It’s now been over a year since Edward Snowden, the most famous IT contractor in intelligence history, defected to Moscow. This blog has followed the twists and turns of this remarkable case in detail, particularly in its counterintelligence aspects, but one of the most vexing and important issues remains undefined. Namely, how much damage to U.S. and Allied intelligence and security did Snowden’s unprecedented theft of classified materials actually do?
The National Security Agency and others have been involved in developing a damage assessment virtually from the moment the story broke; it’s what intelligence services do when they have a defector or compromise, since it’s vital to understand what programs have been damaged or lost. Snowden’s theft was so vast — perhaps “only” 1.5 million purloined documents rather than the 1.7 million previously suggested — that it will take years for the Intelligence Community (IC) to assess what damage has actually been wrought here. Moreover, it may be impossible to ever fully answer that question in detail, particularly if Snowden stays in Moscow, which he shows every sign of doing. The damage here stretches across so many agencies of the IC and the whole Department of Defense that this will be truly the mother of all damage assessments, and it is to be hoped that the public will allowed access to some sort of unclassified version of it, even if only a summary, to understand what the Snowden Operation has done to the security of the United States and its allies.
As a political effort, the international propaganda campaign against NSA that is driven by the Snowden documents has failed to shut down the Agency, which continues to do its mission with only modest changes, as this blog predicted months ago. Nevertheless, it’s obvious to anyone acquainted with intelligence that the operational and strategic damage to NSA and the IC, in particular to its international partnerships that are so vital to Western security, is vast and unprecedented. There has never been a compromise like this, or even close, in the annals of espionage, dwarfing even the famous case of the KGB’s Vasily Mitrokhin.
It is therefore surprising to hear recent statements from NSA and IC leadership that the current crisis just isn’t all that bad. Admiral Mike Rogers, NSA’s new director, has stated that the Snowden damage is “manageable” while making it clear that from where he sits, the “sky isn’t falling.” James Clapper, our Director of National Intelligence, has similarly observed that the damage caused by Snowden is not as great as he and the IC had initially believed.
There are undoubtedly audiences who wish to hear this good news, and one cannot fault leaders who try to shore up flagging morale in a crisis. There can be no doubt that NSA morale today is at its lowest ebb ever, with a workforce dealing with the damage on a day-to-day basis while worrying about a security overreaction to the Snowden disaster, which is what the IC usually does in the wake of this sort of lapse. There are numerous allies, close intelligence partners, who want to be told that all is well, that NSA is as effective as ever and has brushed off the Snowden case in record time — and that it won’t happen again.
Unfortunately, this is not true. It is difficult to reconcile statements from Rogers and Clapper with ones previously made by General Keith Alexander, the former NSA director (“What Snowden has revealed has caused irreversible and significant damage to our country and to our allies.”) or by Lieutenant General Mike Flynn, the former DIA director (“this has caused grave damage to our national security”), who added that the wreckage goes far beyond the IC, and has serious and disturbing implications for the Pentagon and the U.S. armed forces too. The unclassified version of DIA’s damage assessment describes Snowden’s impact as “staggering.”
Key allies have been even more frank. Andrew Parker, head of the British Security Service (MI5), stated that the Snowden-caused leaks from GCHQ, NSA’s British partner, “hands the advantage to the terrorists. It is the gift they need to evade us and strike at will,” a view that was endorsed by Prime Minister David Cameron. Comments by Paul Taloni, director of the Australian Signals Directorate, NSA’s partner Down Under, were even more detailed: “Snowden has effectively informed Indonesia and PNG’s military that Australia knows how to decrypt their comms … They will immediately change them as a result, which will directly impact on Australia’s ability to minimize future threats.”
Dr. Taloni notes an important point, namely that letting targets know they are being listened to usually means that they change how they communicate, and access is lost, often for an extended period, and sometimes forever. Thus is intelligence diminished. Unlike the world of human intelligence (HUMINT), where even a major setback means a human source, or several, are compromised, in the arena of signals intelligence (SIGINT), a compromise can shut down a vast array of collection programs and effectively render you deaf against whole countries. Given the unprecedented extent of the Snowden compromise, it would be foolish to assume that the SIGINT losses it has engendered are not commensurately vast.
It needs to be noted that NSA has a long history of avoiding unpleasant truths in cases of defection and betrayal. The Agency had little to say publicly about the case of William Martin and Bernon Mitchell, two disgruntled analysts who defected to Moscow in 1960, while noting internally, in language that seems apt today as well, that the men possessed “greatly inflated opinions concerning their intellectual attainments and talents” and defected to satisfy social aspirations. The Agency was similarly tight-lipped three years later about the case of Jack Dunlap, an Army sergeant assigned to NSA — for a time he was the director’s driver — who passed classified materials to the Soviets in exchange for cash; as Dunlap committed suicide before he was convicted of anything, he is buried in Arlington National Cemetery.
Perhaps the most relevant case is that of William Weisband, who is the only case in NSA history that compares with Snowden in terms of damage to U.S. and Allied SIGINT. As I’ve explained before, Weisband was a longtime Soviet spy and mole inside U.S. intelligence who compromised everything he could get his hands on, including BOURBON, the top secret American-British program that listened in on high-level Soviet communications, which “went dark” in 1948 after Weisband told Moscow about it. He also told them about VENONA, the extraordinarily compartmented program that decrypted Soviet intelligence communications; thanks to Weisband, the Kremlin knew about VENONA several years before President Harry Truman was briefed on it. In short, Weisband practically shut down Western SIGINT against the Soviet Union at the dawn of the Cold War, when it was most needed, and that damage lasted for years and cost lives.
NSA’s reaction to the case was revealing. In the first place, there was no NSA when Weisband was arrested in 1950, when another Soviet spy, revealed by VENONA, fingered Weisband, who was then working in the heart of the SIGINT system, as his Soviet intelligence handler back in the early 1940s. Weisband was a Russian linguist (it was his native tongue) for the Armed Forces Security Agency (AFSA), NSA’s direct predecessor, where security was somewhat slipshod. Weisband should have been caught earlier, his efforts to hide his betrayal were hardly impressive, but nobody was paying attention.
Seeking to cover up this epic disaster, which AFSA leadership had been quietly expecting ever since BOURBON was suddenly and inexplicably lost two years before, U.S. intelligence clammed up. Nobody wanted to admit that our SIGINT system had been penetrated, and in the climate of the time, Washington, DC, didn’t even want to state publicly that it had an agency that was breaking foreign codes. Weisband was allowed to slip away without comment.
He did a year in Federal prison for the obscure crime of lying to a grand jury about his secret Communist affiliations, and was never charged with anything relating to espionage. He continued his life, becoming an insurance salesman in Northern Virginia, dying of a heart attack in 1967 (ironically, just at the time the KGB wanted to give him a bag of cash to help out the “old master” who had done so much for the Soviet Union). There was not a peep to the American public about what Weisband had done.
Internally, it was obvious that the damage was so serious that it must never happen again. Part of the problem was that AFSA was not really a unified agency, rather an amalgam of preexisting Army, Navy, and Air Force SIGINT services; in particular, it lacked any unified security and counterintelligence program. President Truman ordered the establishment of a committee led by the New York attorney George Brownell to look into improving the flawed AFSA model. Their recommendation was the establishment of a fully unified cryptologic unit, under the Department of Defense, with a single security effort to prevent future moles. Thus was the National Security Agency born in November 1952.
After that, NSA pretty much forgot about Weisband. His co-workers were told to never discuss the case with anybody. For decades, he simply did not exist; he was not even mentioned in internal Agency security briefings, and most counterintelligence officials at NSA possessed only a vague awareness of the Weisband affair, so total was the amnesia. That only began to change in the mid-1990s, when NSA and CIA jointly declassified the remarkable VENONA story, in which Bill Weisband had played a sordid part. Only a half-century after his betrayal did the American public learn about what Weisband had done, and it was not until 2003 that NSA officials offered a full, unclassified look at the case to the public, revealing long-suppressed details about what the traitor had done, and why.
It’s natural for the leaders of secret agencies to want to keep their disasters hidden. Deep down, all spy services want to be like surgeons who bury their mistakes. Yet this is an unhealthy impulse that must be resisted. NSA will not prevent another Snowden if the Agency does not honestly assess exactly what happened here. Moreover, the public has a right to know the actual story, at least in outline, while our allies deserve better than happy-talk. It is at best odd that IC leadership seems content to pronounce the case not so big a deal when, in fact, it has been enormously painful for the Western diplomats from many countries who have had to contend with the considerable problems caused by the Snowden Operation, to say nothing of the numerous American firms that have lost business, including huge contracts, thanks to this affair.
NSA and U.S. intelligence won’t be getting past the damage wrought by Edward Snowden and his partners for many years, and neither will Western diplomacy and the many businesspeople who did nothing to deserve the loss of income they are now facing, and may be for a long time. It would be wise of senior U.S. Government officials to keep this in mind. Moreover, it’s best to face the painful truth now, because the full story of this debacle will come out eventually. It always does.
[As always, the author’s comments are his own entirely.]
The XX Committee 
If Dunlap really was the traitor you say he was, why aren’t his remains disinterred and relocated to a venue more reflective of his achievements?
You’d have to ask the Pentagon that.
I had never heard of the case of Weisband and look forward to reading more about it. It seems that he was driven by ideological beliefs, the perception that there was something “progressive” about Stalin and the Soviet Union, and that we “had” to stand by our ally during WWII because they fought something “worse,” the Nazis. This could become possible due to suppression and active denial about the mass crimes against humanity of Lenin and Stalin. I’m just reading Gary Kern’s biography of Kravchenko — it so well depicts the era of FDR, when there was such active courting of Stalin, denial of realities, and Soviet moles and assets everywhere.
I have to say that regarding the current NSA leader, I was on this problem already:
http://3dblogger.typepad.com/wired_state/2014/06/why-did-the-new-nsa-director-not-call-snowden-a-russian-agent-and-why-focus-needed-on-fellow-travell.html
http://3dblogger.typepad.com/wired_state/2014/07/will-the-snowden-stash-really-get-leaked-by-wikileaks-and-by-whom.html
And I’d like to think that the admiral is just engaging in psy-war, you know, not painting a target on our backs and saying “we’re weak,” and making the enemy think “it’s no big deal.” But given how often Glenn Greenwald and all the Snowdenistas use as the centerpiece of their propaganda the dual false notions that “there was no damage” and that surveillance “doesn’t catch terrorists,” I think NSA should be leaning more forward on this.
But they won’t, not under Obama. They have to serve the political leadership.
That’s why a Committee for the Present Danger has to be revived which constantly maintains an alternative narrative in Washington.
Thanks, Cathy. Weisband’s motivations are complex. Sympathy for “Mother Russia,” surely (he was born in Odessa), some mild Communism, but he was not particularly political, it seems, and he was also greedy and liked the money and the sense of adventure. A common mix, that. He deserves a movie, IMO.
Did you write this one for me? If so, that’s very thotful. However, you’ve left us will little more than a battle of the quotes and I’m not sure why I should value Alexander’s professional opinion over, say, Clapper’s.
A) Do you have an off-the-cuff ranking of the credibility of the intelligence professionals you quote?
B) Would you be interested in spinning such a ranking off into the collectable card game market, a la ‘Magic: The Gathering’?
Seriously though John, we need a detailed explanation of the characters involved in Operation Snowden and how they relate to the wider KGB espionage structure in the West. What is Poitras doing? Who is she working for? I’m just throwing these questions out there to wet your whistle.
You can’t have an operation with only one man, no matter how wicked his computer skills. #OperationSnowden is…
No cards, please, but a more detailed treatment of this matter is surely needed, full agreement.
I tend to think that the damage from Snowden’s operation will be seen more at the state level, rather than the terrorist/non-state level. Indeed, the flat footed response of the West towards the Ukrainian invasion is no doubt partially due to information gleaned from Snowden, though Western indifference (viz. France selling Mistrals to Russia post-invasion) is also a large factor.
However, I’m rather more skeptical that non-state backed terrorist networks will validate this portion of your piece:
“hands the advantage to the terrorists. It is the gift they need to evade us and strike at will,” a view that was endorsed by Prime Minister David Cameron.
First of all, the general outlines of what the IC was doing to track and target terrorists and their electronic communications have been known for some time, even if the precise details and methods haven’t. That is to say, as a trivial example, that most terrorists should know that the IC is capable of tracking cell phones, even if they don’t know if it’s via an RC-135 or hacking the cell providers. In contrast, the general outlines of what the IC was capable of doing towards Russian internal communications was far less obvious pre-Snowden, though I’m sure the Russians had at least some idea of the effort directed towards them.
Secondly, this seems like it should be empirically observable. If we see a wave of terrorist attacks that specifically exploit weaknesses Snowden revealed or could have revealed (since we don’t know exactly what he has), then Cameron’s concerns are valid. However, if we don’t then it would suggest that Clapper is right that the Snowden revelations, while damaging, were manageable (if perhaps at great cost) in terms of their effect on terrorism in the West.
What NSA is telling people in private is a lot different than the current happy-talk offensive, FYI.
Isn’t that how it should work in the end? The right message, using the right channels, at the right time? Shouldn’t the message be adjusted to the medium?
If the allies wanted more than happy talk and possibly some apology then they get that in private. If they are unhappy that they don’t get it in public they probably balance that out with the benefits they get from a reserve currency that keeps them afloat and completely collateralized by the U.S. taxpayer.
Too harsh?
John, how would you assess the damage from the disclosure of a document like the NSA TAO ANT catalog? I know at least one private company who got interested in the document and discussed verifying if its equipment was equipped with some of the implants described. I don’t know if they ever managed to do it – I would assume it could be difficult for untrained people (I work in infosec, we don’t really do hardware), but it got me to wonder about all the NSA targets who may all have a similar idea.
Now that their adversaries can be assumed to know about their existence and have some clues about finding them, wouldn’t that seriously affect their efficiency in the field? And we’re talking (I assume) about the entire catalog… I have a hard time believing it’s not a big deal for the NSA.
That is a VERY big deal indeed.
Prof Chindler, If Snowden wasn’t a Russian operation from the beginning it sure would have made a most excellent one. Daniel Elsberg (the good leaker) really loves the American sneak state. My guess is that the beloved founding fathers would have puked if they saw the current state of affairs of the American citizenry. But alas!
Reblogged this on Public Secrets and commented:
Anyone who thinks Snowden did the cause of liberty a favor should read this. That guy belongs in jail for the rest of his life.
Ok I’m sorry, I don’t see the logic here. If i get caught doing something nobody likes….then I blame the person that pointed it out? He did not CAUSE the damage to the US, it was bound to happen by the very fact that all this BS the intelligence community does goes against what the citizens of the US want. You can scare everyone all you want, but we’d generally rather not be spied on. What I am saying is that, if it wasn’t Snowden it would have been someone else. You really can’t get away with doing something so f’d up on such a massive scale forever, someone will eventually call you out on it no matter how hard you try to brainwash or scare people. This is law of the universe and humanity, pay attention.
In this quote right here by the blog writer a few posts up:
“What NSA is telling people in private is a lot different than the current happy-talk offensive, FYI.”
You can see that the attitude of the defense/intel community is that they cannot be questioned.. The American public is simply too naive to be entrusted with the full control of their country in their view. His statement is unfalsifiable, it simply asserts that the NSA knows more than you and is right because he said so. That’s it.
I don’t know how much of an impact the leaks actually had, but the fundamental problem is and always has been that the NSA is incapable of acting honestly and respecting the law and civil liberties. If they respected the law and civil liberties none of this would have happened. Well, unless you think Snowden was a Russian agent, which should seem asinine to anyone familiar with the US intelligence community’s tendency to lie to the public. I wish American intelligence the best but what is the public supposed to do when they are unable or unwilling to fulfill their responsibility to uphold the laws?