Americans tend to be a trusting lot. When they hear a high level government official, like former Director of National Intelligence Jim Clapper, state that Russia’s Vladimir ordered and monitored a Russian cyber attack on the 2016 Presidential election, those trusting souls believe him. For experienced intelligence professionals, who know how the process of gathering and analyzing intelligence works, they detect a troubling omission in Clapper’s presentation and, upon examining the so-called “Intelligence Community Assessment,” discover that document is a deceptive fraud. It lacks actual evidence that Putin and the Russians did what they are accused of doing. More troubling—and this is inside baseball—is the fact that two critical members of the Intelligence Community—the DIA and State INR—were not asked to coordinate/clear on the assessment.
You should not feel stupid if you do not understand or appreciate the last point. That is something only people who actually have produced a Community Assessment would understand. I need to take you behind the scenes and ensure you understand what is intelligence and how analysts assess and process that intelligence. Once you understand that then you will be able to see the flaws and inadequacies in the report released by Jim Clapper in January 2017.
The first thing you need to understand is the meaning of the term, the “Intelligence Community” aka IC. Comedians are not far off the mark in touting this phrase as the original oxymoron. On paper the IC currently is comprised of 17 agencies/departments:
- Air Force Intelligence,
- Army Intelligence,
- Central Intelligence Agency aka CIA,
- Coast Guard Intelligence,
- Defense Intelligence Agency aka DIA,
- Energy Department aka DOE,
- Homeland Security Department,
- State Department aka INR,
- Treasury Department,
- Drug Enforcement Administration aka DEA,
- Federal Bureau of Investigation aka FBI,
- Marine Corps Intelligence,
- National Geospatial Intelligence Agency aka NGIA or NGA,
- National Reconnaissance Office aka NRO,
- National Security Agency aka NSA,
- Navy Intelligence
- The Office of the Director of National Intelligence.
But not all of these are “national security” agencies—i.e., those that collect raw intelligence, which subsequently is packaged and distributed to other agencies on a need to know basis. Only six of these agencies take an active role in collecting raw foreign intelligence. The remainder are consumers of that intelligence product. In other words, the information does not originate with them. They are like a subscriber to the New York Times. They get the paper everyday and, based upon what they read, decide what is going on in their particular world. The gatherers of intelligence are:
- The CIA collects and disseminates intelligence from human sources, i.e., foreigners who have been recruited to spy for us.
- The DIA collects and disseminates intelligence on the activities and composition of foreign militaries and rely primarily on human sources but also collect documentary material.
- The State Department messages between the Secretary of State and the our embassies constitutes the intelligence reviewed and analyzed by other agencies.
- NGIA collects collects, analyzes, and distributes geospatial intelligence (GEOINT) in support of national security. NGA was known as the National Imagery and Mapping Agency (NIMA) until 2003. In other words, maps and photographs.
- NRO designs, builds, and operates the reconnaissance satellites of the U.S. federal government, and provides satellite intelligence to several government agencies, particularly signals intelligence (SIGINT) to the NSA, imagery intelligence (IMINT) to the NGA, and measurement and signature intelligence (MASINT) to the DIA.
- NSA analyzes signal intelligence, including phone conversations and emails.
Nine of the other agencies/departments are consumers. They do not collect and package original info. They are the passive recipients. The analysts in those agencies will base their conclusions on information generated by other agencies, principally the CIA and the NSA.
The astute among you, I am sure, will insist my list is deficient and will ask, “What about the FBI and DEA?” It is true that those two organizations produce a type of human intelligence—i.e., they recruit informants and those informants provide those agencies with information that the average person understandably would categorize as “intelligence.” But there is an important difference between human intelligence collected by the CIA and the human source intelligence gathered by the FBI or the DEA. The latter two are law enforcement agencies. No one from the CIA or the NSA has the power to arrest someone. The FBI and the DEA do.
Their authority as law enforcement agents, however, comes with limitations, especially in collecting so-called intelligence. The FBI and the DEA face egal constraints on what information they can collect and store. The FBI cannot decide on its own that skinheads represent a threat and then start gathering information identifying skinhead leaders. There has to be an allegation of criminal activity. When such “human” information is being gathered under the umbrella of law enforcement authorities, it is being handled as potential evidence that may be used to prosecute someone. This means that such information cannot be shared with anyone else, especially intelligence agencies like the CIA and the NSA.
The “17th” member of the IC is the Director of National Intelligence aka DNI. This agency was created in the wake of the September 11, 2001 terrorist attacks for the ostensible purpose of coordinating the activities and products of the IC. In theory it is the organization that is supposed to coordinate what the IC collects and the products the IC produces. Most objective observers would concede that the DNI has been a miserable failure and nothing more than a bureaucratic boondoggle.
An important, but little understood point, is that these agencies each have a different focus. They are not looking at the same things. In fact, most are highly specialized and narrowly focused. Take the Coast Guard, for instance. Their intelligence operations primarily hone in on maritime threats and activities in U.S. territorial waters, such as narcotic interdictions. They are not responsible for monitoring what the Russians are doing in the Black Sea and they have no significant expertise in the cyber activities of the Russian Army military intelligence organization aka the GRU.
In looking back at the events of 2016 surrounding the U.S. Presidential campaign, most people will recall that Hillary Clinton, along with several high level Obama national security officials, pushed the lie that the U.S. Intelligence agreed that Russia had unleashed a cyber war on the United States. The initial lie came from DNI Jim Clapper and Homeland Security Chief, Jeb Johnson, who released the following memo to the press on 7 October 2016:
"The U.S. Intelligence Community (USIC) is confident that the Russian Government directed the recent compromises of e-mails from US persons and institutions, including from US political organizations. The recent disclosures of alleged hacked e-mails on sites like DCLeaks.com and WikiLeaks and by the Guccifer 2.0 online persona are consistent with the methods and motivations of Russian-directed efforts. These thefts and disclosures are intended to interfere with the US election process. Such activity is not new to Moscow—the Russians have used similar tactics and techniques across Europe and Eurasia, for example, to influence public opinion there. We believe, based on the scope and sensitivity of these efforts, that only Russia's senior-most officials could have authorized these activities."
This was a deliberate deceptive message. It implied that the all 16 intelligence agencies agreed with the premise and “evidence of Russian meddling. Yet not a single bit of proof was offered. More telling was the absence of any written document issued from the Office of the DNI that detailed the supposed intel backing up this judgment. Notice the weasel language in this release:
“The USIC is confident . . .”
“We believe . . .”
If there was actual evidence/intelligence, such as an intercepted conversation between Vladimir Putin and a subordinate ordering them to hack the DNC or even a human source report claiming such an activity, then it would have and should have been referenced in the Clapper/Johnson document. It was not because such intel did not exist.
Hillary Clinton helped perpetuate this myth during the late October debate with Donald Trump, when she declared as fact that:
"We have 17 intelligence agencies, civilian and military, who have all concluded that these espionage attacks, these cyberattacks, come from the highest levels of the Kremlin, and they are designed to influence our election," Clinton said. "I find that deeply disturbing.”
What is shocking is that there was so little pushback to this nonsense. Hardly anyone asked why would the DEA, Coast Guard, the Marines or DOE have any technical expertise to make a judgment about Russian hacking of U.S. election systems. And no one of any importance asked the obvious—where was the written memo or National Intelligence Estimate laying out what the IC supposedly knew and believed? There was nothing.
It is natural for the average American citizen to believe that something given the imprimatur of the Intelligence Community must reflect solid intelligence and real expertise. Expertise is supposed to be the cornerstone of intelligence analysis and the coordination that occurs within the IC. That means that only those analysts (and the agencies they represent) will be asked to contribute or comment on a particular intelligence issue. When it comes to the question of whether Russia had launched a full out cyber attack on the Democrats and the U.S. electoral system, only analysts from agencies with access to the intelligence and the expertise to analyze that intelligence would be asked to write or contribute to an intelligence memorandum.
Who would that be? The answer is simple—the CIA, the DIA, the NSA, State INR and the FBI. (One could make the case that there are some analysts within Homeland Security that might have expertise, but they would not necessarily have access to the classified information produced by the CIA or the NSA.) The task of figuring out what the Russians were doing and planned to do fell to five agencies and only three of the five (the CIA, the DIA and NSA) would have had the ability to collect intelligence that could inform the work of analysts.
Before I can explain to you how an analyst work this issue it is essential for you to understand the type of intelligence that would be required to “prove” Russian meddling. There are four possible sources—1) a human source who had direct access to the Russians who directed the operation or carried it out; 2) a signal intercept of a conversation or cyber activity that was traced to Russian operatives; 3) a document that discloses the plan or activity observed; or 4) forensic evidence from the computer network that allegedly was attacked.
Getting human source intel is primarily the job of CIA. It also is possible that the DIA or the FBI had human sources that could have contributed relevant intelligence.
Signal intercepts are collected and analyzed by the NSA.
Documentary evidence, which normally is obtained from a human source but can also be picked up by NSA intercepts or even an old-fashioned theft.
Finally there is the forensic evidence. In the case of Russian meddling there is no forensic evidence available to the IC because the Democratic National Committee did not permit the FBI to investigate and examine the computers and the network that was allegedly attacked.
What Do Analysts Do?
Whenever there is a “judgment” or “consensus” claimed on behalf to the IC, it means that one or more analysts have written a document that details the evidence and presents conclusions based on that evidence. On a daily basis the average analyst confronts a flood of classified information (normally referred to as “cables” or “messages”). When I was on the job in the 1980s I had to wade through more than 1200 messages—i.e., human source reports from the CIA, State Department messages with embassies around the world, NSA intercepts, DIA reports from their officers based overseas (most in US embassies) and open source press reports. Today, thanks to the internet, the average analyst must scan through upwards of 3000 messages. It is humanly impossible.
The basic job of an analyst is to collect as much relevant information as possible on the subject or topic that is their responsibility. There are analysts at the CIA, the NSA, the DIA and State INR that have the job of knowing about Russian cyber activity and capabilities. That is certain. But we are not talking about hundreds of people.
Let us move from the hypothetical to the actual. In January of 2017, DNI Jim Clapper release a report entitled, “Assessing Russian Activities and Intentions in Recent US Elections” (please see here). In subsequent testimony before the Congress, Clapper claimed that he handpicked two dozen analysts to draft the document. That is not likely. There may have been as many as two dozen analysts who read the final document and commented on it, but there would never be that many involved in in drafting such a document. In any event, only analysts from the CIA, the NSA and the FBI were involved :
This report includes an analytic assessment drafted and coordinated among The Central Intelligence Agency (CIA), The Federal Bureau of Investigation (FBI), and The National Security Agency (NSA), which draws on intelligence information collected and disseminated by those three agencies.
Limiting the drafting and clearance on this document to only the CIA, the NSA and the FBI is highly unusual because one of the key analytical conclusions in the document identifies the Russian military intelligence organization, the GRU, as one of the perpetrators of the cyber attack. DIA’s analysts are experts on the GRU and there also are analysts in State Department’s Bureau of INR who should have been consulted. Instead, they were excluded.
Here is how the process should have worked in producing this document:
- One or more analysts are asked to do a preliminary draft. It is customary in such a document for the analyst to cite specific intelligence, using phrases such as: “According to a reliable source of proven access,” when citing a CIA document or “According to an intercept of a conversation between knowledgeable sources with access,” when referencing something collected by the NSA. The analyst does more than repeat what is claimed in the intel reports, he or she also has the job of explaining what these facts mean or do not mean.
- There always is an analyst leading the effort who has the job of integrating the contributions of the other analysts into a coherent document. Once the document is completed in draft it is handed over to Branch Chief and then Division Chief for editing. We do not know who had the lead, but it was either the FBI, the CIA or the NSA.
- At the same time the document is being edited at originating agency, it is supposed to be sent to the other clearing agencies, i.e. those agencies that either provided the intelligence cited in the draft (i.e., CIA, NSA, DIA, or State) or that have expertise on the subject. As noted previously, it is highly unusual to exclude the DIA and INR.
- Once all the relevant agencies clear on the content of the document, it is sent into the bowels of the DNI where it is put into final form.
That is how the process is supposed to work. But the document produced in January 2017 was not a genuine work reflecting the views of the “Intelligence Community.” It only represented the supposed thinking (and I use that term generously) of CIA, NSA and FBI analysts. In other words, only three of 16 agencies cleared on the document that presented four conclusions:
- Russian efforts to influence the 2016 US presidential election represent the most recent expression of Moscow’s longstanding desire to undermine the US-led liberal democratic order, but these activities demonstrated a significant escalation in directness, level of activity, and scope of effort compared to previous operations.
- We assess Russian President Vladimir Putin ordered an influence campaign in 2016 aimed at the US presidential election. Russia’s goals were to undermine public faith in the US democratic process, denigrate Secretary Clinton, and harm her electability and potential presidency.
- We further assess Putin and the Russian Government developed a clear preference for President-elect Trump.
- We assess Moscow will apply lessons learned from its Putin-ordered campaign aimed at the US presidential election to future influence efforts worldwide, including against US allies and their election processes.
Sounds pretty ominous, but the language used tells a different story. The conclusions are based on assumptions and judgments. There was nor is any actual evidence from intelligence sources showing that Vladimir Putin ordered up anything or that his government preferred Trump over Clinton.
How do I know this? If such evidence existed—either documentary or human source or signal intercept—it would have been cited in this document. Not only that. Such evidence would have corroborated the claims presented in the Steele dossier. But such evidence was not forthcoming. If it had existed than Jim Comey could have claimed in his June 2017 testimony before Congress that the parts of the “Dossier” had been verified. He did not do so. Testifying under oath Comey described the “Dossier” as “salacious and unverified.”
It is genuinely shocking that DNI Jim Clapper, with the acquiescence of the CIA, the FBI and NSA, would produce a document devoid of any solid intelligence. There is a way to publicly release sensitive intelligence without comprising a the original source. But such sourcing is absent in this document.
That simple fact should tell you all you need to know. The Intelligence Community was used as a tool to misinform the public and persuade them that Russia was guilty of something they did not do. That lie remains unchallenged.