You are here

NSA leaks on Russian Election Hacking were an intelligence operation and everyone fell for it

Gerry Bello

On June 5th of this year the Intercept published a report that included leaked documents from the NSA, as the Intercept has done with Edward Snowden's leaks and others. The report detailed an alleged attempt by Russian intelligence to gain access to computers used for email purposes by an American manufacturer of election equipment. Later that same day, an NSA contract employee, former Senior Airwoman Reality Winner, was arrested for leaking to the media. She is being held without bail. Allegations have been made against the Intercept of both knowingly and unknowingly giving up their source. The actual leak proves exactly zero about Russian attempts at directly intervening in the 2016 General election. The whole story is actually a web of setups.

The attempt against VR Systems involved the targeting of login snatching software at seven of the company's employees. The company's security systems rejected three attempts outright. Three other employees did not fall for one of the oldest tricks in the book. One did and their email account was compromised.

The Intercept sent the documents to the NSA on May 30th for “verification.” The NSA arrested Reality Winner on June 3rd and announced her arrest on June 5th, hours after the Intercept's publication. The claim made by the intelligence agency was that there was a crease or fold on the documents, indicating they had been printed on a work site and transported by hand elsewhere. The claim was made that only six people had access to the document and of those six only Reality Winner had emailed the Intercept from her work computer.

This whole sorry affair is completely inconsistent with reality and the only winner is the NSA. The NSA got to place a fake news story about “Russian Election Hacking.” They got to ferret out an employee who would leak. They got to discredit the Intercept as a news source. The also got to ruin a young woman's life for their won amusement. Let us examine each point scored for the NSA.

VR systems does not make voting machines. The “elections equipment” they make is election management software and electronic poll books. They are a tiny player in the election equipment market. This author has written numerous articles on actual election hacking and is familiar with the capabilities and weakness of every major and most minor systems and manufacturers. This company has a very small market share of a segment of the overall market that is dominated by ES & S and Scytl, both of whom make systems with well documented vulnerabilities that have been published on. This company is not one Russian intelligence would target if they had used Google for an afternoon. One compromised email address at a tiny company does nothing to bring down a nationwide election system.

Had that single email login affected the entire company, and had it been used over time to penetrate all of VR system's electronic poll books, it would have lead to voter suppression not changed votes. The attack came of August 24th, 2016. The poll books had already been sold, been used and early and absentee voting had already happened. There would be no point to penetrating poll books that late in the game and the voter registration databases were being constantly updated. If such an attack were true, it would have been too little and too late.

VR systems has small market shares in Florida, North Carolina, Illinois, Indiana, California, New York and West Virginia. Of those states, only Florida, West Virginia, North Carolina and Indiana had Trump majorities. In that subset of four, only North Carolina was even close. One place out of all of those states, where VR systems is a bit player, that experienced widespread voter suppression was Indiana, and this was done openly by the State Police who answered to Pike Pence at the time. The other was North Carolina were bundles of voter registration forms were collected by GOP operatives, illegally held and then lost in a mysterious arson attack. Both also happened before this alleged Russian cyber attack occurred.

Reality Winner was quickly caught because the Intercept turned over the documents and only six people could have accessed them. This is a standard intelligence trick called a canary trap. It is an old trick. It is so old Tom Clancy wrote about it 20 years ago. It consists of circulating a document with false or misleading information with carefully worded text to a select few people and then using the selected text to catch the leaker from that subset based on quotes. Anybody who has waited in an airport in the last two decades knows this trick. That is anybody except Reality Winner and the reporters, Matthew Cole, Richard Esposito, Sam Biddle, Ryan Grim at the Intercept. All four of them are experienced journalists and two, Cole and Esposito, have prior experience reporting on the intelligence community. The Intercept has a secure drop, but it seems Reality Winner got caught because she emailed the Intercept from her work, which she should have known better than to do. If you are going to leak from the NSA, it is a bad idea to start that contact from inside the actual organization that actually reads your actual email.

Perhaps Reality Winner could be forgiven for the oversight. She had only worked there for less than four months before she leaked. Her background in intelligence was as a translator of Pashto, Dari, and Farsi which are Indo-Persian languages spoken in Afghanistan and Iran. Why was she one of the six people with top-secret intelligence on so-called “Russian Election Hacking?” She does not speak Russian, and does not work in that sector at all. The documents were on her desk because they were a deliberately set trap.

The NSA was testing the loyalty of a new contract employee. They were using false information to do it. In the course of catch their leak they provided fodder for a fake story they were trying to push. In the process of all that, they ruined the trust of a broad community of activists in four reporters and greatly diminished the standing of the Intercept in many people's eyes, including that of this author who is their colleague.