugees to infiltrate saboteurs. Although for now more of a hypothetical rather than verified concern, doing so would certainly fit within the Kremlin's playbook (similar concerns arose in the second half of last year when Belarus engineered a migrant crisis to pressure the European Union) and illustrates the many creative ways to insert Russian personnel into Europe. To this end, the sheer number of Russian-speaking Ukrainians fleeing to the West and the large number of Russians who have fled Russia since the start of the war will create large anti-Putin diaspora communities where NOCs may be able to hide.

A 20th Century Response to a 21st Century Problem
No matter how NOCs and others are operationalized, they offer Moscow flexibility when its spies under official cover are sent home because NOCs and other sympathizers will remain in country or can be brought in from elsewhere to pick up some of the slack. To be sure, this is an imperfect solution; after all, NOCs can't just show up at the nearest Russian embassy or consulate. But as seen, they can certainly help limit the negative impact of expulsions on espionage activity — and in some cases are even more attractive for spy work because, given their lack of clear ties back to Moscow, their activities enjoy at least some plausible deniability.

Ultimately, however, the resilience of Russia's espionage efforts in Europe will be determined not by its humint operations, but by Russian intelligence services' ability to adapt to the changing realities of spying in the modern era. In this respect, the response of European governments to expel hundreds of Russian spies, while notable and ultimately still important, may not be going after the most important targets — something we turn to in part two of the series.

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 69122
    • View Profile
GPF: The impact of the Uke war on Russki espionage in Europe, Part 1
« Reply #740 on: April 16, 2022, 12:31:40 PM »
The Impact of the Ukraine War on Russian Espionage in Europe, Part I
undefined and Director of Analysis at RANE
Sam Lichtenstein
Director of Analysis at RANE, Stratfor
14 MIN READApr 15, 2022 | 14:35 GMT





Police on April 8, 2022 guard the Russian Embassy in Helsinki, Finland. Amid the intense global media coverage of the military conflict in Ukraine, another battle is being waged largely in the shadows: Russia's spy network across Europe is being decimated.
Police on April 8, 2022 guard the Russian Embassy in Helsinki, Finland.

(JUSSI NUKARI/Lehtikuva/AFP via Getty Images)

Amid the intense global media coverage of the military conflict in Ukraine, another battle is being waged largely in the shadows: Russia's spy network across Europe is being decimated. In a statement on April 11, French authorities announced that they had uncovered an unspecified "clandestine operation" being carried out by "six Russian agents under diplomatic cover" who officials said would be removed from the country. The statement came shortly after a series of coordinated moves the week before in response to alleged Russian war crimes in Bucha, Ukraine, when multiple European countries and the European Union itself said they would expel nearly 270 Russian diplomats they implicitly or explicitly accused of being spies.

Their announcements came after similar statements from a host of other European countries that had already flagged more than 150 Russian diplomats for expulsion since the invasion of Ukraine in February. With varying degrees of specificity regarding alleged espionage, each country said the diplomats being expelled had violated the terms of their diplomatic status. Cumulatively, this wave (which will all but certainly grow) is by far the largest mass diplomatic expulsion in history, more than doubling the approximately 150 Russian diplomats Western countries expelled in 2018 — at the time, the largest expulsion since the Cold War — following the poisoning of former Russian intelligence officer Sergei Skripal in the United Kingdom.

While unprecedented in scale, the expulsions are unsurprising. Last April, a former British spy chief estimated that only a tenth of Russian spy operations in Europe have been uncovered, and in June the head of Germany's domestic intelligence agency told an interviewer that Russian espionage on German soil had reached Cold War levels. These represent just a small fraction of the steady drumbeat of warnings from Western intelligence services over increasingly frequent and flagrant Russian espionage operations in Europe that until now had not faced serious European pushback. Just as Russia's invasion of Ukraine has reinvigorated European defense planning, it also appears to have finally forced a reckoning over Russian espionage. But while the mass removal of alleged spies is undoubtedly a major setback to the Kremlin's spying activities in Europe, there are undoubtedly limitations and trade-offs in effectiveness that we will explore in this first part of a two-part series.

Persona Non Grata

More than most countries, Russia uses its foreign embassies and consulates not merely to conduct diplomacy, but to pursue espionage. As is widely acknowledged and alluded to in France's April 11 statement, some diplomats work under "official cover," in which they operate under diplomatic immunity doing ostensibly legitimate work, but then either in tandem or wholly in place of that also work as spies. Contrary to most action movies, the vast majority of this work does not involve car chases through city streets, but instead crucial human intelligence, or "humint," work like recruiting and handling assets, facilitating and overseeing various in-country operations, and sending constant intelligence updates back home.

Even for Russia, whose intelligence services are vast and capable, the loss of more than 400 officers will undoubtedly complicate and in some cases cripple its humint efforts in Europe. This is particularly the case as some countries — like Estonia, Latvia and Lithuania — have not merely kicked out Russian spies, but also closed some of the Russian consular offices from which they operate. Others, like Slovakia and Slovenia, have capped the number of Russian personnel allowed at diplomatic facilities, meaning that Russia cannot simply send replacements for expelled personnel. To give a sense of scale, according to the Czech Republic, which had already expelled dozens of Russian diplomats last year after public revelations of Russian sabotage in the country in 2014, there are now just six Russian diplomats in Prague, down from more than 100 this time last year.

Not only will Russia be forced to draw on far fewer spies, but those who do remain under diplomatic cover in Europe will have to act much more carefully, especially because they will presumably face even more intense scrutiny from local security services. Last month, even before the most recent and largest wave of expulsions, Belgian authorities said they had observed a decrease in Russian spying ahead of a coordinated set of NATO, EU and G-7 meetings in Brussels. "They are less active, they have become more cautious and observe a lot of the security rules," a Belgian security spokesperson said of Russian spies' recent activities.

This may also have to do with another related challenge for Russian spies: a collapse in morale, not only within their ranks but also among their recruited assets. While it is very hard to verify reports of discontent within Russian security services over the country's campaign in Ukraine, presumably at least some spies deployed in Europe have serious misgivings, especially because they are exposed to Western news and lifestyles. Even if they still believe the Kremlin's narrative, they may resent the way in which President Vladimir Putin has publicly dressed down his security chiefs (their bosses), and they are likely closely monitoring rampant reports of mass firings within military and intelligence agencies. Regardless of veracity, these accounts can make spies less motivated to do their work, a challenge that may also befall Russian assets in Europe. While some individuals will continue to pass information to Russian handlers no matter what happens, it is safe to assume that others may be questioning their activities. After all, even if they're not appalled by Russian activities in Ukraine, seeing reports of mass diplomatic expulsions leads to an obvious question: Will I be found next?

As a final complication, those spies who do remain may make tempting targets for European recruitment as double agents. Even if they're not pro-Western ideologues, they also very well may blame the Kremlin for tarnishing Russia's reputation and causing the mass expulsion of their colleagues. In fact, during the Cold War, many of the West's greatest successes "turning" Russian spies were people who had a strong sense of Russian nationalism but felt their leaders were leading their country toward calamity. Even the mere suggestion that some personnel may be targets for recruitment by Western security services could cause distrust within the ranks of Russia's spy network and force Russian personnel to spend more time monitoring each other than conducting operations. In what is a remarkable example of online trolling, in recent weeks the FBI has been sending geolocated targeted advertisements near the Russian Embassy in Washington urging personnel there to provide information to U.S. authorities.

Russians NOC-ing at the Door

Nonetheless, these impacts will diminish over time. For one thing, spies can be replaced. While it is true that some countries have taken steps to make this harder, precedent indicates that Russia will send replacements, requiring European security services to once again try to work out who is a legitimate cultural attaché or first secretary and who is a spy. Certainly, this game of musical chairs will not enable new personnel to merely pick up where their expelled comrades left off. For instance, cover stories will need to be created and assets will need to be turned over to new handlers. But ultimately a strong espionage network like Russia's will be sufficiently resilient to withstand the loss of personnel, even when numbering in the hundreds. This is particularly true in Europe, where freedom of movement makes it simple for spies in one country to conduct operations in another. This means it will be easier for Russia to exploit more permissive operating environments in the bloc to base its regional espionage activities. Hungary, for instance, is a notable EU outlier in not dismissing any Russian personnel.

Moreover, no matter the loss of Russian spies on the ground, the value of humint comes much more from the access of recruited assets than the talents of the handlers overseeing them. Even if some assets may be questioning their cooperation with Russian intelligence services, the four frequently cited reasons for agreeing to pass information — money, ideology, coercion, and ego (known more frequently by the acronym MICE) — can be powerful motivators. Moreover, those who have long served as Russian assets presumably already understand the type of government for which they are working, having seen repeated prior acts of Russian brutality. Furthermore, while some assets may worry about being detected by their country's security services and therefore seek to end their activities, Russian spies have a powerful retort: if you stop cooperating, you don't have to worry about your own security services finding you because we will expose you to them (or do worse). Unlike Russian diplomats under official cover who only need to worry about being sent home, recruited assets are therefore somewhat trapped: either continue to pass information or stop but at the risking of facing jail time, blackmail, or even violence — not an unreasonable concern given Russia's track record of targeted assassinations on foreign soil.

Adding to the resilience of Russian espionage operations — but cognizant that estimating these things is inherently difficult — Russia is, with the possible exception of China, probably the most prolific user of spies who operate under "non-official cover" (commonly known as NOCs). Unlike officially accredited diplomats who have immunity and operate out of embassies and consulates, NOCs do not have a publicly known, direct link to their home government and lack an official cover story to hide their intentions. Although this means they are more vulnerable if discovered, they are also much more difficult to identify in the first place. This means they will also remain in Europe, despite the mass expulsions. While Americans may be familiar with so-called Russian "illegals" (popularized by the fictionalized television show "The Americans" and the real-life arrests in 2010 of 10 Russian NOCs who posed as ordinary citizens), Russia is believed to use a much wider array of NOCs in Western countries.

By posing as everyday citizens, NOCs by definition may be able to access information diplomatic spies under official cover cannot obtain. To be sure, developing an effective NOC is a time-consuming, challenging task. Moreover, given that they lead ostensibly normal lives, much of the information they acquire may be seemingly benign. Even non-classified information, however, can be valuable, and their jobs may afford them unique abilities to carry out various espionage activities. For instance, in one of the rare recent incidents in which a Russian NOC was successfully prosecuted in the West, in 2016 Evgeny Buryakov plead guilty in exchange for a reduced sentence for being part of a conspiracy in which he operated under the cover of being an employee at the New York office of the Russian state-owned development bank Vnesheconombank. During his tenure, Buryakov helped two Russian diplomatic spies under official cover recruit local assets and gather information about U.S. sanctions on Russia, efforts to develop alternative energy sources and sensitive financial industry data.

While Buryakov was mainly an information provider (though he did make some operational suggestions, including for a clandestine information warfare campaign targeting Canada), other NOCs can cause much more damage. In a now-infamous case, in 2018 the two Russian intelligence officers who poisoned Sergei Skripal in Salisbury, England, posed as tourists. While notable in that the would-be assassins were later identified after showing some sloppy tradecraft, the operation also showed just how easy it can be for NOCs to move throughout Europe and return home safely to Russia. A string of other suspected Russian targeted hits, sabotage efforts and other espionage operations in Europe is testament to this. And despite their identities being compromised and scores of Russian diplomats under official cover being expelled from Western countries, brazen Russian operations on European soil did not stop, such as the slaying in broad daylight of an ethnic Chechen, Georgian national in a Berlin park just over a year after the attempted killing of Skripal.

Even when not carrying out hits, NOCs can still make major operational contributions, especially when it comes to handling recruited assets who may now be without their Russian handlers. Given that in-person meetings are by no means the primary form of communication (a trend the pandemic has accelerated for spies, just as it has for regular workers), NOCs should be able to relatively easily rely on clandestine communication methods, such as encrypted mobile communications apps or "dead drops" (where individuals leave pass items and/or messages at a secret location to avoid directly meeting) to help communicate as they cover for their expelled comrades.

As in the cases of Buryakov and the assassins, some Russian NOCs may be willing conspirators, but others may be coerced. Russian intelligence officers are widely suspected of pressuring citizens or people of Russian heritage abroad to work for them. This is generally believed to occur when Russian spies pressure their marks through some sort of personal "kompromat" or a threat to their family and/or friends back home in Russia. Unsurprisingly, by definition verifiable accounts of these activities are rare, but there are sufficiently plausible rumors to assume Russia can also lean on this cohort to help make up for the mass expulsions.

In other cases, no coercion is needed. Russian intelligence services are well-known for working with sympathetic members of Russian communities abroad to exploit their established position in country to report information back to Moscow and even conduct operations on their own, such as generating protests to spur social unrest. At a minimum, they can help lay the groundwork for deployed operatives to arrive. For instance, mysterious explosions in 2014 at Czech ammunition storage facilities — which gained attention last year when new evidence emerged implicating Russia and, more specifically, the two Salisbury "tourists" — could not have occurred without some sort of on-the-ground assistance, be it to provide advance site surveillance, local housing or other supporting activities.

There are even concerns that, just as diplomats under official cover are getting expelled, Russia may be exploiting the outflow of Ukrainian refugees to infiltrate saboteurs. Although for now more of a hypothetical rather than verified concern, doing so would certainly fit within the Kremlin's playbook (similar concerns arose in the second half of last year when Belarus engineered a migrant crisis to pressure the European Union) and illustrates the many creative ways to insert Russian personnel into Europe. To this end, the sheer number of Russian-speaking Ukrainians fleeing to the West and the large number of Russians who have fled Russia since the start of the war will create large anti-Putin diaspora communities where NOCs may be able to hide.

A 20th Century Response to a 21st Century Problem

No matter how NOCs and others are operationalized, they offer Moscow flexibility when its spies under official cover are sent home because NOCs and other sympathizers will remain in country or can be brought in from elsewhere to pick up some of the slack. To be sure, this is an imperfect solution; after all, NOCs can't just show up at the nearest Russian embassy or consulate. But as seen, they can certainly help limit the negative impact of expulsions on espionage activity — and in some cases are even more attractive for spy work because, given their lack of clear ties back to Moscow, their activities enjoy at least some plausible deniability.

Ultimately, however, the resilience of Russia's espionage efforts in Europe will be determined not by its humint operations, but by Russian intelligence services' ability to adapt to the changing realities of spying in the modern era. In this respect, the response of European governments to expel hundreds of Russian spies, while notable and ultimately still important, may not be going after the most important targets — something we turn to in part two of the series.


Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 69122
    • View Profile
James Rosen: FBI tried ambushing my source(s)
« Reply #742 on: June 06, 2022, 12:17:41 PM »
Haven't read the whole thing, but my first reaction is "Of course they did!  Your sources were breaking the law!"

https://theintercept.com/2022/06/03/fbi-ambush-leak-reporter-source/?utm_medium=email&utm_source=The%20Intercept%20Newsletter

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 69122
    • View Profile




Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 69122
    • View Profile
Intel Matters Germany
« Reply #747 on: October 19, 2022, 01:09:16 PM »
New: Germany just sacked its cybersecurity chief because of his allegedly close ties to Russian intelligence, Germany's Deutsche Presse-Agentur reported Tuesday. His name is Arne Schönbohm, and since 2016 he's been in charge of Berlin's Federal Office for Information Security. But before taking that role, he'd helped start an advisory firm known as the Cyber Security Council Germany back in 2012; that council included a company called Protelion, "which was a subsidiary of a Russian firm reportedly established by a former member of the KGB," the BBC reports. Protelion was ejected from that council last week—three days after a late-night satirical news show, "ZDF Magazin Royale," highlighted Schönbohm's prior links to the council.

Berlin's Interior Ministry said Schönbohm is presumed innocent, but cited a loss of trust in his judgment, according to the BBC; it also promised a "thorough and vigorous" investigation into the allegations.

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 69122
    • View Profile
CIA pooh bah on how we think
« Reply #748 on: December 18, 2022, 07:58:19 AM »

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 69122
    • View Profile
FA: Open Secrets
« Reply #749 on: December 22, 2022, 09:24:57 AM »
https://www.foreignaffairs.com/world/open-secrets-ukraine-intelligence-revolution-amy-zegart?utm_medium=newsletters&utm_source=fatoday&utm_campaign=Open%20Secrets&utm_content=20221222&utm_term=FA%20Today%20-%20112017

Open Secrets
Ukraine and the Next Intelligence Revolution
By Amy Zegart
January/February 2023

Rob Dobi
Sign in and save to read later
Print this article
Send by email
Share on Twitter
Share on Facebook
Share on LinkedIn
Get a link
Page url
https://www.foreignaffairs.com/world/open-secrets-ukraine-intelligence-revolution-amy-zegart
Get Citation
Request Reprint Permissions
Download Article
Russia’s invasion of Ukraine has been a watershed moment for the world of intelligence. For weeks before the shelling began, Washington publicly released a relentless stream of remarkably detailed findings about everything from Russian troop movements to false-flag attacks the Kremlin would use to justify the invasion.

This disclosure strategy was new: spy agencies are accustomed to concealing intelligence, not revealing it. But it was very effective. By getting the truth out before Russian lies took hold, the United States was able to rally allies and quickly coordinate hard-hitting sanctions. Intelligence disclosures set Russian President Vladimir Putin on his back foot, wondering who and what in his government had been penetrated so deeply by U.S. agencies, and made it more difficult for other countries to hide behind Putin’s lies and side with Russia.

The disclosures were just the beginning. The war has ushered in a new era of intelligence sharing between Ukraine, the United States, and other allies and partners, which has helped counter false Russian narratives, defend digital systems from cyberattacks, and assisted Ukrainian forces in striking Russian targets on the battlefield. And it has brought to light a profound new reality: intelligence isn’t just for government spy agencies anymore.

Stay informed.
In-depth analysis delivered weekly.
Over the past year, private citizens and groups have been tracking what Russia is planning and doing in ways that were unimaginable in earlier conflicts. Journalists have reported battlefield developments using imagery from commercial space satellites. Former government and military officials have been monitoring on-the-ground daily events and offering over-the-horizon analyses about where the war is headed on Twitter. A volunteer team of students at Stanford University, led by former U.S. Army and open-source imagery analyst Allison Puccioni, has been providing reports to the United Nations about Russian human rights atrocities in Ukraine—uncovering and verifying events using commercial-satellite thermal and electro-optical imaging, TikTok videos, geolocation tools, and more. At the Institute for the Study of War, a go-to source for military experts and analysts, researchers have even created an interactive map of the conflict based entirely on unclassified, or open-source, intelligence.

Technological advances have been central to this evolution. It is, after all, the Internet, social media, satellites, automated analytics, and other breakthroughs that have enabled civilians to collect, analyze, and disseminate intelligence. But although new technologies have helped shine a light on Russian military activity, their effects are far from uniformly positive. For the 18 agencies that make up the U.S. intelligence community, new technologies are creating more threats at a far faster rate. They are dramatically increasing the amount of data that analysts must process. They are giving companies and individual citizens a newfound need for intelligence, so that these private entities can help safeguard the country’s interests. And they are giving new intelligence capabilities to organizations and individuals outside the U.S. government, as well as to more countries. 

These shifts have been years in the making, and intelligence leaders are working hard to adapt to them. But anticipating the future in the new tech era demands more. Washington must embrace wholesale changes in order to understand and harness emerging technologies. It must, in particular, get serious about creating a new agency dedicated to open-source intelligence. Otherwise, the U.S. intelligence community will fall behind, leaving Americans more vulnerable to catastrophic surprises.

BRAVE NEW WORLD
When the Central Intelligence Agency was created, in 1947, the world was in an unusually precarious place. The allies had won World War II, but Soviet troops already threatened Europe. Repressive regimes were on the rise, democracies were weary and weak, and the international system was dividing into free spheres and illiberal ones. Amid this intensifying uncertainty and anxiety, the United States was called to lead a new global order. U.S. policymakers realized that they needed new capabilities for this role, including better intelligence. Centralizing intelligence in a new agency, they thought, would deliver timely insights about the future to prevent the next Pearl Harbor and win the Cold War.

In many ways, the present looks eerily similar to those early postwar years. The dog-eat-dog world of strong states using brute force to get what they want has returned. An authoritarian leader in Moscow is invading neighbors and again menacing all of Europe. Once more, democracies are looking fragile. The United States and its allies are engaged in yet another great-power competition—this time with China, a country whose rise looks less peaceful by the day, with its crackdowns on freedoms in Hong Kong, belligerent rhetoric about retaking Taiwan, and provocative military exercises that encircled the island. Even Marxism-Leninism is making a comeback. In China’s carefully choreographed 20th Party Congress, President Xi Jinping made it clear to party officials that ideology and personal loyalty were more important than continued economic liberalization. In case anyone missed the message, Xi’s economic reform-minded predecessor, Hu Jintao, was pulled from his chair and escorted out of party proceedings, perp-walk style, in full view of the press.

But looks can be deceiving. Thanks to technological innovations, the challenges of today differ greatly from postwar ones. Emerging technologies are transforming the planet in an unprecedented fashion and at an unprecedented pace. Together, inventions are making the world far more interconnected and altering the determinants of geopolitical advantage in fundamental ways. Increasingly, emerging technologies and data are major sources of national power, and they are intangible, harder to see and understand, and often created and controlled by companies, not governments. For the CIA and other intelligence agencies, understanding the geopolitical dangers and dynamics of the twenty-first century will likely be much harder than it was in the twentieth.

A woman taking a selfie near a Russian military helicopter, Horlivka Raion, Ukraine, September 2022
Near a Russian military helicopter, Horlivka Raion, Ukraine, September 2022
Alexander Ermochenko / Reuters
Consider the Internet. In the mid-1990s, less than one percent of the global population was online. Now sixty-six percent of the world is connected, from the far reaches of the Arctic to Bedouin tents in the desert. In the last three years alone, more than a billion more people have come online. This connectivity has already transformed global politics, for better and for worse. Social media has fueled protests against autocracies, such as the Arab Spring and Hong Kong’s Umbrella Movement. But it has also empowered a new wave of government techno-surveillance led by Beijing and has enabled Russia’s massive disinformation operations to influence elections and undermine democracies from within.

Digital connectivity is not the only technology upending the world order. Artificial intelligence is disrupting nearly every industry—from medicine to trucking—to the point that one expert now estimates AI could eliminate up to 40 percent of jobs worldwide in the next 25 years. It is changing how wars are fought, automating everything from logistics to cyberdefenses. It is even making it possible for states to build unmanned fighter jets that could overwhelm defenses with swarms and maneuver faster and better than human pilots. Little wonder, then, that Russian President Vladimir Putin has declared that whoever leads in AI development “will become the ruler of the world.” China has also made no secret of its plans to become the global AI leader by 2030.

Technological breakthroughs are also making it far easier for anyone—including weak states and terrorist groups—to detect events unfolding on earth from space. Commercial satellite capabilities have increased dramatically, offering eyes in the sky for anyone who wants them. Satellite launches more than doubled between 2016 and 2018; now, more than 5,000 satellites circle the earth, some no larger than a loaf of bread. Commercial satellites have less sophisticated sensing capabilities than do their spying counterparts, but civilian technologies are rapidly improving. Some commercial satellites now have resolutions so sharp that they can identify manhole covers, signs, and even road conditions. Others have the ability to detect radio frequency emissions; observe vehicle movements and nuclear cooling plumes; and operate at night, in cloudy weather, or through dense vegetation and camouflage. Constellations of small satellites can revisit the same location multiple times a day to detect changes over short periods—something that was once impossible. All these changes are leveling the intelligence playing field, and not always in a good way. In 2020, for example, Iran used commercial satellite images to monitor U.S. forces in Iraq before launching a ballistic missile attack that wounded more than 100 people.

Other technological advances with national security implications include quantum computing, which could eventually unlock the encryption protecting nearly all the world’s data, making even highly classified information available to adversaries. Synthetic biology is enabling scientists to engineer living organisms, paving the way for what could be revolutionary improvements in the production of food, medicine, data storage, and weapons of war.

In modern warfare, weapons don’t look like weapons.
Understanding the promise and perils of these and other emerging technologies is an essential intelligence mission. The U.S. government needs to know who is poised to win key technological competitions and what the effects could be. It must assess how future wars will be fought and won. It must figure out how new technologies could tackle global challenges such as climate change. It needs to determine how adversaries will use data and tech tools to coerce others, commit atrocities, evade sanctions, develop dangerous weapons, and secure other advantages.

But these important questions are becoming harder to answer because the landscape of innovation has changed and expanded, making inventions more difficult to track and understand. In the past, technological breakthroughs, such as the Internet and GPS, were invented by U.S. government agencies and commercialized later by the private sector. Most innovations that affected national security did not have widespread commercial application, so they could be classified at birth and, if necessary, restricted forever. Today, the script has flipped. Technological innovations are more likely to be “dual use”: to have both commercial and military applications. They are also far more likely to be invented in the private sector, where they are funded by foreign investors, developed by a multinational workforce, and sold to global customers in private and public sectors alike.

Those that are born in the private sector are more widely accessible and not as easily restricted. Artificial intelligence, for example, has become so prevalent and intuitive that high school students with no coding background can make deepfakes—AI-generated, manipulated videos that show people saying and doing things they never said or did. In March 2022, someone released a deepfake of Ukrainian President Volodymyr Zelensky telling Ukrainian soldiers to lay down their arms. More recently, deepfakes impersonating Michael McFaul, the former U.S. ambassador to Russia, have been used to dupe Ukrainian officials into revealing information about the war effort. McFaul deepfakes have become so pervasive that the real McFaul had to tweet warnings asking people not to fall for what he called “a new Russian weapon of war.”

These changes in the innovation landscape are giving private-sector leaders new power and national security officials fresh challenges. Power isn’t just shifting abroad. Power is shifting at home. U.S. social media platforms now find themselves on the frontlines of information warfare, deciding what is real and what is fake, what speech is allowed and what speech is not. Startup founders are inventing capabilities that can be used by enemies they can’t foresee with consequences they can’t control. Meanwhile, U.S. defense and intelligence agencies are struggling to adopt critical new technologies from the outside and move at the speed of invention instead of at the pace of bureaucracy. Private-sector leaders have responsibilities they don’t want, and government leaders want capabilities they don’t have.

UP TO SPEED
Intelligence is often misunderstood. Although spy agencies deal with secrets, they are not in the secrets business. Their core purpose is delivering insights to policymakers and anticipating the future faster and better than adversaries. Clandestinely acquired information from sources such as intercepted phone calls or firsthand spy reports is important, but secrets are just part of the picture. Most information in a typical intelligence report is unclassified or publicly available. And raw information—secret or not—is rarely valuable on its own because it is often incomplete, ambiguous, contradictory, poorly sourced, misleading, deliberately deceptive, or just plain wrong. Analysis is what turns uncertain findings into insight by synthesizing disparate pieces of information and assessing its context, credibility, and meaning.

Intelligence insights are not always correct. But when they are, they can be priceless. When U.S. intelligence agencies warned that Russia was about to invade Ukraine, it gave Washington critical time to help arm Kyiv and unify the West around a response. But it may soon become harder for spy agencies to replicate this success because the global-threat landscape has never been as crowded or as complicated as it is today—and with threats that move faster than ever. It is now more difficult for intelligence officers to do their jobs. After spending nearly half a century largely focused on countering the Soviet Union and two decades fighting terrorists, they today must confront a diverse multitude of dangers. They must deal with transnational threats such as pandemics and climate change; great-power competition with China and Russia; terrorism and other threats from weak and failed states; and cyberattacks that steal, spy, disrupt, destroy, and deceive at stunning speeds and scale. Intelligence agencies are, to put it mildly, overtaxed.

Technology makes today’s threat list not only longer but more formidable. For centuries, countries defended themselves by building powerful militaries and taking advantage of good geography. But in cyberspace, anyone can attack from anywhere, without pushing through air, land, and sea defenses. In fact, the most powerful countries are now often the most vulnerable because their power relies on digital systems for business, education, health care, military operations, and more. These states can be hit by big attacks that disable their critical infrastructure. They can be subject to repeated small attacks that add up to devastating damage before security officials even know it. China, for example, has robbed its way to technological advantage in a variety of industries, from fighter jets to pharmaceuticals, by stealing from U.S. companies one hack at a time, in what FBI Director Christopher Wray has called one of the greatest transfers of wealth in human history and “the biggest long-term threat to our economic and national security.”

The line between the wisdom of crowds and the danger of mobs is thin.
Russia has also used cyberattacks to great effect, proving that technology can allow malignant actors to hack minds—not just machines. Russian operatives created bots and fake social media profiles impersonating Americans that spread disinformation across the United States during the 2016 U.S. presidential election, polarizing the country and undermining its democracy. Today, China could turn Americans against each other without even using U.S. tech platforms. The Chinese firm ByteDance owns TikTok, the popular social media app that boasts more than a billion users, including an estimated 135 million Americans, or 40 percent of the U.S. population. Both Democrats and Republicans now worry that TikTok could enable the Chinese government to vacuum all sorts of data about Americans and launch massive influence campaigns that serve Beijing’s interests—all under the guise of giving U.S. consumers what they want. In today’s world of information warfare, weapons don’t look like weapons.

Because cyberattacks can happen so quickly, and because policymakers can track breaking events and get hot takes with the touch of a button, U.S. intelligence agencies also need to operate with newfound speed. Timeliness, of course, has always been important to spycraft: in the 1962 Cuban missile crisis, U.S. President John F. Kennedy had 13 days to pore over intelligence and consider his policy options after surveillance photographs from a U-2 spy plane revealed Soviet nuclear installations in Cuba, and on September 11, 2001, U.S. President George W. Bush had less than 13 hours after the World Trade Center attacks to review intelligence and announce a response. Today, the time for presidents to consider intelligence before making major policy decisions may be closer to 13 minutes or even 13 seconds.

But moving fast also carries risks. It takes time to vet a source’s credibility, tap expert knowledge across fields, and consider alternative explanations for a finding. Without careful intelligence analysis, leaders may make premature or even dangerous decisions. The potential consequences of rash action became evident in December 2016, when a news story reported that Israel’s former defense minister was threatening a nuclear attack against Pakistan if Islamabad deployed troops in Syria. Pakistan’s Defense Minister, Khawaja Muhammad Asif, quickly tweeted: “Israeli def min threatens nuclear retaliation presuming pak role in Syria against Daesh. Israel forgets Pakistan is a Nuclear state too AH.” But the original story had been fabricated. Asif had dashed off his response before finding out the truth. Satisfying policymakers’ need for speed while carefully collecting, vetting, and assessing intelligence has always been a delicate balance, but that balance is getting harder to strike.

NEED TO KNOW
Intelligence agencies must deal with a data environment that is vast, not just fast. The volume of information available online has become almost unimaginably immense. According to the World Economic Forum, in 2019, Internet users posted 500 million tweets, sent 294 billion emails, and uploaded 350 million photos to Facebook every day. Every second, the Internet transmits roughly one petabyte of data: the amount of data that an individual would have consumed after binge-watching movies nonstop for over three years.

U.S. intelligence agencies are already collecting far more information than humans can analyze effectively. In 2018, the intelligence community was capturing more than three National Football League seasons’ worth of high-definition imagery a day on each sensor they deployed in a combat theater. According to a source at the Department of Defense, in 2020, one soldier deployed to the Middle East was so concerned about the crushing flow of classified intelligence emails he was receiving that he decided to count them. The total: 10,000 emails in 120 days. These quantities are likely to grow. Some estimates show that the amount of digital data on earth doubles every 24 months.

And increasingly, intelligence agencies must satisfy a wider range of customers—including people who do not command troops, hold security clearances, or even work in government. Today, plenty of important decision-makers live worlds apart from Washington, making consequential policy choices in boardrooms and living rooms—not the White House Situation Room. Big Tech companies, including Microsoft and Google, need intelligence about cyberthreats to and through their systems. Most of the United States’ critical infrastructure is controlled by private firms, such as energy companies, and they also need information about cyber risks that could disrupt or destroy their systems. Voters need intelligence about how foreign governments are interfering in elections and waging operations to polarize society. And because cyberthreats do not stop at the border, U.S. security increasingly depends on sharing intelligence faster and better with allies and partners.

To serve this broader array of customers, the U.S. intelligence community is making unclassified products and engaging with the outside world to an extent it has not before. The National Security Agency, the FBI, and other intelligence agencies are now creating public service videos about foreign threats to U.S. elections. In September 2022, the CIA launched a podcast called The Langley Files, aimed at demystifying the agency and educating the public. The National Geospatial-Intelligence Agency, which collects and analyzes satellite imagery and other geospatial intelligence, launched a project called Tearline—a collaboration with think tanks, universities, and nonprofits to create unclassified reports about climate change, Russian troop movements, human rights issues, and more. In 2021, the NSA began issuing joint advisories with the FBI and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency detailing major cyberthreats, exposing the entities behind them, and explaining how firms could shore up their security. In October, these three agencies even released the technical details of the top 20 cyber vulnerabilities exploited by the Chinese government to hack into U.S. and allied networks, along with meticulous instructions about how to improve cyber defenses. The U.S. government is now also issuing advisories with foreign intelligence partners.

The success of this public-facing strategy has been on full display in Ukraine. It helped the United States warn the world about Russia’s invasion. It helped rally the West behind a fast response. And it continues to frustrate Moscow. Most recently, after Washington revealed intelligence indicating that senior Russian military leaders were discussing using tactical nuclear weapons in Ukraine, Xi issued a rare public warning against the “use of, or threats to use, nuclear weapons.” Xi’s “no limits” relationship with Putin suddenly had limits after all.

CROWD SURFING
In addition to more customers, technology has given U.S. intelligence agencies more competition. The explosion of open-source information online, commercial satellite capabilities, and the rise of AI are enabling all sorts of individuals and private organizations to collect, analyze, and disseminate intelligence.

In the past several years, for instance, the amateur investigators of Bellingcat—a volunteer organization that describes itself as “an intelligence agency for the people”—have made all kinds of discoveries. Bellingcat identified the Russian hit team that tried to assassinate former Russian spy officer Sergei Skripal in the United Kingdom and located supporters of the Islamic State (also known as ISIS) in Europe. It also proved that Russians were behind the shootdown of Malaysia Airlines flight 17 over Ukraine.

Bellingcat is not the only civilian intelligence initiative. When the Iranian government claimed in 2020 that a small fire had broken out in an industrial shed, two U.S. researchers working independently and using nothing more than their computers and the Internet proved within hours that Tehran was lying. As David Albright and Fabian Hinz quickly found, the building was actually a nuclear centrifuge assembly facility at Iran’s main uranium enrichment site. The damage was so extensive that the fire may well have been caused by an explosion—raising the possibility of sabotage. In 2021, nuclear sleuths at the James Martin Center for Nonproliferation Studies in California used commercial satellite imagery to discover more than 200 new intercontinental ballistic missile silos in China, a finding that could signal historic increases in China’s nuclear arsenal.   

A satellite picture of damage in Mariupol, Ukraine, October 2022
A satellite picture of damage in Mariupol, Ukraine, October 2022
Fabrice Coffrini / AFP / Getty
For U.S. intelligence agencies, this burgeoning world of open-source intelligence brings significant new opportunities as well as risks. On the positive side, citizen-sleuths offer more eyes and ears around the world scanning for developments and dangers as they arise. The wisdom of the crowd can be a powerful tool, especially for piecing together tiny bits of information. Unbound by bureaucracy, open-source intelligence analysts can work quickly. And because open-source information is by definition declassified, it can be shared easily within government agencies, across them, and with the public without revealing sensitive sources or methods.

But these features are also flaws. Open-source intelligence is available to everyone, everywhere, no matter their motives, national loyalties, or capabilities. Citizen-sleuths do not have to answer to anyone or train anywhere, and that invites all kinds of hazards. Volunteer analysts are rewarded for being fast (especially online) but are rarely punished for being wrong—which means they are more likely to make errors. And the line between the wisdom of crowds and the danger of mobs is thin. After a 2013 terrorist attack on the Boston Marathon killed three people and wounded more than 260 others, Reddit users jumped into action. Posting pet theories, unconfirmed chatter on police scanners, and other crowdsourced tidbits of information, amateur investigators fingered two “suspects” and the mainstream media publicized the findings. Both turned out to be innocent.

These weaknesses can create serious headaches for governments. When errors go viral, intelligence agencies have to burn time and resources fact-checking the work of others and reassuring policymakers that the agencies’ original intelligence assessments should not change. Accurate open-source discoveries can cause problems, too. Findings, for example, might force policymakers into corners by making information public that, if kept secret, could have left room for compromise and graceful exits from crises. To diffuse the Cuban missile crisis, for example, Kennedy agreed to secretly remove U.S. nuclear weapons from Turkey if the Soviets took their missiles out of Cuba. Had satellite imagery been publicly available, Kennedy might have been too worried about domestic political backlash to make a deal.

OPEN RELATIONSHIP
U.S. intelligence leaders know that their success in the twenty-first century hinges on adapting to a world of more threats, more speed, more data, more customers, and more competitors. Their agencies have been working hard to meet these challenges by launching organizational reforms, technology innovation programs, and new initiatives to recruit top science and engineering talent. They have had some important successes. But these are difficult problems to overcome, and so far, the intelligence community’s efforts have been piecemeal.

The rate of progress is especially concerning given that the challenges are well known, the stakes are high, and intelligence weaknesses have been festering for years. Multiple reports and articles (including one in this magazine) have found that intelligence agencies are not keeping pace with technological developments. These reports point to an unfortunate reality. Washington cannot address its present challenges by making incremental changes to existing agencies. Instead, developing U.S. intelligence capabilities for the twenty-first century requires building something new: a dedicated, open-source intelligence agency focused on combing through unclassified data and discerning what it means.

Creating a 19th intelligence agency may seem duplicative and unnecessary. But it is essential. Despite Washington’s best efforts, open-source intelligence has always been a second-class citizen in the U.S. intelligence community because it has no agency with the budget, hiring power, or seat at the table to champion it. As long as open-source intelligence remains embedded in secret agencies that value clandestine information above all, it will languish. A culture of secrecy will continue to strangle the adoption of cutting-edge technical tools from the commercial sector. Agencies will struggle to attract and retain talent that is desperately needed to help them understand and use new technologies. And efforts to harness the power of open-source intelligence collectors and analysts outside government will fall short.

Even the best open-source intelligence has limits.
A new open-source intelligence agency would bring innovation, not just information, to the U.S. intelligence community by providing fertile soil for the growth of far-reaching changes in human capital, technology adoption, and collaboration with the burgeoning open-source intelligence ecosystem. Such an agency would be a powerful lever for attracting the workforce of tomorrow. Because it deals with unclassified information, the agency could recruit top scientists and engineers to work right away, without requiring them to wait months or years for security clearances. Locating open-source agency offices in technology hubs where engineers already live and want to stay—places such as Austin, San Francisco, and Seattle—would make it easier for talent to flow in and out of government. The result could be a corps of tech-savvy officials who rotate between public service and the private sector, acting as ambassadors between both worlds. They would increase the intelligence community’s presence and prestige in technology circles while bringing a continuous stream of fresh tech ideas back inside.

By working with unclassified material, the open-source agency could also help the intelligence community do a better and faster job of adopting new collection and analysis technologies. (The open-source agency could test new inventions and, if they proved effective, pass them along to agencies that work with secrets.) The agency would also be ideally positioned to engage with leading open-source intelligence organizations and individuals outside the government. These partnerships could help U.S. intelligence agencies outsource more of their work to responsible nongovernmental collectors and analysts, freeing up intelligence officials to focus their capabilities and clandestine collection efforts on missions that nobody else can do.

And there will still be many such missions. After all, even the best open-source intelligence has limits. Satellite imagery can reveal new Chinese missile silos but not what Chinese leaders intend to do with them. Identifying objects or tracking movements online is important, but generating insight requires more. Secret methods remain uniquely suited to understanding what foreign leaders know, believe, and desire. There is no open-source substitute for getting human spies inside a foreign leaders’ inner circle or penetrating an adversary’s communications system to uncover what that adversary is saying and writing. Analysts with clearances will also always be essential for assessing what classified discoveries mean, how credible they are, and how they fit with other, unclassified findings.

But secret agencies are no longer enough. The country faces a dangerous new era that includes great-power competition, renewed war in Europe, ongoing terrorist attacks, and fast-changing cyberattacks. New technologies are driving these threats and determining who will be able to understand and chart the future. To succeed, the U.S. intelligence community must adapt to a more open, technological world