RSN Fundraising Banner
FB Share
Email This Page
add comment

Risen writes: "The US intelligence community has been conducting a top-secret operation to recover stolen classified U.S. government documents from Russian operatives, according to sources familiar with the matter. The operation has also inadvertently yielded a cache of documents purporting to relate to Donald Trump and Russian meddling in the 2016 presidential election."

Red Square in Moscow, Russia. (photo: AfricaPatagonia)
Red Square in Moscow, Russia. (photo: AfricaPatagonia)

US Secretly Negotiated With Russians to Buy Stolen NSA Documents and Trump-Related Material

By James Risen, The Intercept

10 February 18


he United States intelligence community has been conducting a top-secret operation to recover stolen classified U.S. government documents from Russian operatives, according to sources familiar with the matter. The operation has also inadvertently yielded a cache of documents purporting to relate to Donald Trump and Russian meddling in the 2016 presidential election.

Over the past year, American intelligence officials have opened a secret communications channel with the Russian operatives, who have been seeking to sell both Trump-related materials and documents stolen from the National Security Agency and obtained by Russian intelligence, according to people involved with the matter and other documentary evidence. The channel started developing in early 2017, when American and Russian intermediaries began meeting in Germany. Eventually, a Russian intermediary, apparently representing some elements of the Russian intelligence community, agreed to a deal to sell stolen NSA documents back to the U.S. while also seeking to include Trump-related materials in the package.

The CIA declined to comment on the operation. The NSA did not immediately respond to a request for comment.

The secret U.S. intelligence channel with the Russians is separate from efforts by former British intelligence officer Christopher Steele to obtain information about Trump and his ties with Russia. Steele worked with Fusion GPS, an American private investigations firm that was first hired by Republican and later Democratic opponents of Trump to dig up information on him during the 2016 campaign.

By contrast, the more recent secret negotiations began after Trump’s election and have been conducted by U.S. intelligence officials working with intermediaries who mainly operate in Europe. When American intelligence officials initiated efforts to broker a communications channel in 2017, however, their primary objective was to recover stolen NSA documents, not to obtain material about Trump.

At the time, the NSA was desperate to recover documents that intelligence officials believed Russia had obtained through a mysterious group known as the Shadow Brokers. The group stole highly secret NSA hacking tools and began releasing them on the internet in the summer of 2016. The Shadow Brokers theft of the hacking tools devastated morale at the NSA, putting its custom-built offensive cyber weapons out in the open. It was as if a bioweapons laboratory had lost some of its most deadly and dangerous viruses. U.S. officials wanted to identify which NSA documents the Shadow Brokers had stolen, so they could determine how badly the agency had been damaged by the theft.

But once the communications channel opened, the Russians on the other side offered to sell documents related to Trump along with the stolen NSA documents.

A Russian who has been acting as a go-between for other Russians with access to Russian government materials has sought payment for the materials he is offering. In an extensive interview with The Intercept in Germany, the Russian intermediary provided detailed information about the channel. When contacted by The Intercept for this story, the American intermediary declined to comment.

Even many involved in the secret communications channel between U.S. intelligence and the Russians are said to be uncertain about what is really going on with the operation. Recently, the Russians have been seeking to provide documents said to be related to Trump officials and Russian meddling in the 2016 campaign, including some purloined FBI reports and banking records. It is not clear whether those documents are in possession of American officials. It is also unclear whether the secret channel has helped the U.S. recover significant amounts of data from the NSA documents believed to have been stolen by the Shadow Brokers.

Further, it is not known whether the Russians involved in the channel are acting on their own or have been authorized by the Russian government to try to sell the materials to the United States. As a result, the Americans are uncertain whether the Russians involved are part of a disinformation campaign orchestrated by Moscow, either to discredit Trump or to discredit efforts by American officials investigating Trump’s possible ties to Russia, including Special Counsel Robert Mueller.

The existence of the off-the-books communications channel, which has been a closely guarded secret within the U.S. intelligence community, has been highly controversial among those officials who know about it, and has begun to cause rifts between officials at the CIA and the NSA who have been involved with it at various times over the past year.

The CIA, which is now headed by a Trump loyalist, CIA Director Mike Pompeo, has at times been reluctant to stay involved in the operation, apparently for fear of obtaining the Trump-related material offered by the Russians, according to sources close to the negotiations. In the period in which the communications channel has been open, CIA officials are said to have repeatedly changed their views about it. They have sometimes expressed interest, only to later back away from any involvement with the channel and the intermediaries. At some points, the CIA has been serious enough about buying materials through the channel that agency officials said they had transported cash to the CIA’s station in Berlin to complete the transaction. But at other points, agency officials backed off and shut down their communications. Some people involved with the channel believe that the CIA has grown so heavily politicized under Pompeo that officials there have become fearful of taking possession of any materials that might be considered damaging to Trump.

The CIA’s wariness shows that the reality within the U.S. intelligence community is a far cry from the right-wing conspiracy theory that a “deep state” is working against Trump. Instead, the agency’s behavior seems to indicate that U.S. intelligence officials are torn about whether to conduct any operations at all that might aid Mueller’s ongoing investigation into whether Trump or his aides colluded with Russia to win the 2016 presidential election.

Many intelligence officials are reluctant to get involved with anything related to the Trump-Russia case for fear of blowback from Trump himself, who might seek revenge by firing senior officials and wreaking havoc on their agencies. For example, Dan Coats, the director of national intelligence and thus the man supposedly in charge of the entire U.S. intelligence community, has said he does not see it as his role to push for an aggressive Trump-Russia investigation, according to a source familiar with the matter.

Because of the CIA’s reluctance to take an aggressive role, officials at the NSA have taken the lead on the communications channel, with a primary focus on recovering their own stolen documents. They have viewed the Trump-related material as an annoying sidelight, even as they understand that it is potentially the most explosive material to have come through the channel.

The channel has been operating in the shadows even as Mueller’s investigation has been basking in the spotlight. Last year, three former Trump campaign officials faced charges as part of Mueller’s investigation, and the special counsel continues to investigate both possible collusion between the Trump campaign and Russia and evidence of efforts by Trump or others close to him to obstruct justice in the Mueller probe.

Over the past year, those involved with the secret communications channel have experienced a series of dramatic highs and lows. Until recently, it wasn’t clear whether the conversations would produce any materials about Trump or lead to the recovery of any NSA documents.

It took months of meetings and negotiations between American and Russian intermediaries to try to determine what documents might be available from the Russians – and at what price. Inconsistent interest in the channel by U.S. intelligence officials, particularly at the CIA, complicated the negotiations.

According to documents obtained by The Intercept that summarize much of the channel’s history, a key American intermediary with the Russians was first approached by U.S. intelligence officials in late December 2016. The officials asked him to help them recover NSA documents believed to have been stolen by the Shadow Brokers.

The American was able to identify a hacker in Germany who claimed to have access to some of the stolen data believed to be held by the Shadow Brokers, and who accurately provided advance notice of several Shadow Broker data releases. The hacker’s cooperation with the U.S. intelligence community broke down over his demands for full immunity from U.S. prosecution for his hacking activities — negotiations that failed largely because the hacker refused to provide his full personal identification to the Americans.

Eventually, the relationship with the hacker in Germany led the Americans to begin talks with a Russian who became a key intermediary in the channel. The Russian is believed to have ties to officials in Russian intelligence.

In March 2017, the Russian met with the American intermediary and a U.S. official in Berlin and agreed to provide the stolen NSA data from the Shadow Brokers in exchange for payment. The U.S. government used “certain messaging techniques” that the Russian accepted as proof that the U.S. government was behind the negotiations and the proposed deal, according to the documents obtained by The Intercept.

Officials gave the Russians advance knowledge that on June 20, 2017, at 12:30 p.m., the official NSA Twitter account would tweet: “Samuel Morse patented the telegraph 177 years ago. Did you know you can still send telegrams? Faster than post & pay only if it’s delivered.”

That tweet, in exactly those words, was issued at that time.

The NSA used that messaging technique repeatedly over the following months, each time officials wanted to communicate with the Russians or reassure them that the U.S. was still supporting the channel. Each time, the Russians were told the text of the tweets in advance and the exact time they would be released. Each tweet looked completely benign but was in fact a message to the Russians.

On August 17, 2017, officials communicated with the Russians by having the NSA account issue a tweet saying:“The 1st telegraph communications exchange occurred between Queen Victoria and President Buchanan in 1858.”

In October, 2017, officials communicated again with the Russians when the NSA tweeted:“This week in history, Robert Lamphere began working on the Verona program in 1948.”

That same month, officials gave the Russians early notice that the NSA account would tweet:“Can you help Kandice the Kangaroo save her baby Jory in this month’s #PuzzlePeriodical?”

In early November, three NSA tweets were part of the communications channel. One said:“#NSA inducts 5 #CryptologicPioneers into the Cryptologic Hall of Honor. Learn more about their distinguished service.” Another stated: “People are our greatest assets. The #NSA workforce makes 65 years of service possible #NSA65.” And a third:“23,725 days, 31,164,000 min. 2,049,840,000 sec and counting…At #NSA the mission never sleeps. #NSA65.”

Later that month, a message was sent to the Russians when the NSA account tweeted:“The ADONIS cipher machine replaced WWI-era SIGABA machine. It was one of the first machines to print on-the-fly.”

And in December, the NSA gave advance warning to the Russians that its official account would tweet:“Section 702 is a law that can also be a lifesaver. Take a look at how #Section 702 protects troops and helps the nation.”

But the channel broke down several times, often over disagreements between the U.S. and the Russians about how money would be exchanged and what data was to be received. In May 2017, U.S. officials were upset that the first tranche of data they received contained files already known to have been stolen because they had already been released by the Shadow Brokers. But the Russian intermediary continued to insist that he could provide data held by the Shadow Brokers, as well as materials related to Trump officials and Russian activity in the 2016 campaign. Throughout 2017, the U.S. officials sought to limit the scope of their investigation to data stolen by the Shadow Brokers, leaving aside the materials related to Trump. U.S. officials also began to wonder whether the Russian intermediary was part of a so-called dangle operation involving Russian disinformation.

But by last fall, the Russian began passing information to the American intermediary that was unrelated to the Shadow Brokers, including the names of specific individuals and corporate entities allegedly tied to Russian interference in the 2016 U.S. election. The American intermediary turned the information over to U.S. intelligence for the purpose of determining the Russian’s credibility. U.S. intelligence officials continued to stress that they were only interested in recovering stolen U.S. data. Still, it was understood that if the Russian provided material related to Trump, the American intermediary would debrief U.S. officials on its content.

In December 2017, the Russian turned over documents and files, some of them in Russian. The documents appeared to include FBI investigative reports, financial records, and other materials related to Trump officials and the 2016 campaign.

“The information was vetted and ultimately determined that while a significant part of it was accurate and verifiable, other parts of the data were impossible to verify and could be controversial,” the documents obtained by The Intercept state. It is not clear who vetted the material.

At a meeting last month in Spain, the Russian told the American intermediary of his desire to move forward with the delivery of the Shadow Brokers data, as well as material related to the 2016 election. The American questioned him on the credibility of his data and told him the data he was providing on Trump officials and election activities was “unsolicited.” The Russian also expressed interest in giving the material to media outlets, which the American told the Russian he found “disconcerting.”

The Russian told the American that he had first become aware of Russian efforts targeting U.S. political activities in late 2014 or early 2015, according to the documents reviewed by The Intercept. The Russian stated that he had no knowledge of a “master plan” to cause major disruption to U.S. election activities, but the effort was generally understood as a “green light” from Russian security officials to enlist cyber-related groups in probing and harassing activities directed at U.S. targets. your social media marketing partner


A note of caution regarding our comment sections:

For months a stream of media reports have warned of coordinated propaganda efforts targeting political websites based in the U.S., particularly in the run-up to the 2016 presidential election.

We too were alarmed at the patterns we were, and still are, seeing. It is clear that the provocateurs are far more savvy, disciplined, and purposeful than anything we have ever experienced before.

It is also clear that we still have elements of the same activity in our article discussion forums at this time.

We have hosted and encouraged reader expression since the turn of the century. The comments of our readers are the most vibrant, best-used interactive feature at Reader Supported News. Accordingly, we are strongly resistant to interrupting those services.

It is, however, important to note that in all likelihood hardened operatives are attempting to shape the dialog our community seeks to engage in.

Adapt and overcome.

Marc Ash
Founder, Reader Supported News

-3 # Depressionborn 2018-02-10 21:01
clearly it is not clear. Meant to be? Or code speak. May have something to do with the mid east. Impossible to say except, "really".
+2 # Depressionborn 2018-02-10 21:06
OMG "The New York Times reported in a bombshell report on Friday the Central Intelligence Agency agreed to pay a shady Russian operative with ties to Russian intelligence agencies $1 million for promising to return stolen National Security Agency cyber-weapons and 'deliver dirt on President Donald Trump'."

looks like cover your backside with confusuion
+3 # j2hess 2018-02-10 22:44
I'm not sure what I think of the operation revealed here. It seems a bit sensitive - which leads me to wonder who revealed it, and why. It seems to be someone with an agenda. Risen doesn't include anything about this in his report, which means he is acting as a tool in supporting an anonymous someone's agenda. What is his motive?
-1 # Robbee 2018-02-11 18:28
Quoting j2hess:
I'm not sure what I think of the operation revealed here. It seems a bit sensitive - which leads me to wonder who revealed it, and why. It seems to be someone with an agenda. Risen doesn't include anything about this in his report, which means he is acting as a tool in supporting an anonymous someone's agenda. What is his motive?

- apt question! - see my answer below, thanks!
+2 # Michaeljohn 2018-02-10 23:08
The real story is that the Russian's are trying to help Trump get rid of Mueller nd the investigation. The CIA and NSA have been suckered big time.
First the shadowbrokers heist and then offering supposedly 'damaging material' on Trump and Russian interference in the election, looking for the intel guys to jump on it. How anyone could be so stupid as to believe they were getting their stolen cybertools back and no one had multiple copies of same says CIA and NSA should be shut down and a real National Security Agency built from the ground up.
Time to get rid of CIA rogue black ops and any covert activity.
+6 # jackdresser 2018-02-11 00:55
Whatever the source of data from Hillary's unsecured State Dep't online browsing library, whether from Gucifer, Snowden, the Russians or the Easter Bunny, I'm very grateful for the information Americans needed and had a right to know about their presidential candidate. If our press was doing its constitutionall y protected job, we wouldn't need to rely upon obscure and random sources.

And as for foreign "interference" in our elections, let's investigate Israel - at every level of our gov't!
+1 # LionMousePudding 2018-02-11 04:20
I am all for sunlight, but publishing code phrases from a top secret investigation that may lead to a benefit, unusually, to the people, seems pretty irresponsible. So now everyone knows that strange tweets mean we are signaling the Russians. Very helpful.

What is most important to me here is the fear the CIA has of Trump. If they are afraid of him, who's left?
+2 # windrider 2018-02-11 08:48
I'm puzzled by this story. Buy back stolen documents?? I guess the Russians don't possess copy machines.
-1 # Robbee 2018-02-11 18:20
Quoting windrider 2018-02-11 08:48:
I'm puzzled by this story. Buy back stolen documents? I guess the Russians don't possess copy machines.

- the point of blackmail is that nsa trusts blackmailers not to publish their copy to others

first the nsa communicates with german hackers

now nsa communicates thru russian operatives presumably controlled directly by putin, who doesn't need our lunch money, only wants our lunch

robbee says putin is making monkeys out of nsa and cia - his end goal is to make a monkey out of fbi, too, and then reelect dickhead, his cute, little, american puppet

this is putin's game - putin can't lose - putin won this game before he began play, long ago gathering disgusting dirt on dickhead - so long as we play, putin keeps winning - the only issue is HOW BIG? will putin win in the end? will our fbi swallow bad bait putin trolls out?

the fact that the intercept got hold of this story is best evidence that fbis smelled bad bait - so now putin leaks that nsa and cia are negotiating to buy dirt on dickhead, to win what he can out of nsa's failed bid to pay blackmail for hacked docs!

again note that "the point of blackmail is that the blackmailee trusts blackmailers not to publish their copy to others" - anytime he wants, putin is free to "publish to others (german msm?)" his dirt on dickhead! - but then, by doing so, putin loses his power to extract anymore favors from dickhead - whatever he wants!

pass the popcorn!
+1 # Texas Aggie 2018-02-11 20:46
The idea is to find out how much was stolen to get an idea of what they don't have. They are under no delusions that getting copies is going to delete the originals in the Russian data bases.
+11 # franpryor 2018-02-11 08:56
Wouldn't it be much simpler to return to the good old paper ballot that is used by many other countries. Then we would only need worry about who is counting the ballots. If one's bank account can be easily hacked, why not one's vote. Sometimes the old ways are still the best.
-1 # Krackonis 2018-02-11 11:21
Clearly you are reading another piece.... Very interesting that now two different sources links Russia and Trump. Not including all their business dealings (money laundering) of course.
+1 # chapdrum 2018-02-11 19:51
Anyone who has read Risen's book "State of War: The Secret History of the CIA and the Bush Administration (2006)" knows of his integrity as a journalist.
+1 # DongiC 2018-02-13 04:06
The plot thickens. Looks like Putin has Trump right in the cross-hairs and he (Putin) by merely releasing information on the charge of receiving aid from the Russians in 2016, can blow the Orange Giant right out of the water.

Look for America's great leader to be even more supporitive of Russian policies regarding Syria and the elimination of sanctions because of Russia's involvement with Ukraine and the retaking of Crimea and the big naval base at Sebastipol

Sure, the CIA is scared with Trump supporter, Pompeio as its leader. Another mess, a big one, in the making thanks to DJT. I thought his forte was cleaniong up messes not making new ones.

THE NEW STREAMLINED RSN LOGIN PROCESS: Register once, then login and you are ready to comment. All you need is a Username and a Password of your choosing and you are free to comment whenever you like! Welcome to the Reader Supported News community.