In Part 1, we reviewed a comparatively obscure story reported in 2017, about intelligence the FBI supposedly gained in early March 2016 from the Russian hacking of Democrats’ computer systems.
The gist of the story is that a hacked email suggested then-Attorney General Loretta Lynch assured the Hillary Clinton campaign that she would not let the FBI probe of Hillary’s emails “go too far.” Part 1 looked at things the FBI could have done to follow up on that, and at James Comey’s persistent use of the story to justify his preemptive move to exonerate Hillary in July 2016.
Part 1 also noted Obama’s involvement with Hillary’s private email address, and the knowledge his staff clearly would have had that he was corresponding with it. The aggregate view of these factors indicates that U.S. agencies, far from being startled by intelligence about Russian activities, probably had to know more about them than the media’s Russiagate narrative implies.
We pick up the thread with reflections on that in Part 2.
The fully-alerted U.S. government and its perspective on email accounts
You and I may not sit around 24 hours a day thinking about people’s electronic communications, including the security of ours, the security of others’, and the jungle-full of cyber predators out there stalking everybody and everything.
But the U.S. federal government pays a small army of people to sit around thinking just those thoughts. There is no such thing as not being institutionally vigilant about whether the U.S. secretary of state’s emails are vulnerable to foreign hacking. That’s why, for example, experienced Secret Service agents know that the email addresses their protectees’ government phones can correspond with have to be whitelisted.
The government’s cyber-protection army doesn’t leave it at that, either. Government cyber warriors are monitoring government IT systems for signs of intrusion – by Russia, perhaps, or China, or Iran – or misuse by insiders.
Moreover, when members of the public correspond with government systems, they often receive notices – e.g., boilerplate included in formula responses – that their correspondence on those systems can be monitored. Such connections are not an excuse for pursuing a citizen’s unrelated private correspondence. But they definitely mean that once you’ve corresponded with a government IT system, your email information is no secret to the U.S. government anymore.
That includes Hillary Clinton sending and receiving emails with the State Department or the Executive Office of the President. What they call a butt-ton-load of people would have known that she was doing it.
Now think about that level of 24/7 alertment and vigilance in relation to the “Russian hacking intelligence” story. Either way the story is told, its common element is that a U.S. agency derived information from Russian intelligence – information about U.S. email correspondence – by looking at Russian communications.
We needn’t pursue that far enough to get into sources and methods, to nevertheless evoke a vivid picture of the alertment and collection posture it must imply.
Just think of it this way. In the implied scenario, the rarity would be looking away from where the detectable events you’re trying to track come from.
Put all that together, and ask yourself: if the Obama administration knew Hillary Clinton was using a private email account; if it knew the president himself had corresponded with that account; and if it knew the Russians were always trying to hack into significant email systems serving government and political officials because it had caught the Russians doing that on multiple occasions – do you think the Obama agencies would have been doing their darnedest long before 2016 to maintain direct insight into that set of circumstances?
Since, after all, they had the means to do it?
March comes in like a lion
Now we’re ready to get back to March 2016, when the FBI was said to have gotten the information about Russian hacking intelligence and the alleged Wasserman Schultz email.
Just as a reminder on the Russiagate timeline, George Papadopoulos received notice that he would be an adviser to the Trump campaign on 6 March 2016. On 14 March 2016, he and Joseph Mifsud, the Maltese professor, had their first meeting. Carter Page, who at the time was involved as a witness in the FBI’s 2013 case against Russian spies, was also announced to be an adviser to the Trump campaign.
And Paul Manafort – then under FBI electronic surveillance – was hired by Trump on 29 March to manage the delegate-marshaling task ahead of the July Republican convention.
Worth noting as well: John Podesta’s email account was penetrated with a phishing attack, apparently via an email dated 19 March 2016.
In the interval between Papadopoulos joining the Trump campaign and the end of March, meanwhile, we now have a sequence of three remarkable events.
One is the FBI’s discovery of the Russian hacking intelligence, in “early March.”
The second is the discovery, on or just before 9 March, that the FBI had been processing raw NSA communications intelligence in such a way that government contractors working for the FBI had access to it.
This event, which I suspect was related to the blow-up Peter Strzok’s pal Lisa Page was alerted to on 9 March at the FBI’s Washington Field Office, was a watershed in U.S. intelligence community operations. It was directly connected to NSA tightening vigilance over data retrievals, cutting off some forms of access on 18 April 2016, and going on to self-report violations to the FISA court in September 2016. It was after that self-report – also implicating other intelligence agencies – that DNI James Clapper publicly announced he had lost confidence in NSA Director Admiral Michael Rogers, and wanted to fire him.
The potential that this 9 March event was linked to the “Russian hacking intelligence” obviously cannot be overlooked, and we’ll get to that in a moment.
But we must note the third remarkable development. On 14 March, Russian and U.S. sources reported that CIA Director John Brennan had just held an unannounced, unpreviewed meeting at Russia’s FSB headquarters in Moscow. (The FSB, or federal security service, is the successor to the KGB.)
The reason given for this meeting doesn’t pass the smell test. It was supposedly about “Syria.” But the CIA director wouldn’t coordinate with the FSB about Syria (on which the Obama administration’s activity profile was in any case barely above the thready-pulse level). If such coordination were to be done by the CIA director, it would be with the Russian SVR – the state intelligence agency, and the CIA’s direct counterpart on foreign policy matters – rather than the Russian federal security service.
A more likely pairing for cooperation on Syria would have been the military intelligence chiefs. And as a general point, nothing in Brennan’s c.v. would have made him the guy you’d send to Russia for a delicate or unique Syria-related mission.
From an analytical standpoint, this mission to Moscow still requires a more credible explanation.
For the moment, we have only circumstantial clues to assist us with this set of circumstances. But the sequence of events in March frames some of the most important questions for us.
Time has made it decreasingly possible that the 9 March blow-up at the FBI was unrelated to the Russiagate timeline. The public may never have a direct view of any definitive evidence on it, but without speaking to sources and methods, an intelligence specialist can see that, by opportunity and means, it indeed could be linked to the “Russian hacking intelligence” received by the FBI.
We can’t prove from out here that what the FBI was doing in this “blow-up” case involving the contractors produced the “Russian hacking intelligence.” But could it have done so? Absolutely.
We will focus on a related, specific element in the Russiagate saga in Part 3.