It’s best not to spend too much time on this weird new nugget, reported on Friday 9 February by the New York Times.
The bottom line, up front, is that it rings pretty hollow to me. It sounds like someone in a U.S. agency (I doubt it was the CIA, frankly, but you can decide for yourself) was trying to buy the purported Trump stuff, and now needs a plausible explanation for having done that.
The rest of it doesn’t really make sense. Style points, however, for the picturesque German venues and the cranberry juice.
Here’s the gist of it:
After months of secret negotiations, a shadowy Russian bilked American spies out of $100,000 last year, promising to deliver stolen National Security Agency cyberweapons in a deal that he insisted would also include compromising material on President Trump, according to American and European intelligence officials.
Right off the bat, there’s no “hook” for depositing this data point in the narrative bank now. Why are we being told this? It’s not like anything that has happened in the last 6-8 weeks would prompt reporters to go sniffing around Europe, looking for spies buying these particular secrets.
This sounds like a voluntary, out-of-the-blue “disclosure” from someone with a motive.
The story’s initial emphasis is on the “NSA cyberweapons.” But that, again, doesn’t make a lot of sense. The verbal presentation about the cyberweapons conveys urgency, to be sure, but it’s very short on detail, and you basically have to suspend disbelief to buy into the premise here.
The cash, delivered in a suitcase to a Berlin hotel room in September, was intended as the first installment of a $1 million payout, according to American officials, the Russian and communications reviewed by The New York Times. The theft of the secret hacking tools had been devastating to the N.S.A., and the agency was struggling to get a full inventory of what was missing.
“Struggling to get a full inventory of what was missing”? Did someone who supposedly knows what he’s talking about really put it that way?
The red herring
First of all, the initial heist of materials the NYT story is referring to began, as far as we know, in 2016, and that’s when NSA began evaluating what had happened. (The cyber-heist in question is connected with the public exposure of NSA and CIA “hacking” tools by an entity known as Shadow Brokers.)
It still wasn’t clear to the public in July 2017 whether the data theft had involved an outside intrusion, or someone operating from inside NSA. Maybe NSA still didn’t know at that point. Maybe they still don’t know today.
But we don’t have to be certain about that, to be certain about this: NSA would assume the worst case on the data theft, in default of more specific knowledge. There is no purpose for which NSA would spend months (or years) at a time suspending judgment on how bad the breach had been, in terms of “what was lost.” The NYT article is written as if NSA dragged itself through 2017 still trying to figure out how bad it was before recovering from self-imposed paralysis. That suggestion is ludicrous.
Of course NSA wants to figure out how the breach occurred. (For all we know, they have done so by now.) But the premise of the NYT article is that NSA’s “struggle” to characterize the scope of the breach was at a level of desperation, as regards what NSA tools were exposed to outside eyes.
That is very unlikely, unless they’ve all lost their wits at NSA. Besides the fact that, on operating principle, they’d suck it up and count it a comprehensive loss, there are the facts that (a) they can reconstruct a lot from a forensic examination of their own systems; and (b) we already know quite a bit about what was lost (see links above, and at the NYT article).
Experts looking at this from the public side have to analyze what that means from incomplete information. But NSA has all the secret, system-specific information from inside its own walls as well. NSA isn’t having to play the guessing game the rest of us are on this.
That said, what sets my radar off is the key word in this formulation: “struggling to get a full inventory of what is missing.”
Missing? There’s nothing “missing.” The article implies that there was a felt need to buy back material that was, literally, “missing.” But that’s a misleading characterization.
This isn’t the Hope Diamond here. It’s not something you can “buy back.” The NSA cyber tools have been exposed. Full stop. They can’t be recalled. And no buyback in Berlin (even of a thumb drive) can address any institutional problem created by that reality.
The established fact of exposure means NSA has to assume outside hackers have had access to the tools for months. That genie can’t be stuffed back in the bottle by buying thumb drives from Russians. Nor can getting hold of thumb drives – which could have come from anywhere, and have been loaded by anyone, to who knows what degree of data integrity or completeness – tell NSA more than its own analysts already know about how the data breach occurred.
Indeed, the strongest probability, if a Russian is offering to sell such thumb drives, is that Russians are trying to plant new disinformation for U.S. agencies. NSA knows that. So, for that matter, do the CIA and the FBI.
At the very least, we can say that NSA’s motive to gain information in this manner would be a weak one. I’m not buying the plot device that NSA wanted this.
The real buy
If there was no real U.S. government motive to buy “missing” NSA cyber tools, we are left with someone in the U.S. government wanting to buy the proffered kompromat on Trump.
Oddly enough, for a secondary element in the story, and something our enterprising spies were supposedly trying like the devil to avoid obtaining from their Russian contact, they sure ended up with a lot of it.
And then reporters at the New York Times were able to see some of it. Four documents’ worth, in fact. It didn’t amount to much, according to the article. But it is made clear that there was material, it was paid for – by our spies, to the Russian – and in the NYT news room, they’ve actually laid eyes on it.
The Russian contact, in a commendably tidy fashion, walked out the door at the end of the article, after a last swig on his cranberry juice. Apparently, we are to understand that he’s now in the wind. At least, someone is to understand it.
There’s a bit too much of a scriptwriting “finish” to this, for it to have an authentic feel. Forget whether it sounds like an actual counterintelligence operation. It doesn’t even sound like a legitimate news report, from a confidential source, about a counterintelligence operation. It sounds like an entry in a short story contest.
The suspicion intrudes that there’s a guy in the FBI somewhere who’s going to need an explanation for what happened to that $100,000, and this is the forged note from his mother. For now, I’m filing this one as “the FBI spent $100,000 trying to buy kompromat on Trump, in 2017” and moving on. If that filing category needs revisiting down the road, we’ve got it flagged.
The FBI kept Carter Page and all his communication correspondents under surveillance in 2017 too, and yet nothing even slightly interesting has been reported about Page during that period. We need to know what else the FBI kept doing in 2017.