The Intercept Profits and Burns its Own Whistleblower

There’s a twin problem with the pseudo-patriots in America today, i.e. pseudo-alternative media. Tracing his roots from The Guardian, Gleen Glenwald gained popularity when the NSA whistleblower Ed Snowden gave him and other mainstream journalists the Scoop of the Century, i.e. NSA massive surveillance.

Profiting heavily from the Edward Snowden NSA leak, the overlords at the pseudo alternative media The Intercept, which have made it a big business luring would be whistleblowers to leak everything they know through its own platform and enjoy subsequent stardom, has done it again. It burns its own leaker just so it could prove Russia is really hacking the US agencies with another worldwide exclusive release.

Russian military intelligence executed a cyberattack on at least one U.S. voting software supplier and sent spear-phishing emails to more than 100 local election officials just days before last November’s presidential election, according to a highly classified intelligence report obtained by The Intercept.

The top-secret National Security Agency document, which was provided anonymously to The Intercept and independently authenticated, analyzes intelligence very recently acquired by the agency about a months-long Russian intelligence cyber effort against elements of the U.S. election and voting infrastructure. The report, dated May 5, 2017, is the most detailed U.S. government account of Russian interference in the election that has yet come to light.

While the document provides a rare window into the NSA’s understanding of the mechanics of Russian hacking, it does not show the underlying “raw” intelligence on which the analysis is based. A U.S. intelligence officer who declined to be identified cautioned against drawing too big a conclusion from the document because a single analysis is not necessarily definitive.

There are only two key phrases which any investigator would like to focus on from the above Intercept article:

  • A U.S. intelligence officer…”, and;
  • “… a single analysis is not necessarily definitive.”

.. and the specific intelligence officer, which is sometimes called an intelligence analyst, is identified because there is only one specific person assigned to a specific task, which in turn is a security measure by itself.

But despite the “not necessarily definitive” clause which the NSA intelligence analyst has arrived at, the Intercept went on and published the leaked NSA document because it mentioned about Russian hacking, to the detriment of its source.

The Intercept article continues:

The report indicates that Russian hacking may have penetrated further into U.S. voting systems than was previously understood. It states unequivocally in its summary statement that it was Russian military intelligence, specifically the Russian General Staff Main Intelligence Directorate, or GRU, that conducted the cyber attacks described in the document:

Russian General Staff Main Intelligence Directorate actors … executed cyber espionage operations against a named U.S. company in August 2016, evidently to obtain information on elections-related software and hardware solutions. … The actors likely used data obtained from that operation to … launch a voter registration-themed spear-phishing campaign targeting U.S. local government organizations.

This NSA summary judgment is sharply at odds with Russian President Vladimir Putin’s denial last week that Russia had interfered in foreign elections: “We never engaged in that on a state level, and have no intention of doing so.” Putin, who had previously issued blanket denials that any such Russian meddling occurred, for the first time floated the possibility that freelance Russian hackers with “patriotic leanings” may have been responsible. The NSA report, on the contrary, displays no doubt that the cyber assault was carried out by the GRU.

We are not saying here that there are no Russian hackers, government employed or civilians, who are doing these activities because all governments that are currently engaged in a hybrid war against each other actually do. But it is only the NATO member states, and other Khazarian alliances, which are proven to be spying on each other.

There is also a big difference between snooping and hacking. Monitoring and tampering of data like what the Deep State operatives did to a Qatari website is more aggressive. The Russians did not manipulate the results of last year’s presidential election, like Google did with its Clinton-biased search results.

In fact, some of these “patriot” hackers have leaked about the preparatory manipulations done by Soros affiliated electoral systems prior to the said election, and it did not take a Russian hacker to inform the world what had actually occurred within the DNC camp to the detriment of the Bernie Sanders’ campaign.

The Intercept is working closely with its twin platform, Democracy Now, and with its sister site Rappler in the Philippines, in spreading dangerous leaks,

… just so it could live up to its name, The Intercept.

But not for long…

Do Not Trust The Intercept or How To Burn A Source

Moon of Alabama | June 06, 2017

Yesterday The Intercept published a leaked five page NSA analysis about alleged Russian interference in the 2016 U.S. elections. Its reporting outed the leaker of the NSA documents. That person, R.L. Winner, has now been arrested and is likely to be jailed for years if not for the rest of her life.

Intercepted source - R.L. Winner
Intercepted source – R.L. Winner

FBI search (pdf) and arrest warrant (pdf) applications unveil irresponsible behavior by the Intercept‘s reporters and editors which neglected all operational security trade-craft that might have prevented the revealing of the source. It leaves one scratching one’s head if this was intentional or just sheer incompetence. Either way – the incident confirms what skeptics had long determined: The Intercept is not a trustworthy outlet for leaking state secrets of public interests.

The Intercept was created to privatize the National Security Agency documents leaked by NSA contractor Edward Snowden. The documents proved that the NSA is hacking and copying nearly all electronic communication on this planet, that it was breaking laws that prohibited spying on U.S. citizen and that it sabotages on a large scale various kinds of commercial electronic equipment. Snowden gave copies of the NSA documents to a small number of journalists. One of them was Glenn Greenwald who now works at The Intercept. Only some 5% of the pages Snowden allegedly acquired and gave to reporters have been published. We have no idea what the unpublished pages would provide.

The Intercept, a subdivision of First Look Media, was founded by Pierre Omidyar, a major owner of the auctioning site eBay and its PayPal banking division. Omidyar is a billionaire and “philanthropist” who’s (tax avoiding) Omidyar Network foundation is “investing” for “returns”. Its microcredit project for farmers in India, in cooperation with people from the fascists RSS party, ended in an epidemic of suicides when the farmers were unable to pay back. The Omidyar Network also funded (fascist) regime change groups in Ukraine in cooperation with USAID. Omidyar had cozy relations with the Obama White House. Some of the held back NSA documents likely implicate Omidyar’s PayPal.

The Intercept was funded with some $50 million from Omidyar. Its first hires were Greenwald, Jeremy Scahill and Laura Poitras – all involved in publishing the Snowden papers and other leaks. Its first piece was based on documents from the leaked NSA stack. It has since published on this or that but not in a regular media way.  The Intercept pieces are usually heavily editorialized and tend to have a mainstream “liberal” to libertarian slant. Some were highly partisan anti-Syrian/pro-regime change propaganda. The website seems to have no regular publishing schedule at all. Between one and five piece per day get pushed out, only a few of them make public waves. Some of its later prominent hires (Ken Silverstein, Matt Taibbi) soon left and alleged that the place was run in a chaotic atmosphere and with improper and highly politicized editing. Despite its rich backing and allegedly high pay for its main journalists (Greenwald is said to receive between 250k and 1 million per year) the Intercept is begging for reader donations.

Yesterday’s published story (with bylines of four(!) reporters) begins:

Russian military intelligence executed a cyberattack on at least one U.S. voting software supplier and sent spear-phishing emails to more than 100 local election officials just days before last November’s presidential election, according to a highly classified intelligence report obtained by The Intercept.

The NSA “intelligence report” the Intercept publishes alongside the piece does NOT show that “Russian military intelligence executed a cyberattack“. The document speaks of “cyber espionage operations” – i.e someone looked and maybe copied data but did not manipulate anything. Espionage via computer networks is something every nation in this world (and various private entities) do all the time. It is simply the collection of information. It is different from a “cyberattack” like Stuxnet which are intended to create large damage,

The “attack” by someone was standard spearfishing and some visual basic scripts to gain access to accounts of local election officials. Thee is no proof that any account was compromised. Any minor criminal hacker uses similar means. No damage is mentioned in the NSA analysis. The elections were not compromised by this operation. The document notes explicitly (p.5) that the operation used some techniques that distinguish it from other known Russian military intelligence operations. It was probably -if at all- done by someone else.

The reporters note that the document does not provide any raw intelligence. It is an analysis based on totally unknown material. It does not include any evidence for the claims it makes. The Intercept piece describes how the document was received and “verified”:

The top-secret National Security Agency document, which was provided anonymously to The Intercept and independently authenticated, …

The NSA and the Office of the Director of National Intelligence were both contacted for this article. Officials requested that we not publish or report on the top secret document and declined to comment on it. When informed that we intended to go ahead with this story, the NSA requested a number of redactions. The Intercept agreed to some of the redaction requests.

The piece quotes at length the well known cyber security expert Bruce Schneier. It neglects to reveal that Schneier is a major partisan for Clinton who very early on, in July 2016, jumped on her “Russia hacked the Democratic National Council” claim for which there is still no evidence whatsoever.

The Intercept story was published on June 5. On June 3 the FBI already received a search warrant (pdf) by the U.S. District court of southern Georgia for the home, car and computers of one Reality Leigh Winner, a 25 year old former military language specialist (Pashto, Dari, Farsi) who worked for a government contractor. In its application for the warrant the FBI asserted:

  1. On or about May 24, 2017, a reporter for the News Outlet (the “Reporter”) contacted another U.S. Government Agency affiliate with whom he has a prior relationship. This individual works for a contractor for the U.S. Government (the “Contractor”). The Reporter contacted the Contractor via text message and asked him to review certain documents. The Reporter told the Contractor that the Reporter had received the documents through the mail, and they were postmarked “Augusta. Georgia.” WINNER resides in Augusta, Georgia. The Reporter believed that the documents were sent to him from someone working at the location where WINNER works. The Reporter took pictures of the documents and sent them to the Contractor. The Reporter asked the Contractor to determine the veracity of the documents. The Contractor informed the Reporter that he thought that the documents were fake. Nonetheless, the Contractor contacted the U.S. Government Agency on or about June 1, 2017, to inform the U.S. Government Agency of his interaction with the Reporter. Also on June I. 2017, the Reporter texted the Contractor and said that a U.S Government Agency official had verified that the document was real. …

To verify the leaked document the reporter contacted a person working for the government. He used insecure communication channels (SMS) that are known to be tapped. He provided additional meta-information about the leaker that was not necessary at all for the person asked to verify the documents.

It got worse:

  1. On June I, 2017, the FBI was notified by the U.S. Government Agency that the U.S. Government Agency had been contacted by the News Outlet on May 30, 2017, regarding an upcoming story. The News Outlet informed the U.S Government Agency that it was in possession of what it believed to be a classified document authored by the U.S Government Agency. The News Outlet provided the U.S. Government Agency with a copy of this document. Subsequent analysis by the U.S. Government Agency confirmed that the document in the News Outlet’s possession is intelligence reporting dated on or about May 5. 2017 (the “intelligence reporting”). This intelligence reporting is classified at the Top Secret level, … … 14. The U.S. Government Agency examined the document shared by the News Outlet and determined the pages of the intelligence reporting appeared to be folded and/or creased,suggesting they had been printed and hand-carried out of a secured space.
  2. The U.S. Government Agency conducted an internal audit to determine who accessed the intelligence reporting since its publication. The U.S. Government Agency determined that six individuals printed this reporting. These six individuals included WINNER. A further audit of the six individuals’ desk computers revealed that WINNER had e-mail contact with the News Outlet. The audit did not reveal that any of the other individuals had e-mail contact with the News Outlet.

The source that provided the document had no operational security at all. She printed the document on a government printer. All (color) printers and photo copiers print nearly invisible (yellow) patters on each page that allow to identify the printer used by its serial number. The source used email from her workplace to communicate. Ms. Winner is young, inexperienced and probably not very bright. (She is also said to be Clinton partisan.) She may not have known better.

But a reporter at The Intercept should know a bit or two about operational security. Sending (and publishing) the leaked documents as finely scanned PDF’s (which include (de) the printer code) to the NSA to let the NSA verify them was incredibly stupid. Typically one only summarize these or at least converts them into a neutral, none traceable form. Instead the reporters provided at several points and without any need the evidence that led to the unmasking of their source. Wikileaks is offering $10,000 for the exposure and firing of the person responsible for this.

It is also highly questionable why the Intercept contacted the NSA seven days(!) before publishing its piece. Giving the government such a long reaction time may lead to preemptive selective leaks by the government to other news outlets to defuse the not yet published damaging one. It may give the government time to delete evidence or to unveil leakers. The Intercept certainly knows this. It had been burned by such behavior when the National Counterterrorism Center spoiled an Intercept scoop by giving a polished version to the Associate Press. Back then the Intercept editor John Cook promised to give government agencies no longer than 30 minutes for future replies. In this case it gave the NSA seven days!

Besides the failure(?) of The Intercept there are other concerns to note.

  • Why has a 25 year old language specialist for Afghanistan access to Top Secret NSA analysis of espionage in the U.S. election? Where was the “need to know”?
  • Could this espionage -if it happened- have been part of a different plan by whomever? Consider:

More additional question are asked in this thread.

The lessons learned from this catastrophic -for the source- leak:

  • Start thinking of good op-sec before you think of leaking.
  • Computer access gets logged. Do not leave any suspicious (log) trace at your workplace (or anywhere else).
  • Do not provide any trace from your immediate workplace or any personal metadata with the leaked material.

And last but certainly not least:

  • Do not trust The Intercept.

Posted by b on June 6, 2017 at 06:09 AM | Permalink

5 thoughts on “The Intercept Profits and Burns its Own Whistleblower”

  1. The NSA “leak” has the markers of the comrade Comey fairy tale about “Russian hacking” of the 2016 US Presidential election, perhaps one element of the same convoluted lie. The lie will be traced to the owners of the MSM, who sponsored the attempted coup of the 2016 election by Hitlary Clinton(Bush Sr), the alias B.H.Obama, the DNC and its stooges in congress.
    Sponsorship of the subterfuge includes the Obama component in Germany, E.U. dictator Angela Merkel, German chancellor. To discover the identity of the owners of 96% of all western world media, search the internet on the phrase,
    tapnewswire com/2015/10/six

  2. Thank you. I was one of those that perhaps looked to the Intercept as possibly one of the beacons of truth in the new media, than this comes out. Human behavior is human behavior. We should never ever trust anyone when it comes down to the truth. We have to figure it out ourselves. I wonder what Snowden thinks about these people. Mind you, this has nothing to do with him. But these fools are hurting the whatever passes for the left media these days.

  3. Wicked people destroying all that is worthy and meaningful at a time when humanity is again at the crossroads— Our planet is ailing, but the people living on it are in general so confused and dare I say it– brainwashed and stupid that fewer and fewer actually show much reaction to anything anymore– awareness dimmed.

    How much taxpayer funds have already been spent on this dumb ass investigation, when actually everyday people hardly pay attention to it anymore– only the screwed up leaders they elected to waste their taxes on what will never be conclusively proven (cooked up from the outset) — because it never existed– was based on lies from the get go.

    Dear God! — The global rot is so pervasive that one reaches a point where realisation dawns that all the material being fed to us, is deliberate– done in such a way that it elicits a specific reaction or result. Was this poor young girl taking the fall because she was encouraged to pass on more falsified material– which she believed to be genuinely good deed serving her country? More behind this than meets the eye …

    Its all so heinously corrupt, that more and more, like many others, one gets completely stale with all this mind boggling nonsense!

    So for the last few days I have left off! Spent time outdoors– how gorgeous feeling the sun on my back and the breezes touching my face … enjoying the birdsong and the scents of late autumn flowers– allowing my eyes to laze on the snow white clouds hanging above the far flung hills… what rest for the mind these hills!– as permanent and peaceful as they always were… How lovely the walk in the late evening, when the dew freshly fallen, brings delicious smells rising from the earth.
    I recommend it– does wonders for a night of sound and dreamless sleep!

    After all, with utter madness a rapidly increasing illness afflicting western leaders, vainly trying to out-lie each other– how long will we still be able to enjoy any sense of peace or be here to enjoy it?

We do appreciate sensible comments...

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.