by Col. Jim Waurishuk USAF (Ret.)
U.S. Contractor arrested after leak of NSA documents on Russia hacking against the November Election …
So once again, we have another major leak of highly classified intelligence information that has been provided to the media for political purposes and expedience. Releasing classified material without authorization threatens our nation’s security and undermines public faith in government. Employees or anyone who are trusted with a classified government security clearance and with access to classified information and pledge to protect it must be held accountable when they violate that obligation.
The culprit, a 25-year-old woman, by the name of Reality Leigh Winner, stole “Top Secret” documents from the National Security Agency (NSA) and leaked them to the website “The Intercept,” which she admitted to FBI agents. The web news site published an article on yesterday that appears to be based on the stolen materials. Ms. Winner is a former U.S. Air Member who worked as a U.S. government defense contractor Pluribus International Corporation, that deals with intelligence support since mid-February 2017, at Ft. Gordon, Georgia and the location of the NSA field station and the NSA/Central Security Service’s Georgia Cryptologic Center.
While the mainstream media, the political-left, and Democrats will point the finger to continue the Russian narrative and collusion, there are more serious consequence to our national security. Winner was indicted in federal court on Monday for allegedly stealing classified documents from her employer, Pluribus International, The federal complaint filed against Winner reveals that she stole the highly classified documents on May 9th, four days after they were published as an internal intelligence community report by the NSA. She printed the report and sent it through ground mail to The Intercept. On May 30, a reporter with the outlet contacted the NSA inquiring about the documents. The agency then contacted the FBI, which dispatched agents to interview and apprehend Winner at her home in Augusta.
First and foremost, the biggest crime is the leaker, the National Security Agency (NSA) contractor who violated her oath and her contract with her company which is a federal government private contractor to the NSA. And as a former USAF member, she also knows better, also knows better the impact of leaking highly classified to the media. Now, she will have to deal with the consequences, which again, as the holder of a Top Secret-SCI (Special Compartmented Information) clearance fully knows and is fully aware – since as part of the indoctrination and training for being provided the clearance and level of access to classified information and systems, she had to sign numerous documents, non-disclosures and acknowledgements about the proper procedures and responsibilities for protecting and safeguarding classified information. Her crime is a federal felony offense under the Espionage Act and numerous other federal laws and statutes, Executive Orders that direct the requirements and responsibilities for safeguarding of intelligence information, and Intelligence Community (IC) directives. In fact, the same directives and statutes that Hillary Clinton violated in the failure to safeguard classified in her private email server scandal.
With regard to the Russian spear-phishing and malware scheme against the U.S. voting equipment vendor and related industry companies, the specific company named, VR Systems is an electronic voting services and equipment vendor in Florida that has contracts in eight states, including New York.
This type of attack is nothing new, and is for the most part, relatively routine with most industries. In fact, it happens all the time. Furthermore, it is not just the Russians, nor other foreign governments, but it should be not that similar efforts are being carried out by numerous international rogue hackers and cyber trouble makers, across all industries, in an attempt to influence employees and staffs to access attachments and to open and download files containing cookies, malware, and viruses in order for the rogue operators and hackers to use a spear-phishing email scheme that targeted local government officials and employees access and attempt to influence users and information. Whether foreign entities and rogue operators themselves act as a third party on behalf of foreign governments is also highly considered and expected and more than likely known by our intelligence community already. What is known specifically is that operatives from the Russian General Staff Main Intelligence Directorate, or GRU, are reported to have targeted employees at VR Systems last August and then again in October (2016). While the intent on the part of the Russians to access and influence those targeted, there was no impact, nor had any affect what so ever on the U.S. November Election.
Further, we also need to be cognizant and aware that both the Obama administration’s NSA, as well as the voting equipment vendor(s) in question were well aware of the attempted effort in both August and October-November 2016, prior to the November Election. The NSA classified report that the young woman leaked to the web site “The Intercept” in May 2017 was a personal act on her part, and act carried as the result of her own personal political beliefs, and her obvious political agenda. It was not, and is not a new surprising revelation and discovery that the Russians were attempting to use a phishing/malware scheme to affect the election. Nor was there any description or indication of any Trump campaign involvement what so ever. But nevertheless, the political-left and mainstream media are already attempting and trying their best to make the connection and draw the conclusion that this is the smoking gun. Even though everyone knows, the on their own were and are always doing everything they can to try to affect elections everywhere that may have an impact on their own nation.
In analyzing and assessing the impact of this leaked information, be aware that the Russian effort was via an email campaign containing the phishing/malware program and instructions and was sent to known and identified employees that worked for the NSA contractor and others in the election business to attempt to encourage them to download and or purchase election-related programs and software. Their intent, the Russians, was an attempt that the employee(s) of the voting equipment and service company might incorporate the program in the email into their work-related election systems, machines, and other voting-related equipment which of course are computer based systems.
The vendor in question further noted that they are well aware of such cyber tactics and methods and deal with this on a regular basis, and that they are in constant corroboration with law enforcement and cyber protection, detection, and enforcement industry experts. Also, the vendors and employees are aware and trained to either identify such schemes and to avoid them and report them, as soon as possible.
Again, the most important aspect of this event is the seriousness and more damage done by providing the Top Secret-SCI document to the website and the fact that the information and its revelation got into the public domain. The major threat here being, that of the young women who used her position and her credentials, and her high-level Top Secret clearance and access in order to push her personal and political agenda, and the fact that she was a noted Trump hater, and obvious impetus to her criminal activity. Accordingly, Winner was heavily critical of Trump just after he took office. She used the hashtag “NeverMyPresident” and “Resist” in a Facebook post about his position on Dakota Access Pipeline.
Her deliberate actions jeopardized our national security by revealing to the Russians what the U.S. knew they were up to and the scheme and methodology being used, hence the NSA document she leaked to a media web site. It further reveals to the Russians and other cyber espionage states and operators that we were and are watching and monitoring what they, the Russians were doing. That was the purpose of the NSA report, and its revelation, in that it revealed and confirmed our intelligence community’s efforts; some of its intelligence operations tactics, techniques and procedures, as well as sources and methods that we use. It also showed and acknowledged that we were aware and confirmed to ourselves (the national security community) what the Russian’s were intent on and how they were using their own cyber capability.
Finally, what most don't realize is that there is a cost to our national security from the standpoint of capability; intelligence operations tactics, techniques and procedures, that have now been compromised. That unfortunately comes at a cost to taxpayers, our intelligence budgets and our capabilities. All must undergo damage assessments, new safeguards, and security and protect against intelligence assets that may be in jeopardy and reassurances to potentially allies and friends that some aspect of their support and involvement may also have been compromised or is in jeopardy of being revealed and or compromised. As a result, this woman must be prosecuted and charged for her crime because the message must be made and made loud and clear that leaking and failure to safeguard critical national security and highly classified intelligence information has consequences. This must be the deterrent and the first effort to STOP the leaks once and for all and send the message that this is serious. Failure to do so will only encourage and mandate those within the federal government pushing their rogue schemes to continue their dangerous and destructive political agenda.
Obviously, this has a financial cost that must be incurred and more than likely being in the many millions of taxpayer dollars. In the end, thanks to this young woman, what the Russians didn’t reap in the process of their cyber phishing attack, they reaped in the costly revelations and compromise to our intelligence collection and monitoring, and the intelligence information and capabilities revealed. Unfortunately, most Americans never look at the national security and financial cost of such leaks and those impacts on the nation security.
Finally, the political-left and the mainstream media will continue to drive their false-narrative that that Russia had interfered in a foreign election, and somehow Donald Trump is at the bottom of it and the young woman was a whistle blower who revealed it. Of course, the questions that won’t be raised is that the Obama administration’s NSA was aware of this in the summer of 2016 and just prior to the November Election — hence this leaked NSA report. What did the Obama administration do, and who in the Obama White House was informed and who was aware, and what efforts were taken to stop the Russian strategy. The other question to ask is … “is she part of the Deep State?