It’s now been over a year since Edward Snowden, the most famous IT contractor in intelligence history, defected to Moscow. This blog has followed the twists and turns of this remarkable case in detail, particularly in its counterintelligence aspects, but one of the most vexing and important issues remains undefined. Namely, how much damage to U.S. and Allied intelligence and security did Snowden’s unprecedented theft of classified materials actually do?
The National Security Agency and others have been involved in developing a damage assessment virtually from the moment the story broke; it’s what intelligence services do when they have a defector or compromise, since it’s vital to understand what programs have been damaged or lost. Snowden’s theft was so vast — perhaps “only” 1.5 million purloined documents rather than the 1.7 million previously suggested — that it will take years for the Intelligence Community (IC) to assess what damage has actually been wrought here. Moreover, it may be impossible to ever fully answer that question in detail, particularly if Snowden stays in Moscow, which he shows every sign of doing. The damage here stretches across so many agencies of the IC and the whole Department of Defense that this will be truly the mother of all damage assessments, and it is to be hoped that the public will allowed access to some sort of unclassified version of it, even if only a summary, to understand what the Snowden Operation has done to the security of the United States and its allies.
As a political effort, the international propaganda campaign against NSA that is driven by the Snowden documents has failed to shut down the Agency, which continues to do its mission with only modest changes, as this blog predicted months ago. Nevertheless, it’s obvious to anyone acquainted with intelligence that the operational and strategic damage to NSA and the IC, in particular to its international partnerships that are so vital to Western security, is vast and unprecedented. There has never been a compromise like this, or even close, in the annals of espionage, dwarfing even the famous case of the KGB’s Vasily Mitrokhin.
It is therefore surprising to hear recent statements from NSA and IC leadership that the current crisis just isn’t all that bad. Admiral Mike Rogers, NSA’s new director, has stated that the Snowden damage is “manageable” while making it clear that from where he sits, the “sky isn’t falling.” James Clapper, our Director of National Intelligence, has similarly observed that the damage caused by Snowden is not as great as he and the IC had initially believed.
There are undoubtedly audiences who wish to hear this good news, and one cannot fault leaders who try to shore up flagging morale in a crisis. There can be no doubt that NSA morale today is at its lowest ebb ever, with a workforce dealing with the damage on a day-to-day basis while worrying about a security overreaction to the Snowden disaster, which is what the IC usually does in the wake of this sort of lapse. There are numerous allies, close intelligence partners, who want to be told that all is well, that NSA is as effective as ever and has brushed off the Snowden case in record time — and that it won’t happen again.
Unfortunately, this is not true. It is difficult to reconcile statements from Rogers and Clapper with ones previously made by General Keith Alexander, the former NSA director (“What Snowden has revealed has caused irreversible and significant damage to our country and to our allies.”) or by Lieutenant General Mike Flynn, the former DIA director (“this has caused grave damage to our national security”), who added that the wreckage goes far beyond the IC, and has serious and disturbing implications for the Pentagon and the U.S. armed forces too. The unclassified version of DIA’s damage assessment describes Snowden’s impact as “staggering.”
Key allies have been even more frank. Andrew Parker, head of the British Security Service (MI5), stated that the Snowden-caused leaks from GCHQ, NSA’s British partner, “hands the advantage to the terrorists. It is the gift they need to evade us and strike at will,” a view that was endorsed by Prime Minister David Cameron. Comments by Paul Taloni, director of the Australian Signals Directorate, NSA’s partner Down Under, were even more detailed: “Snowden has effectively informed Indonesia and PNG’s military that Australia knows how to decrypt their comms … They will immediately change them as a result, which will directly impact on Australia’s ability to minimize future threats.”
Dr. Taloni notes an important point, namely that letting targets know they are being listened to usually means that they change how they communicate, and access is lost, often for an extended period, and sometimes forever. Thus is intelligence diminished. Unlike the world of human intelligence (HUMINT), where even a major setback means a human source, or several, are compromised, in the arena of signals intelligence (SIGINT), a compromise can shut down a vast array of collection programs and effectively render you deaf against whole countries. Given the unprecedented extent of the Snowden compromise, it would be foolish to assume that the SIGINT losses it has engendered are not commensurately vast.
It needs to be noted that NSA has a long history of avoiding unpleasant truths in cases of defection and betrayal. The Agency had little to say publicly about the case of William Martin and Bernon Mitchell, two disgruntled analysts who defected to Moscow in 1960, while noting internally, in language that seems apt today as well, that the men possessed “greatly inflated opinions concerning their intellectual attainments and talents” and defected to satisfy social aspirations. The Agency was similarly tight-lipped three years later about the case of Jack Dunlap, an Army sergeant assigned to NSA — for a time he was the director’s driver — who passed classified materials to the Soviets in exchange for cash; as Dunlap committed suicide before he was convicted of anything, he is buried in Arlington National Cemetery.
Perhaps the most relevant case is that of William Weisband, who is the only case in NSA history that compares with Snowden in terms of damage to U.S. and Allied SIGINT. As I’ve explained before, Weisband was a longtime Soviet spy and mole inside U.S. intelligence who compromised everything he could get his hands on, including BOURBON, the top secret American-British program that listened in on high-level Soviet communications, which “went dark” in 1948 after Weisband told Moscow about it. He also told them about VENONA, the extraordinarily compartmented program that decrypted Soviet intelligence communications; thanks to Weisband, the Kremlin knew about VENONA several years before President Harry Truman was briefed on it. In short, Weisband practically shut down Western SIGINT against the Soviet Union at the dawn of the Cold War, when it was most needed, and that damage lasted for years and cost lives.
NSA’s reaction to the case was revealing. In the first place, there was no NSA when Weisband was arrested in 1950, when another Soviet spy, revealed by VENONA, fingered Weisband, who was then working in the heart of the SIGINT system, as his Soviet intelligence handler back in the early 1940s. Weisband was a Russian linguist (it was his native tongue) for the Armed Forces Security Agency (AFSA), NSA’s direct predecessor, where security was somewhat slipshod. Weisband should have been caught earlier, his efforts to hide his betrayal were hardly impressive, but nobody was paying attention.
Seeking to cover up this epic disaster, which AFSA leadership had been quietly expecting ever since BOURBON was suddenly and inexplicably lost two years before, U.S. intelligence clammed up. Nobody wanted to admit that our SIGINT system had been penetrated, and in the climate of the time, Washington, DC, didn’t even want to state publicly that it had an agency that was breaking foreign codes. Weisband was allowed to slip away without comment.
He did a year in Federal prison for the obscure crime of lying to a grand jury about his secret Communist affiliations, and was never charged with anything relating to espionage. He continued his life, becoming an insurance salesman in Northern Virginia, dying of a heart attack in 1967 (ironically, just at the time the KGB wanted to give him a bag of cash to help out the “old master” who had done so much for the Soviet Union). There was not a peep to the American public about what Weisband had done.
Internally, it was obvious that the damage was so serious that it must never happen again. Part of the problem was that AFSA was not really a unified agency, rather an amalgam of preexisting Army, Navy, and Air Force SIGINT services; in particular, it lacked any unified security and counterintelligence program. President Truman ordered the establishment of a committee led by the New York attorney George Brownell to look into improving the flawed AFSA model. Their recommendation was the establishment of a fully unified cryptologic unit, under the Department of Defense, with a single security effort to prevent future moles. Thus was the National Security Agency born in November 1952.
After that, NSA pretty much forgot about Weisband. His co-workers were told to never discuss the case with anybody. For decades, he simply did not exist; he was not even mentioned in internal Agency security briefings, and most counterintelligence officials at NSA possessed only a vague awareness of the Weisband affair, so total was the amnesia. That only began to change in the mid-1990s, when NSA and CIA jointly declassified the remarkable VENONA story, in which Bill Weisband had played a sordid part. Only a half-century after his betrayal did the American public learn about what Weisband had done, and it was not until 2003 that NSA officials offered a full, unclassified look at the case to the public, revealing long-suppressed details about what the traitor had done, and why.
It’s natural for the leaders of secret agencies to want to keep their disasters hidden. Deep down, all spy services want to be like surgeons who bury their mistakes. Yet this is an unhealthy impulse that must be resisted. NSA will not prevent another Snowden if the Agency does not honestly assess exactly what happened here. Moreover, the public has a right to know the actual story, at least in outline, while our allies deserve better than happy-talk. It is at best odd that IC leadership seems content to pronounce the case not so big a deal when, in fact, it has been enormously painful for the Western diplomats from many countries who have had to contend with the considerable problems caused by the Snowden Operation, to say nothing of the numerous American firms that have lost business, including huge contracts, thanks to this affair.
NSA and U.S. intelligence won’t be getting past the damage wrought by Edward Snowden and his partners for many years, and neither will Western diplomacy and the many businesspeople who did nothing to deserve the loss of income they are now facing, and may be for a long time. It would be wise of senior U.S. Government officials to keep this in mind. Moreover, it’s best to face the painful truth now, because the full story of this debacle will come out eventually. It always does.
[As always, the author’s comments are his own entirely.]