Posts

As Richard Burr Rushes to Release Volume Five of SSCI’s Russian Investigation, the FBI Closes In

Update: As I was posting this, reports that Burr is stepping down as Chair of SSCI came out.

The LAT has a big scoop revealing that the FBI seized Richard Burr’s cell phone yesterday, having gotten a probable cause warrant incorporating information they obtained via a search of his iCloud.

Federal agents seized a cellphone belonging to a prominent Republican senator on Wednesday night as part of the Justice Department’s investigation into controversial stock trades he made as the novel coronavirus first struck the U.S., a law enforcement official said.

[snip]

Such a warrant being served on a sitting U.S. senator would require approval from the highest ranks of the Justice Department and is a step that would not be taken lightly. Kerri Kupec, a Justice Department spokeswoman, declined to comment.

A second law enforcement official said FBI agents served a warrant in recent days on Apple to obtain information from Burr’s iCloud account and said agents used data obtained from the California-based company as part of the evidence used to obtain the warrant for the senator’s phone.

[snip]

The same day Burr sold his stocks, Burr’s brother-in-law, Gerald Fauth, sold between $97,000 and $280,000 worth of six stocks, according to documents filed with the Office of Government Ethics. Fauth serves on the National Mediation Board, which provides mediation for labor disputes in the aviation and rail industries.

Burr has denied coordinating trading with his brother-in-law.

Given the progression from an iCloud warrant to the warrant for the cell phone, it’s likely the FBI is seeking out texts between Burr and his brother-in-law around the time of the stock sales. (The FBI often access iCloud to find out what apps someone has accessed, obtains a pen register to identify communications of interest using that app, then seizes the phone to get those encrypted communications.)

The public evidence again Burr is quite damning, so there’s no question that this is a properly predicated investigation.

Still, coming from a DOJ that has gone to great lengths to protect other looting (and has not taken similar public steps against Kelly Loeffler), the move does raise questions.

Particularly given the focus that Richard Burr gave, during the John Ratcliffe confirmation hearing, to getting the final volume of the SSCI Report on 2016 declassified and released by August.

Richard Burr: Congressman, over the course of the last three years this committee has issued four reports about Russia’s meddling in our elections covering Russia’s intrusions into state election systems, their use of social media to attempt to influence the election, and. most recently confirming the findings of the 2017 Intelligence Community Assessment. While being mindful of the fact that we’re, um, in an unclassified setting, what are your views on Russia’s meddling in our elections?

John Ratcliffe: Chairman, my views are that Russia meddled or interfered with Active Measures in 2016, they interfered in 2018, they will attempt to do so in 2018 [sic]. They have a goal of sowing discord, and they have been successful in sowing discord. Fortunately, based on the work–the good work of this committee, we know that they may have been successful in that regard but they have not been successful in changing votes or the outcome of any election. The Intelligence Community, as you know, plays a vital role on insuring we have safe, secure, and credible elections and that every vote cast by every American is done so properly and counted properly.

Burr: Will you commit to bringing information about threats to the election infrastructure and about foreign governments’ efforts to influence to Congress so we’re fully and currently informed?

Ratcliffe: I will.

Burr; Will you commit to testify at this committee’s annual worldwide threats hearing?

Ratcliffe: I will.

Burr: And last question, over the last three years we have issued four reports. Number five is finished. Number five will go for declassification. Do we have your commitment as DNI that you would expeditiously go through the declassification process?

Ratcliffe: You do.

Burr: Senator Warner.

Mark Warner: Thank you Mr. Chairman. You actually took some of my questions.

Burr: My eyesight is good.

Warner: Mr. Ratcliffe, good to see you again and I appreciated our time, um, um, last Friday. I want to follow-up on a couple of the Chairman’s questions first. As we discussed, we’re … Volume Five, and so far our first four volumes have all been unanimous. Or maybe with the exception of one dissenting vote. If we get this document to the ODNI we need your commitment not only that we do it expeditiously, but as much as possible to get that Volume Five reviewed, redacted, and released, ideally before the August, the August recess. Now, I know you’ve not seen the report yet. All I would ask is, aspirationally that you commit to that goal, because I think as we discussed, to have a document that could be [big pause] potentially significant come out in the midst of a presidential campaign isn’t good or fair on either side. So if I could clarify a bit, recognizing that you’ve not seen the document is a thousand pages, that you’d try to get this cleared prior to August.

Ratcliffe: Vice Chairman, I would again, commit that I would work with you to get that as expeditiously as possible.

During the 2018 election, Burr had — at a time when the committee assuredly did not have the ability to rule it out — twice said there was no evidence of “collusion.” Burr has made no such claims recently.

Even just the Roger Stone disclosures from his trial make it clear “collusion” happened, and that’s ignoring the ongoing Foreign Agent investigation involving Stone. And the Intelligence Committees have been briefed on the existence of — and possibly some details about — either that or other ongoing investigations.

If Richard Burr is prepping to reverse his prior public comments about “collusion,” it might explain why the Bill Barr DOJ, which has stopped hiding that it is an instrument used to enforce political loyalty to Trump, would more aggressively investigate Burr than others.

Again, there’s no question that this is a properly predicated investigation. But in the Barr DOJ, properly predicated investigations about political allies of Trump all get quashed. This one has, instead, been aggressively and overtly pursued.

Ric Grenell Declassified George Papadopoulos’ Brags about Fucking Older Women, but Not about Befriending Sergey Millian

In the name of exposing “FISA abuse,” Lindsey Graham got Ric Grenell to declassify details of George Papadopoulos bragging about fucking a woman who was 42.

CT: I was banging a 42-year-old. That’s the oldest I ever went. And she was the best sex I ever had in my life.

CHS: You know you can’t, uh, knock down them…

CT: But 42, that’s like borderline old, you know.

But Grenell left what DOJ IG treated as a reference to Sergey Millian living in Brooklyn classified (see page 66).

Grenell did so even though this reference to “Sergey” has already been formally declassified, for the DOJ IG Report (though I would argue that in places DOJ IG’s transcriptions are not always fair descriptions of what the transcripts show).

Papadopoulos did not say much about Russia during the first conversation with Source 3, other than to mention a “friend Sergey … [who] lives in … Brooklyn,” and invite Source 3 to travel with Papadopoulos to Russia in the summertime.

Perhaps this just stems from bureaucratic incompetence. But the Trump Administration made a fairly aggressive decision to declassify details about Sergey Millian for the DOJ IG Report because it served their narrative about Christopher Steele. But when it came time to claim–abundant evidence in the transcripts to the contrary–that George Papadopoulos wasn’t an obvious subject for a counterintelligence investigation, the Trump Administration treated one of the most damning details as classified.

This matters, because the frothy right has been ginning up a scandal over the delayed release of the House Intelligence transcripts, and the fact that, having been told everything is ready, Adam Schiff is taking a few days to review what Grenell has done to ensure the integrity of the redactions. They’re doing so even as both Mark Warner and Richard Burr spent the beginning of John Ratcliffe’s confirmation making sure the declassification of their report on the Russian operation would be quick and non-partisan.

But we’ve already got hints that Grenell is politicizing the declassification process. In a 90-page transcript, he redacted the detail that most undermined the frothy right narrative.

After Years of Squealing about “FISA Abuse,” Trump’s DNI Nominee Won’t Rule Out Warrantless Wiretapping

As I noted earlier, in his confirmation hearing to be Director of National Intelligence, John Ratcliffe made it crystal clear he will lie to protect Trump by stating that he believed Trump has always accurately conveyed the threat of COVID-19.

Ratcliffe made some other alarming comments. For example:

  • He repeatedly said that Russia had not changed any votes in 2016. The Intelligence Community did not review that issue and Ratcliffe has no basis to make that claim.
  • Ratcliffe also repeatedly refused to back SSCI’s unanimous conclusion that Russia intervened to help Trump.
  • He dodged when Warner asked him to promise to brief the committee even if Russia were trying to help Trump.
  • When asked whether he supported Inspectors General, Ratcliffe said that he supported Michael Horowitz when others attacked him but then suggested he disagreed with Horowitz’ “opinion,” making it clear he does not accept Horowitz’ conclusions that he found no evidence that bias affected the investigation into Trump’s flunkies.
  • Ratcliffe claimed he didn’t have enough information to address Michael Atkinson’s firing.
  • When Dianne Feinstein read his quotes about the Ukraine whistleblower to him, Ratcliffe pretended those quotes were about something they weren’t.
  • He might not provide intelligence on COVID-19 that showed how Trump blew it off.
  • He suggested that if only the IC had reviewed open source data, they might have warned of the dangers of COVID-19, which they did warn of using both OSINT and classified intelligence.
  • He refused to answer whether he thought there was a Deep State in the IC, and later suggested a few members of the IC were Deep State.
  • Ratcliffe refused to agree to release a report showing that Mohammed bin Salman had Jamal Khashoggi executed and chopped into bits, as required by last year’s Defense Authorization. He suggested that it might have been properly classified; as DNI, he would be the Original Classification Authority to make that decision.
  • He refused to answer clearly on whether Trump’s policies on North Korea and Iran have worked.
  • He later suggested he might not share intelligence if it were too sensitive, again ignoring that as OCA he gets to decide whether it’s really classified.
  • After saying he would appear for a Global Threats hearing, he then dodged when later asked whether he would appear before the committee generally.

Ratcliffe made several comments to make it clear he would side with expansive Unitary Executive interpretations holding that:

  • There are limits to whistleblower protection.
  • If torture were deemed legal it would okay to do it.
  • The executive can use warrantless wiretapping.

There were a few additional hints about stuff going on right now:

  • Mark Warner said that intelligence professionals have been pressured to limit information they share with Congress.
  • Warner also said that Ric Grenell was undermining the IC’s election security group.
  • Both Warner and Richard Burr seemed concerned that the DNI would not declassify their 1000-page Volume V of their Report on Russia’s 2016 election interference (I’m not sure whether this assess the Steele dossier or lays out whether and how Trump “colluded” during 2016).
  • Martin Heinrich made it clear that Grenell is reorganizing the IC, without any consultation or approval from Congress.

It’s not just unqualified, he’s a sycophant. But it seems like there’s so much that Grenell is already screwing up, Republicans on the committee, at least, prefer Ratcliffe.

Update: Here are Ratcliffe’s Questions for the Record. They’re particularly troubling on sharing with Congress.

He twice refused to say that he wouldn’t impose loyalty tests.

QUESTION 39: Personnel decisions can affect analytic integrity and objectivity. A. Would you consider an individual’s personal political preferences, to include “loyalty” to the President, in making a decision to hire, fire, or promote an individual?

Answer: Personnel decisions should be based on qualifications, skills, merit, and other standards which demonstrate the ability, dedication and integrity required to support the central IC mission of providing unvarnished intelligence to policymakers.

B. Do you commit to exclusively consider professional qualifications in IC personnel decisions, without consideration of partisan or political factors?

Answer: Personnel decisions should be based on qualifications, skills, merit, and other standards that demonstrate the ability, dedication and integrity required to support the central IC mission of providing unvarnished intelligence to policymakers.

He refused to promise to keep the Election Threats Executive Office open.

QUESTION 45: Would you commit to keep the Election Threats Executive Office in place to ensure continuity of efforts, and build on the successes of the 2018 midterms?

Answer: If confirmed, I will work with IC leaders and ODNI officials to ensure the IC is well-positioned to address the election security threats facing our Nation.

He refused to promise to notify Congress if Russia starts helping Trump again.

QUESTION 53: Do you commit to immediately notifying policymakers and the public of Russian attempts to meddle in U.S. democratic processes, to include our elections?

Answer: If confirmed, I would work with the Committee to accommodate its legitimate oversight needs while safeguarding the confidentiality interests of the Executive Branch, including the protection from unauthorized disclosure of classified intelligence sources and methods

He suggested he had no problem with Section 215 being used to access someone’s browsing records.

QUESTION 7: Do you believe that Section 215 of the USA PATRIOT Act should be used to collect Americans’ web browsing and internet search history? If yes, do you believe there are or should be any limitations to “digital tracking” of Americans without a warrant, in terms of length of time, the amount of information collected, or the nature of the information collected (e.g., whether particular kinds of websites raise special privacy concerns)?

Answer: I believe it is important for the Intelligence Community to use its authorities appropriately against valid intelligence targets. The amendments to Title V of FISA made by Section 215 of the USA PATRIOT Act expired on March 15, 2020 and, to date, have not been reauthorized.

Ratcliffe dodged several questions about whether FISA was exclusive means to collect

Extra-Statutory Collection

QUESTION 9: Title 50, section 1812 provides for exclusive means by which electronic surveillance and interception of certain communications may be conducted. Do you agree that this provision of law is binding on the President?

Answer: If confirmed, I would work with the Attorney General to ensure that IC activities are carried out in accordance with the Constitution and applicable federal law.

QUESTION 10: Do you believe that the intelligence surveillance and collection activities covered by FISA can be conducted outside the FISA framework? If yes, please specify which intelligence surveillance and collection activities, the limits (if any) on extra-statutory collection activities, and the legal authorities you believe would authorize those activities.

Answer: If confirmed, I would work with the Attorney General and the heads of IC elements, as well as the General Counsels throughout the IC, to ensure that intelligence activities are conducted in accordance with the Constitution and applicable federal law. As set forth in Section 112 of FISA, with limited exceptions, FISA constitutes the exclusive statutory means by which electronic surveillance, as defined in FISA, and the interception of domestic wire, oral, or electric communications for foreign intelligence purposes may be conducted.

QUESTION 11: What would you do if the IC was requested or directed to conduct such collection activities outside the FISA framework? Would you notify the full congressional intelligence activities?

Answer: Consistent with the requirements of the National Security Act, I would keep the congressional intelligence committees informed of the intelligence activities of the United States, including any illegal intelligence activities. As you know, not all intelligence activities are governed by FISA.

If confirmed, I would work with the Attorney General and the heads of IC elements, as well as the General Counsels throughout the IC, to ensure that intelligence activities are conducted in accordance with the Constitution and applicable federal law.

Senator Wyden asked a question about the IC purchasing stuff they otherwise would need a warrant for.

QUESTION 12: Do you believe the IC can purchase information related to U.S. persons if the compelled production of that information would be covered by FISA? If yes, what rules and guidelines would apply to the type and quantity of the information purchased and to the use, retention and dissemination of that information? Should the congressional intelligence committees be briefed on any such collection activities?

Answer: Elements of the IC are authorized to collect, retain, or disseminate information concerning U.S. persons only in accordance with procedures approved by the Attorney General. As you know, not all intelligence activities are governed by FISA, and it is my understanding that in appropriate circumstances elements of the IC may lawfully purchase information from the private sector in furtherance of their authorized missions. Nonetheless, any intelligence activity not governed by FISA would be regulated by the Attorney General-approved procedures that govern the intelligence activities of that IC element. Consistent with the requirements of the National Security Act, if confirmed, I would keep the congressional intelligence committees informed of the intelligence activities of the United States.

 

SSCI Has Already Dismissed One of the Key Issues John Durham Is Investigating

The other day, the NYT had an update on another area included in John Durham’s 9-month investigation of the Russian investigation. Durham appears to be chasing a theory (based on what predication, aside from Bill Barr’s fevered imagination, it’s unclear) that John Brennan tricked the FBI into investigating Trump by fooling them into believing Russia wanted Trump elected.

Questions asked by Mr. Durham, who was assigned by Attorney General William P. Barr to scrutinize the early actions of law enforcement and intelligence officials struggling to understand the scope of Russia’s scheme, suggest that Mr. Durham may have come to view with suspicion several clashes between analysts at different intelligence agencies over who could see each other’s highly sensitive secrets, the people said.

Mr. Durham appears to be pursuing a theory that the C.I.A., under its former director John O. Brennan, had a preconceived notion about Russia or was trying to get to a particular result — and was nefariously trying to keep other agencies from seeing the full picture lest they interfere with that goal, the people said.

[snip]

The Justice Department has declined to talk about Mr. Durham’s work in meaningful detail, but he has been said to be interested in how the intelligence community came up with its analytical judgments — including its assessment that Russia was not merely sowing discord, but specifically sought to help Mr. Trump defeat Hillary Clinton in the 2016 election.

A key part of this involves the credibility assigned to a Russian source and the CIA’s initial unwillingness to share his identity.

One fight, they said, concerned the identity and placement of a C.I.A. source inside the Kremlin. Analysts at the National Security Agency wanted to know more about him to weigh the credibility of his information. The C.I.A. was initially reluctant to share details about the Russian’s identity but eventually relented.

But officials disagreed about how much weight to give the source’s information, and the intelligence community’s eventual assessment apparently reflected that division. While the F.B.I. and the C.I.A. concluded with “high confidence” that Mr. Putin was specifically trying to help Mr. Trump win the election, the National Security Agency agreed but said it had only “moderate confidence.”

As with much of the Durham investigation, this likely came from a partisan investigation — specifically the HPSCI Report on Russian interference that the GOP released with little Democratic involvement. It found that

(U) Finding #16: The lntelllgence Communi· tv Assessment judgments on Putin’s strategic intentions did not employ proper ana· lytic tradecraft. (U) While the Committee found that most ICA analysis held-up to scrutiny, the investigation also identified significant intelligence tradecraft failings that undermine confidence in the JCA judgments regarding Russian President Vladimir Putin’s strategic objectives for disrupting the U.S. election. Those judgments failed to meet longstanding standards set forth in the primary guiding document for IC analysis, ICD 203, Analytic Standards including:

(U) ”Properly describe quality and credibilit:y of underlying sources.”

(U) “Properly express and explain uncertainties associated with major analytic judgments.”

(U) “Incorporate analysis of alternatives ·- [particularly] when major judgments must contend with significant uncertainties or … high-impact results.”

(U) Base confidence assessments on “the quantity and quality of source material.”

(U) “Be informed by all relevant information available.”

(U) “Be independent of political considerations.”

[snip]

The Committee’s findings on ICA tradecraft focused on the use of sensitive, [redacted] intelligence [redacted] cited by the ICA. This presented a significant challenge for classification downgrade. The Committee worked with intelligence officers from the agencies who own the raw reporting cited in the ICA to downgrade the classification of compartmented findings [redacted]

In short, in the same way that the HJC/OGR echo chamber of shoddy propaganda injected George Papadopoulos’ claims into Durham’s investigation, the HPSCI report likely gave Barr a way to demand this prong of the investigation.

The thing is, however, the Senate Intelligence Committee has also reviewed this intelligence — notably, at a time after the CIA source behind it had been exfiltrated (and after abundant other evidence proving that Putin really did prefer Trump came in). And SSCI had no problem with the conclusion.

The ICA states that:

We assess Russian President Vladimir Putin ordered an influence campaign in 2016 aimed at the U.S. presidential election. Russia’s goals were to undermine public faith in the U.S. democratic process, denigrate Secretary Clinton, and harm her electability and potential presidency. We further assess Putin and the Russian Government developed a clear preference for President-elect Trump.[2]

  • The Committee found that the ICA provided a range of all-source reporting to support these assessments.
  • The Committee concurs with intelligence and open-source assessments that this influence campaign was approved by President Putin.
  • Further, a body of reporting, to include different intelligence disciplines, open source reporting on Russian leadership policy preferences, and Russian media content, showed that Moscow sought to denigrate Secretary Clinton.
  • The ICA relies on public Russian leadership commentary, Russian state media reports, public examples of where Russian interests would have aligned with candidates’ policy statements, and a body of intelligence reporting to support the assessment that Putin and the Russian Government developed a clear preference for Trump.

The ICA also states that:

We also assess Putin and the Russian Government aspired to help President-elect Trump’s election chances when possible by discrediting Secretary Clinton and publicly contrasting her unfavorably to him.[3]

  • The Committee found that the ICA provided intelligence and open source reporting to support this assessment, and information obtained subsequent to publication of the ICA provides further support.
  • This is the only assessment in the ICA that had different confidence levels between the participating agencies—the CIA and FBI assessed with “high confidence” and the NSA assessed with “moderate confidence”—so the Committee gave this section additional attention.

The Committee found that the analytical disagreement was reasonable, transparent, and openly debated among the agencies and analysts, with analysts, managers, and agency heads on both sides of the confidence level articulately justifying their positions. [my emphasis]

Significantly, over time that conclusion has held up.

In fact, an even more recent SSCI Report — released in recent weeks — makes it clear that what is obviously this same reporting stream provided the “wake up” call that led the IC to take the Russian attack as seriously as they should have. The intelligence is introduced (but entirely redacted) on page 11, but the description of Brennan’s action — and the degree to which this intelligence was closely held thereafter — makes it clear that this is the CIA HUMINT.

According to Director Brennan, he recommended that the intelligence be briefed to the Gang of Eight, stating, “I think it’s important that this be a personal briefing.”

[snip]

According to multiple administration officials, the receipt of the sensitive intelligence prompted the NSC to being a series of restricted PC meetings to craft the administration’s response to the Russians’ active measures campaign. These restricted “small group” PC meetings, and the corresponding Deputies Committee (DC) meetings, were atypically restricted, and excluded regular PC and DC attendees such as the relevant Senior Directors within the NSC and subject matter experts that normally accompanied the principals and deputies from the U.S. Government departments and agencies.

According to former NSC Senior Director for Intelligence Programs, Brett Holmgren, no one other than the principals participated in the initial PC meetings, due to the sensitivity of the intelligence reporting. Mr. Holmgren further stated that the “reports were briefed verbally, often times by Director Brennan. So I didn’t get access to a lot of these reports until the November or December time frame.”

To be clear, ultimately this more recent SSCI Report comes down on the same side that the Durham inquiry seems to be — that CIA ended up holding this too close, making it difficult for other agencies to properly vet it. This SSCI Report argues that the close hold led to a less robust response than the US should have mounted.

So all four reviews — HPSCI’s, SSCI’s ICA assessment and 3rd volume, along with Durham’s current review — agree that the CIA held this information really closely. But the bipartisan reports that assess whether the conclusion held up over time — just the SSCI ones — not only find that CIA was right, but that that view marked the belated moment when the US IC started taking the attack seriously enough.

In other words, John Durham is investigating something that the proper oversight authorities already have deemed the correct result that actually came too late and not broadly enough, and trying to find fault with it. Bill Barr is trying to get Durham to criminalize an intelligence conclusion that is the one thing that didn’t lead us to get more badly damaged by the attack.

The Black Hole Where SSCI’s Current Understanding of WikiLeaks Is

Four years after it started, the Senate Intelligence Committee continues its investigation into Russia’s 2016 election interference, this week releasing the report on what the Obama Administration could have done better. For a variety of reasons, these reports have been as interesting for their redactions or silences as for what the unredacted bits say.

This latest report is no different.

Putin responded to Obama’s warnings by waggling his nukes

The most interested unredacted bit pertains to Susan Rice’s efforts, scheduled to occur just before ODNI and DHS released their report attributing the hack to Russia, to warn Russia against continuing to tamper in the election. That would place the meeting at just about precisely the moment the Access Hollywood video and Podesta email release happened, a big fuck you even as Obama was trying to do something about the tampering. The meeting also would have occurred during the period when Sergei Kislyak was bitching about FBI efforts to prevent Russia from sending election observers to voting sites.

The description of the meeting between Rice and Kislyak is redacted. But the report does reveal, for the first that I heard, that Russia responded to being warned by raising its nukes.

Approximately a week after the October 7. 2016. meeting, Ambassador Kislyak asked to meet with Ambassador Rice to deliver Putin’s response. The response, as characterized by Ambassador Rice, was “denial and obfuscation,” and “[t]he only thing notable about it is that Putin somehow deemed it necessary to mention the obvious fact that Russia remains a nuclear power.”

This exchange is all the more interesting given that there’s an entirely redacted bullet (on page 37) describing actions that “Russian cyber actors” took after Obama warned Putin. Given that the state and county scanning and the alleged hack of VR Systems shows up, there’s something we either still don’t know about or SSCI continues to hide more details of the VR Systems hack.

The page long post-election response to the election year attack

The longest subsection in a section devoted to describing Obama’s response is redacted (pages 39-41).

Here’s what the timing of the unredacted parts of that section is:

  • A: Expulsion of Russian diplomats (December 29, 2016)
  • B: Modifying the EO and sanctions (December 29, 2016)
  • C: redacted
  • D: Cybersecurity action in the form of the issuance of two technical reports (December 29, 2016 and February 10, 2017)
  • E: Tasking the ICA Report (initiated December 6, 2016; completed December 30, 2016; published January 5 and 6, 2017)
  • F: Protecting election infrastructure (January 5, 2017)

That might suggest that whatever secret action the Obama Administration took happened right in December, with everything else.

John Brennan was proved fucking right

There’s a redacted passage that may undermine the entire premise of the John Durham investigation, which purports to review what agencies, other than FBI, did to lead to an investigation focused on Trump’s campaign. Some reporting suggests Durham is investigating whether CIA tricked FBI into investigating Trump’s flunkies.

But this report describes how, in spite of knowing about related Russian hacks in 2015 and Russia’s habit of leaking information they stole, the IC really wasn’t aware of what was going on until John Brennan got an intelligence tip during the summer of 2016. That intelligence tip was described at length in a WaPo story that resembles this section of the report.

Early last August, an envelope with extraordinary handling restrictions arrived at the White House. Sent by courier from the CIA, it carried “eyes only” instructions that its contents be shown to just four people: President Barack Obama and three senior aides.

Inside was an intelligence bombshell, a report drawn from sourcing deep inside the Russian government that detailed Russian President Vladi­mir Putin’s direct involvement in a cyber campaign to disrupt and discredit the U.S. presidential race.

But it went further. The intelligence captured Putin’s specific instructions on the operation’s audacious objectives — defeat or at least damage the Democratic nominee, Hillary Clinton, and help elect her opponent, Donald Trump.

At that point, the outlines of the Russian assault on the U.S. election were increasingly apparent. Hackers with ties to Russian intelligence services had been rummaging through Democratic Party computer networks, as well as some Republican systems, for more than a year. In July, the FBI had opened an investigation of contacts between Russian officials and Trump associates. And on July 22, nearly 20,000 emails stolen from the Democratic National Committee were dumped online by WikiLeaks.

But at the highest levels of government, among those responsible for managing the crisis, the first moment of true foreboding about Russia’s intentions arrived with that CIA intelligence.

The section in this report is redacted.

Effectively, this report seems to confirm the WaPo reporting (which may have been based off sources close to those who testified to SSCI). It also emphasizes the import of this intelligence. But for this intelligence, the IC may have continued to remain ignorant of Putin’s plans for the operation.

The IC won’t let SSCI share its current understanding of WikiLeaks

But the most interesting redactions pertain to WikiLeaks.

There are four redacted paragraphs describing how hard it was for the IC to come up with a consensus attribution for the hack and leak operation.

Senior administration officials told the Committee that they hesitated to publicly attribute the cyber efforts to Russia m1til they had sufficient information on the penetration of the DNC network and the subsequent disclosure of stolen information via WikiLeaks, DCLeaks, and Guccifer 2.0.

More interesting still, almost the entirety of the page-plus discussion (relying on testimony from Ben Rhodes, Michael Daniel, Paul Selva, Mike Rogers, and others) of why it took so long to understand WikiLeaks remains redacted.

One reference that is unredacted, however, describes WikiLeaks as “coopted.”

This information would be of particular interest as the prosecution of Julian Assange goes forward. That — and the fact that some of this determination, relying as it does on former NSA Director Mike Rogers, appears to rely on NSA information — may be why it remains redacted.

Update: I’ve deleted the remainder of this post. It came from Wyden’s views, not the report itself.

Revisiting the First Time President Trump Blabbed Out Classified Information for Political Gain

I’d like to revisit what might be the first time in his presidency that Donald Trump blabbed out highly classified information for political gain. Trump appears to have endangered the investigation into CIA’s stolen hacking tools, all to blame Obama for the leak.

It happened on March 15, 2017, during an interview with Tucker Carlson.

Amid a long exchange where Tucker challenges Trump, asking why he claimed — 11 days earlier — that Obama had “tapped” Trump Tower without offering proof, Trump blurted out that the CIA was hacked during the Obama Administration.

Tucker: On March 4, 6:35 in the morning, you’re down in Florida, and you tweet, the former Administration wiretapped me, surveilled me, at Trump Tower during the last election. Um, how did you find out? You said, I just found out. How did you learn that?

Trump: I’ve been reading about things. I read in, I think it was January 20th, a NYT article, they were talking about wiretapping. There was an article, I think they used that exact term. I read other things. I watched your friend Bret Baier, the day previous, where he was talking about certain very complex sets of things happening, and wiretapping. I said, wait a minute, there’s a lot of wiretapping being talked about. I’ve been seeing a lot of things. Now, for the most part I’m not going to discuss it because we have it before the committee, and we will be submitting things before the committee very soon, that hasn’t been submitted as of yet. But it’s potentially a very serious situation.

Tucker: So 51,000 people retweeted that, so a lot of people thought that was plausible, they believe you, you’re the president. You’re in charge of the agencies, every intelligence agency reports to you. Why not immediately go to them and gather evidence to support that?

Trump: Because I don’t want to do anything that’s going to violate any strength of an agency. You know we have enough problems. And by the way, with the CIA, I just want people to know, the CIA was hacked and a lot of things taken. That was during the Obama years. That was not during, us, that was during the Obama situation. Mike Pompeo is there now, doing a fantastic job. But we will be submitting certain things, and I will be perhaps speaking about this next week. But it’s right now before the Committee, and I think I want to leave it at that. I have a lot of confidence in the committee.

Tucker: Why not wait to tweet about it until you can prove it? Does it devalue your words when you can’t provide evidence?

Trump: Well because the NYT wrote about it. You know, not that I respect the NYT. I call it the failing NYT. They did write on January 20 using the word wiretap. Other people have come out with —

Tucker: Right, but you’re the President. You have the ability to gather all the evidence you want.

Trump: I do, I do. But I think that frankly we have a lot right now and I think if you watch, uh, if you watched the Brett Baier and what he was saying and what he was talking about and how he mentioned the word wiretap, you would feel very confident that you could mention the name. He mentioned it and other people have mentioned it. But if you take a look at some of the things written about wiretapping and eavesdropping, and don’t forget when I say wiretap, those words were in quotes, that really covers, because wiretapping is pretty old fashioned stuff. But that really covers surveillance and many other things. And nobody ever talks about the fact that it was in quotes but that’s a very important thing. But wiretap covers a lot of different things. I think you’re going to find some very interesting items over the next two weeks. [my emphasis]

It was clear even at the time that it was a reference to the Vault 7 files, now alleged to have been leaked to WikiLeaks by Joshua Schulte; the first installment of files were released eight days earlier.

The next day, Adam Schiff, who as the then-Ranking HPSCI member, likely had been briefed on the leak, responded to Trump’s comments and suggested that, while Trump couldn’t have broken the law for revealing classified information, he should nevertheless try to avoid releasing it like this, without any kind of consideration of the impact of it.

Last night, the President stated on Fox News that “I just wanted people to know, the CIA was hacked, and a lot of things taken–that was during the Obama years.” In his effort to once again blame Obama, the President appears to have discussed something that, if true and accurate, would otherwise be considered classified information,

It would be one thing if the President’s statement were the product of intelligence community discussion and a purposeful decision to disclose information to the public, but that is unlikely to be the case. The President has the power to declassify whatever he wants, but this should be done as the product of thoughtful consideration and with intense input from any agency affected. For anyone else to do what the President may have done, would constitute what he deplores as “leaks.”

Trump did reveal information the CIA still considered classified. At the very least, by saying that CIA got hacked, he confirmed the Vault 7 documents were authentic files from the CIA, something the government was not otherwise confirming publicly at that time. (Compare Mike Pompeo’s oblique comments about the leak from a month later.)

His reference to the volume of stolen files may have been based on what the CIA had learned from reviewing the initial dump; court filings make it clear the CIA still did not know precisely what had been stolen.

His reference to a hack, rather than a leak, is an interesting word choice, as the compromise has usually been called a leak. But Schulte’s initial search warrants listed both Espionage and the Computer Fraud and Abuse Act, meaning the government was treating it as (partly) a hacking investigation. And some of the techniques he allegedly used to steal the files are the same that hackers use to obfuscate their tracks (which is unsurprising, given that Schulte wrote some of the CIA’s obfuscation tools).

Perhaps the most damning part of Trump’s statement, however, was the main one: that the theft had taken place under Obama. WikiLeaks’ initial release was totally noncommittal about when they obtained the files, but said it had been “recent[].” By making it clear that the government knew the theft had taken place in 2016 and not more “recently,” Trump revealed a detail that would have made it more likely Schulte would realize they believed he was the culprit (though he knew from the start he’d be a suspect), given that he’d left the agency just days after Trump was elected.

The most damning part of all of this, though, is the timing. Trump made these comments at an unbelievably sensitive time in the investigation.

Tucker did the interview while accompanying Trump to Detroit on March 15, 2017, which means the interview took place sometime between 10:50 AM and 3:30 PM (Tucker said the interview happened at Willow Run Airport, but this schedule says he flew into DTW). Unless it was given special billing, it would have aired at 9PM on March 15.

That means Trump probably made the comments as the FBI was preparing a search of Schulte’s apartment, the first step the FBI took that would confirm for Schulte that he was the main suspect in the leak. Trump’s comments likely aired during the search, before the moment Schulte left his apartment with two passports while the search was ongoing.

CIA had had a bit of advanced warning about the leak. In the lead-up to the leaks (at least by February 3), a lawyer representing Julian Assange, Adam Waldman, was trying to use the Vault 7 files to make a deal with the US government, at first offering to mitigate the damage of the release for some vaguely defined safe passage for Assange. The next day, WikiLeaks first hyped the release, presumably as part of an attempt to apply pressure on the US. Shortly thereafter, Waldman started pitching Mark Warner (who, with Richard Burr, could have granted Assange immunity in conjunction with SSCI’s investigation). On February 17, Jim Comey told Warner to stop his negotiations, though Waldman would continue to discuss the issue to David Laufman at DOJ even after the initial release. Weeks later, WikiLeaks released the initial dump of files on March 7.

An early WaPo report on the leak (which Schulte googled for its information about what the CIA knew before WikiLeaks published) claimed that CIA’s Internal Security had started conducting its own investigation without alerting FBI to the leak (though obviously Comey knew of it by mid-February). The same report quoted a CIA spox downplaying the impact of a leak it now calls “catastrophic.”

By March 13, the day the FBI got its first warrant on Schulte, the FBI had focused on Schulte as the primary target of the investigation. They based that focus on the following evidence, which appears to incorporate information from the CIA’s own internal investigation, an assessment of the first document dump, and some FBI interviews with his colleagues in the wake of the first release:

  • The FBI believed (and still maintains) that the files were stolen from the onsite backup server
  • Schulte was one of a small group of SysAdmins who had privileges to that server (in the initial warrant they said just three people did but have since revised the number to five)
  • The FBI believed (mistakenly) that the files were copied on March 7, 2016, a time when one of the other two known SysAdmins was offsite
  • Schulte had had a blow-up with a colleague that led to him souring on his bosses
  • During the period the CIA was investigating that blow-up, Schulte had reset his administrative privileges to restore his access to the backup server and one project he was working on
  • As part of his August security clearance renewal, some of Schulte’s colleagues said they thought he could be subject to coercion and was not adhering to rules on removable media
  • Just before he left, Schulte created two documents claiming to have raised concerns about the security of the CIA’s servers that (the government claims) he didn’t actually raise
  • Names identifying the two other SysAdmins who had access to the backup server, but not Schulte’s, were included in the initial release
  • In six days since the initial Vault 7 release, Schulte had contacted colleagues and told them he thought he’d be a suspect but was not the leaker

Having obtained a warrant based off that probable cause, on the afternoon of March 13, FBI agents went to conduct a covert search of Schulte’s apartment. The FBI was trying to conduct the search before a trip to Mexico Schulte was scheduled to take on March 16, which (as the affidavit noted) would have been only his second trip outside the US reflected in DHS records. But when the FBI got to Schulte’s apartment, they found a slew of computer devices (listed at PDF 116), making the covert search impractical. So overnight, they obtained a second warrant for an overt search; the FBI obtained that warrant at 1:36 AM on March 14. During that same overnight trip to the magistrate, the FBI also obtained warrants for Schulte’s Google, Reddit, and GitHub accounts.

There’s a lack of clarity about this detail in the public record: the warrant is dated March 14, but it is described as the “March 15 warrant.” The overt search continued through the night in question, so it could either be March 14-15 or March 15-16. The government’s response to Schulte’s motion to suppress the search says, “The Overt Warrant was signed during the early morning hours of March 14, 2017, and the FBI executed the warrant the same day.” But a May 5, 2017 affidavit (starting at PDF 129) says the overt search of Schulte’s apartment took place on March 15.

Whatever day the search happened, it appears that the search started when the lead agent approached Schulte in the lobby of Bloomberg, perhaps as he was leaving work, and asked if he had a role in the leak, which Schulte denied. (This conversation is one basis for Schulte’s false statements charge; the Bill of Particulars describing the interview says it took place on March 15.) The agent got Schulte to confirm he was traveling to Mexico on March 16, then got Schulte to let them into his apartment (Bloomberg is at 120 Park Avenue; Schulte lived at 200 E 39th Street, five blocks away). The search of Schulte’s apartment went through the night. Sometime between 10 and 11 PM, Schulte left his apartment, telling the FBI Agents he’d return around 11:30 PM. By 12:15 AM he hadn’t returned, so the lead FBI Agent went and found him leaving Bloomberg. They told him they had found classified information in his apartment, and asked for his passports. He went back to his workstation to retrieve them, and voluntarily handed them over. The affidavit describes Schulte being put on leave by Bloomberg on March 16, the last day he reported to work at Bloomberg (which would be consistent with the search taking place on the night of March 15-16).

If the search took place overnight on March 14-15, Trump’s statements might have reflected knowledge the search had occurred (and that FBI had found classified information in Schulte’s apartment that would sustain an arrest on false statements and mishandling classified information charges, if need be). If the search took place overnight on March 15-16 (which seems to be what the record implies), it would mean Trump made the comments before the search and they would have been aired on Fox News during it.

In other words, Trump may well have made the comments at a time when FBI was trying to avoid giving Schulte any advance notice because they were afraid he might destroy evidence.

In addition, Trump undoubtedly made the comments (and Schiff highlighted the significance of them) before Schulte had follow-up interviews on March 20 and 21, at which he denied, among other things, ever making CIA’s servers more vulnerable to compromise. If Schulte had read Trump’s comment he’d be more worried about anything akin to hacking.

The question is, how much of what Trump said reflected real knowledge of the investigation, and to what degree should he have known that blurting this out could be unbelievably damaging to the investigation?

Given Trump’s imprecision in speech, his comments could derive entirely from the Vault 7 release itself, or at least a really high level briefing (with pictures!) of the compromise and CIA’s efforts to mitigate it.

But there are two pieces of evidence that suggest Trump may have been briefed in more detail about Schulte as a target.

Jim Comey testified on June 8, 2017 that, in addition to asking him to, “let this [Flynn thing] go,” Trump had asked him about a classified investigation, but that conversation was entirely professional.

WARNER: Tens of thousands. Did the president ever ask about any other ongoing investigation?

COMEY: No.

WARNER: Did he ever ask about you trying to interfere on any other investigation?

COMEY: No.

WARNER: I think, again, this speaks volumes. This doesn’t even get to the questions around the phone calls about lifting the cloud. I know other members will get to that, but I really appreciate your testimony, and appreciate your service to our nation.

COMEY: Thank you, Senator Warner. I’m sitting here going through my contacts with him. I had one conversation with the president that was classified where he asked about our, an ongoing intelligence investigation, it was brief and entirely professional.

Obviously there were a ton of investigations and this conversation could have taken place after Trump made the public comments. But the Vault 7 investigation would have been one of the most pressing investigations in the months before Comey got fired.

More directly on point, in his Presumption of Innocence blog, Schulte describes the interactions with the FBI during the search — which are consistent with them taking place on March 15 — this way (he has not sought to suppress the statements he made that night, which suggests his claims of coercion aren’t strong enough to impress his attorneys):

The FBI set an artificial and misguided deadline on the night before I was to depart NYC for Cancun to prevent me from leaving the country. Despite my insistence with them that the notion someone would flee the country AFTER the publication literally made no sense—if it were me communicating with WikiLeaks then obviously I would have made damn sure to leave BEFORE it happened—they were persistent in their belief that I was guilty. The FBI literally told me that everyone ”up to the top” knew we were having this conversation and that “they” could not afford to let me leave the country. “They” could not afford another national embarrassment like Snowden. “They” would not, under any circumstances, allow me to leave the country. The FBI were prepared and willing to do anything and everything to prevent me from leaving the country including threaten my immediate arrest arrest unless I surrendered my passport. I did NOT initially consent, but the FBI held me against my will without any arrest warrant and even actively disrupted my attempts to contact an attorney. Intimidated, fearful, and without counsel, I eventually consented. I was immediately suspended from work

Schulte’s an egotist and has told obvious lies, especially in his public statements attempting to claim innocence. But if it’s true that the FBI agents told him everyone “up to the top” knew they were having the conversation with him on March 15, it might reflect knowledge that people at least as senior as Comey or Sessions or Pompeo knew the FBI was going to conduct an overt search with one goal being to prevent Schulte from leaving the country. And given the purported reference to Snowden and the way the entire government pursued him, it is not impossible that Trump had been asked to authorize Schulte’s arrest if he didn’t surrender his passports.

In other words, it is certainly possible that when Trump boasted that the CIA’s hacking tools had been stolen under Obama and not under his Administration (an interesting claim to begin with, given the delay in CIA alerting the FBI that WaPo reported), he had been briefed about Schulte within the last 48 hours or even that morning.

To be clear, I’m not suggesting that this comment was a deliberate attempt to sabotage the FBI investigation. Trump has a habit of mindlessly repeating whatever he has heard most recently, so if Trump were briefed on the investigative steps against Schulte on the 14th or 15th, it’s not surprising he brought it up when sitting with Tucker mid-day on the 15th, particularly given that they were discussing surveillance.

But imagine how this would look to the FBI as Trump started engaging in outright obstruction of the Russian investigation, particularly by firing Comey. There’s nothing in the public record that suggests a tie between Schulte’s leaks and Russia. But Schulte’s leaks (most notably the Marble Framework he authored) not only would have made it easier for Russia to identify CIA’s Russian targets, but they would have forced CIA to rebuild during a period it was trying to figure out what had happened in 2016 (and NSA would be in the same position, post Shadow Brokers). When the FBI was trying to keep their focus on Schulte secret for one more day so they could get to his apartment before he started destroying things, Trump sat before a TV camera and made a comment that might have alerted Schulte the FBI did, indeed, believe he was the culprit.

And Trump did so all to blame Obama for a catastrophic leak rather than himself.

Dan Coats Still Refusing to Provide the Evidence that Russia Didn’t Affect the Election

Last month, I noted a troubling exchange between Martin Heinrich, Dan Coats, and Richard Burr in the Global Threats Hearing.

Martin Heinrich then asked Coats why ODNI had not shared the report on election tampering even with the Senate Intelligence Committee.

Heinrich: Director Coats, I want to come back to you for a moment. Your office issued a statement recently announcing that you had submitted the intelligence community’s report assessing the threats to the 2018 mid-term elections to the President and to appropriate Executive Agencies. Our committee has not seen this report. And despite committee requests following the election that the ODNI brief the committee on any identified threats, it took ODNI two months to get a simple oral briefing and no written assessment has yet been provided. Can you explain to me why we haven’t been kept more fully and currently informed about those Russian activities in the 2018–

Chairman Richard Burr interrupts to say that, in fact, he and Vice Chair Mark Warner have seen the report.

Burr: Before you respond, let me just acknowledge to the members that the Vice Chairman and I have both been briefed on the report and it’s my understanding that the report at some point will be available.

Coats then gives a lame excuse about the deadlines, 45 days, then 45 days.

Coats: The process that we’re going through are two 45 day periods, one for the IC to assess whether there was anything that resulted in a change of the vote or anything with machines, uh, what the influence efforts were and so forth. So we collected all of that, and the second 45 days — which we then provided to the Chairman and Vice Chairman. And the second 45 days is with DHS looking, and DOJ, looking at whether there’s information enough there to take — to determine what kind of response they might take. We’re waiting for that final information to come in.

After Coats dodges his question about sharing the report with the Committee, Heinrich then turns to Burr to figure out when they’re going to get the information. Burr at least hints that the Executive might try to withhold this report, but it hasn’t gotten to that yet.

Heinrich: So the rest of us can look forward — so the rest of us can then look forward to reading the report?

Coats: I think we will be informing the Chairman and the Vice Chairman of that, of their decisions.

Heinrich: That’s not what I asked. Will the rest of the Committee have access to that report, Mr. Chairman?

[pause]

Heinrich: Chairman Burr?

Burr; Well, let me say to members we’re sort of in unchartered ground. But I make the same commitment I always do, that anything that the Vice Chairman and myself are exposed to, we’ll make every request to open the aperture so that all members will be able to read I think it’s vitally important, especially on this one, we’re not to a point where we’ve been denied or we’re not to a point that negotiations need to start. So it’s my hope that, once the final 45-day window is up that is a report that will be made available, probably to members only.

Coming as it did in a hearing where it became clear that Trump’s spooks are helpless in keeping Trump from pursuing policies that damage the country, this exchange got very little attention. But it should!

DOJ missed its 45 day plus 45 day deadline of reporting whether any election tampering had had an effect. But just by one day. The day after their deadline, the Big Dick Toilet Salesman Matt Whitaker and serial liar Kirstjen Nielsen gave Trump a report claiming that any tampering had not had any impact on the election.

Although the specific conclusions within the joint report must remain classified, the Departments have concluded there is no evidence to date that any identified activities of a foreign government or foreign agent had a material impact on the integrity or security of election infrastructure or political/campaign infrastructure used in the 2018 midterm elections for the United States Congress. This finding was informed by a report prepared by the Office of the Director of National Intelligence (ODNI) pursuant to the same Executive Order and is consistent with what was indicated by the U.S. government after the 2018 elections.

While the report remains classified, its findings will help drive future efforts to protect election and political/campaign infrastructure from foreign interference.

Then, today, CyberComm boasted that that they had helped deter Russia during the midterms.

Senators from both political parties on Thursday praised the military’s cyber force for helping secure last year’s midterm elections, with one suggesting it was largely due to U.S. Cyber Command that the Russians failed to affect the 2018 vote.

“Would it be fair to say that it is not a coincidence that this election went off without a hitch and the fact that you were actively involved in the protection of very important infrastructure?” Sen. Mike Rounds (R-S.D.) asked Gen. Paul Nakasone, the command’s leader, at a hearing of the Senate Armed Services Committee.

Military officials have said new authorities, approved over the last year, enabled CyberCom to be more aggressive — and effective — in what they privately say was an apparent success. Nakasone, who also heads the National Security Agency, stopped short of saying it was CyberCom that made the difference, telling Rounds that safeguarding the election was the agencies’ “number-one priority.”

But ODNI is still not providing SSCI — the people who are supposed to see such evidence — proof. Heinrich wrote Dan Coats a letter, signed by every member of SSCI,

Your office a statement in December that you had submitted the Intelligence Committee’s report assessing threats to the 2018 elections to the president and appropriate executive agencies. This month, the acting Attorney General and the Secretary of Homeland Security announced they had submitted their joint report evaluating the impact of any foreign interference on election infrastructure for the infrastructure of political organizations during the midterm elections.

While the agencies provided brief unclassified summaries of the reports’ findings, the Select Committee on Intelligence has not been provided either report. We request that you provide to all Committee Members and cleared staff both classified reports required by EO 13848 as soon as possible. Those reports are necessary for the Committee to meet its mission and charter to conduct vigorous oversight over the intelligence and intelligence-related activities of the United States Government.

They’re clearly hiding something. The question is whether it’s that Trump didn’t try to prevent tampering, or that some of the efforts — included the known effort to hack Claire McCaskill — actually did have an effect.

 

On SSCI’s Investigation: Manafort “Conspired” Whether or Not Trump Also “Colluded”

I’d like to point out something about this NBC report headlined, “Senate has uncovered no direct evidence of conspiracy between Trump campaign and Russia,” but instead showing,

investigators disagree along party lines when it comes to the implications of a pattern of contacts they have documented between Trump associates and Russians — contacts that occurred before, during and after Russian intelligence operatives were seeking to help Donald Trump by leaking hacked Democratic emails and attacking his opponent, Hillary Clinton, on social media.

I sometimes beat up on Ken Dilanian and I don’t mean to do so here. Putting the headline and lead aside, his report shows the disagreement here, and he even references Mark Warner’s recent focus on Paul Manafort’s sharing of polling data with Konstantin Kilimnik (though it’s not clear he asked Richard Burr about the report).

After it recently emerged that Trump campaign chairman Paul Manafort shared campaign polling data with a man the FBI says is linked to Russian intelligence, Warner called that the most persuasive evidence yet of coordination.

“This appears as the closest we’ve seen yet to real, live, actual collusion,” he said on CNN.

No evidence has emerged, however, linking the transfer of polling data to Trump.

Natasha Bertrand says the report soft-pedals the Democrats’ belief.

Senate Intelligence Committee aide tells me, re: NBC story, that right now there is “a common set of facts” that the panel is working with, “and a disagreement about what those facts mean.” They add: “We are closer to the end than the beginning, but we’re not wrapping up.”

But I think something else is going on, in addition to any downplaying Democrats’ views.

It’s that the report shifts back and forth between “conspiracy” and “collusion.”

After two years and 200 interviews, the Senate Intelligence Committee is approaching the end of its investigation into the 2016 election, having uncovered no direct evidence of a conspiracy between the Trump campaign and Russia, according to both Democrats and Republicans on the committee.

[snip]

“If we write a report based upon the facts that we have, then we don’t have anything that would suggest there was collusion by the Trump campaign and Russia,” said Sen. Richard Burr, R-N.C., the chairman of the Senate Intelligence Committee, in an interview with CBS News last week.

[snip]

“We were never going find a contract signed in blood saying, ‘Hey Vlad, we’re going to collude,'” one Democratic aide said.

[snip]

House Republicans announced last year they had found no evidence of collusion, but their report came under immediate criticism as a highly partisan product that excluded Democrats.

[snip]

“Senator Richard Burr, The Chairman of the Senate Intelligence Committee, just announced that after almost two years, more than two hundred interviews, and thousands of documents, they have found NO COLLUSION BETWEEN TRUMP AND RUSSIA!” Trump tweeted Sunday. “Is anybody really surprised by this?”

[snip]

“This [sharing polling data] appears as the closest we’ve seen yet to real, live, actual collusion,” he said on CNN.

[snip]

The final Senate report may not reach a conclusion on whether the contacts added up to collusion or coordination with Russia, Burr said.

Democrats told NBC News that’s a distinct possibility.

“What I’m telling you is that I’m going to present, as best we can, the facts to you and to the American people,” Burr told CBS. “And you’ll have to draw your own conclusion as to whether you think that, by whatever definition, that’s collusion.”

The story promises to talk about conspiracy, but then ends up talking about “collusion,” going so far as quoting Burr saying you need to draw your own conclusion about what you think the definition of “collusion” is.

That’s an important distinction, especially in a report that talks about Paul Manafort, not least because Manafort has already pled guilty to conspiring with Konstantin Kilimnik, albeit for covering up crimes in 2018 rather than committing them in 2016.

And while Burr complains we can’t know his or any of the other flunkies’ motives, Andrew Weissmann made it clear that Manafort told the grand jury he didn’t have just one motive when he handed highly detailed, recent polling data to Konstantin Kilimnik to be handed over to his Ukrainian and Russian paymasters.

And I think that in the grand jury, Mr. Manafort said that from his perspective, [sharing polling data] which he admitted at that point was with — he understood that it was going to be given by [redacted] to the [redacted] and to Mr. redacted 9 character name], both. That from his perspective, it was — there was no downside — I’m paraphrasing — it was sort of a win-win. That there was nothing — there was no negatives.

[snip]

My answer, with respect to the Court’s question about what it is — what the defendant’s intent was in terms of what he thought [redacted] I was just trying to answer that question, even though that’s not one of the bases for saying there was a lie here. And so I was just trying to answer that question. And what I meant by his statement that there’s no downside, is that can you imagine multiple reasons for [redacted]. And I think the only downside —

THE COURT: You meant no downside to him?

MR. WEISSMANN: Yes.

THE COURT: You weren’t suggesting that there was nothing — there’s no scenario under which this could be a bad thing?

MR. WEISSMANN: Oh, sorry. Yes. I meant there was no downside — Mr. Manafort had said there was no downside to Mr. Manafort doing it.

[snip]

MR. WEISSMANN: And meaning all of this is a benefit. The negative, as I said, was it coming out that he did this.

This August 2, 2016 data hand-off occurred in the specific context of Manafort trying to get whole on his $20 million debt to Oleg Deripaska. The data was also going to some Ukrainian oligarchs that Manafort expected to pay him $2.4 million in November 2016. And all that’s aside from whether Manafort expected the Russians to do anything with the data that might help Trump.

He was badly underwater, and — according to his grand jury testimony, at least as described by Weissmann — he clandestinely handed off recent detailed polling data to a guy connected to the agency that was still hacking Hillary Clinton, to be shared with a bunch of oligarchs who could help him reverse his financial fortunes.

It seems there’s a conspiracy there one way another. Either Manafort effectively stole Trump’s campaign data and traded it to foreigners for monetary gain. And/or Manafort handed over that data expecting that the campaign would get a thing of value from the foreigners he was sharing it with.

Richard Burr would seem to argue that’s not “collusion” unless Trump knew about it (whether he did is one of the questions Mueller posed to Trump).

But it is a conspiracy, an agreement with Konstantin Kilimnik to commit one or more crimes, right there in the middle of the election season. Whether Mueller will charge it or do something else with it remains to be seen. But it is fairly clearly a conspiracy, down to the clandestine arrivals and departures from the dark cigar lounge.

Ultimately, Burr’s retreat to that word “collusion” is a tell. Because, given the public facts in this case, Republicans should be outraged that Trump’s campaign manager was so disloyal he shared highly sensitive data with potentially malign actors. Republicans should be outraged that Trump’s campaign manager was putting his own financial imperatives ahead of sound campaign practice.

But they’re not. For some reason, Republicans are not squawking about the explanation for this data hand-off that would suggest the campaign didn’t expect to benefit.

As I disclosed last July, I provided information to the FBI on issues related to the Mueller investigation, so I’m going to include disclosure statements on Mueller investigation posts from here on out. I will include the disclosure whether or not the stuff I shared with the FBI pertains to the subject of the post. 

The Disinformation Campaign Targeting Mueller and the Delayed Briefing to SSCI on Russian Election Interference

A lot of people are reporting and misreporting details from this Mueller filing revealing that it had been the target of disinformation efforts starting in October.

1000 non-sensitive files leaked along with the file structure Mueller provided it with

To substantiate an argument that Concord Management should not be able to share with Yevgeniy Prigozhin the sensitive discovery that the government has shared with their trollish lawyers, Mueller revealed that on October 22, someone posted 1000 files turned over in discovery along with a bunch of other crap, partially nested within the file structure of the files turned over in discovery.

On October 22, 2018, the newly created Twitter account @HackingRedstone published the following tweet: “We’ve got access to the Special Counsel Mueller’s probe database as we hacked Russian server with info from the Russian troll case Concord LLC v. Mueller. You can view all the files Mueller had about the IRA and Russian collusion. Enjoy the reading!”1 The tweet also included a link to a webpage located on an online file-sharing portal. This webpage contained file folders with names and folder structures that are unique to the names and structures of materials (including tracking numbers assigned by the Special Counsel’s Office) produced by the government in discovery.2 The FBI’s initial review of the over 300,000 files from the website has found that the unique “hashtag” values of over 1,000 files on the website matched the hashtag values of files produced in discovery.3 Furthermore, the FBI’s ongoing review has found no evidence that U.S. government servers, including servers used by the Special Counsel’s Office, fell victim to any computer intrusion involving the discovery files.

1 On that same date, a reporter contacted the Special Counsel’s Office to advise that the reporter had received a direct message on Twitter from an individual who stated that they had received discovery material by hacking into a Russian legal company that had obtained discovery material from Reed Smith. The individual further stated that he or she was able to view and download the files from the Russian legal company’s database through a remote server.

2 For example, the file-sharing website contains a folder labeled “001-W773.” Within that folder was a folder labeled “Yahoo.” Within that folder was a folder labeled “return.” Within the “return” folder were several folders with the names of email addresses. In discovery in this case, the government produced a zip file named “Yahoo 773.” Within that zip file were search warrant returns for Yahoo email accounts. The names of the email accounts contained in that zip file were identical to the names of the email address folders within the “return” subfolder on the webpage. The webpage contained numerous other examples of similarities between the structure of the discovery and the names and structures of the file folders on the webpage. The file names and structure of the material produced by the government in discovery are not a matter of public record. At the same time, some folders contained within the Redstone Hacking release have naming conventions that do not appear in the government’s discovery production but appear to have been applied in the course of uploading the government’s production. For example, the “001- W773” folder appears within a folder labeled “REL001,” which is not a folder found within the government’s production. The naming convention of folder “REL001” suggests that the contents of the folder came from a production managed on Relativity, a software platform for managing document review. Neither the Special Counsel’s Office nor the U.S. Attorney’s Office used Relativity to produce discovery in this case. [my emphasis]

It sounds like Mueller’s office found out about it when being contacted by the journalist who had been alerted to the content on Twitter.

But before Mueller asked Concord’s trollish lawyers about it, the defense attorneys — citing media contacts they themselves had received — contacted prosecutors to offer a bullshit excuse about where the files came from.

On October 23, 2018, the day after the tweet quoted above, defense counsel contacted the government to advise that defense counsel had received media inquiries from journalists claiming they had been offered “hacked discovery materials from our case.” Defense counsel advised that the vendor hired by the defense reported no unauthorized access to the non-sensitive discovery. Defense counsel concluded, “I think it is a scam peddling the stuff that was hacked and dumped many years ago by Shaltai Boltai,” referencing a purported hack of Concord’s computer systems that occurred in approximately 2014. That hypothesis is not consistent with the fact that actual discovery materials from this case existed on the site, and that many of the file names and file structures on the webpage reflected file names and file structures from the discovery production in this case.

Without any hint of accusation against the defense attorneys (though this motion is accompanied by an ex parte one, so who knows if they offered further explanation there), Mueller notes any sharing of this information for disinformation purposes would violate the protective order in the case.

As stated previously, these facts establish a use of the non-sensitive discovery in this case in a manner inconsistent with the terms of the protective order. The order states that discovery may be used by defense counsel “solely in connection with the defense of this criminal case, and for no other purpose, and in connection with no other proceeding, without further order of this Court,” Dkt. No. 42-1, ¶ 1, and that “authorized persons shall not copy or reproduce the materials except in order to provide copies of the materials for use in connection with this case by defense counsel and authorized persons,” id. ¶ 3. The use of the file names and file structure of the discovery to create a webpage intended to discredit the investigation in this case described above shows that the discovery was reproduced for a purpose other than the defense of the case.

Update: Thursday evening, Mueller submitted another version of this clarifying that the @HackingRedstone tweets alerting journalists to the document dump were DMs, and so not public (or visible to the defense). The first public tweet publicizing the dump came on October 30, so even closer to the election.

Shortly after the government filed, defense counsel drew the government’s attention to the following sentence, which appears on page nine of the filing: “On October 22, 2018, the newly created Twitter account @HackingRedstone published the following tweet: ‘We’ve got access to the Special Counsel Mueller’s probe database as we hacked Russian server with info from the Russian troll case Concord LLC v. Mueller. You can view all the files Mueller had about the IRA and Russian collusion. Enjoy the reading!’” Defense counsel pointed out that this sentence could be read to suggest that the Twitter account broadcast a publicly-available “tweet” on October 22. In fact, the Twitter account @HackingRedstone began sending multiple private direct messages to members of the media promoting a link to the online file-sharing webpage using Twitter on October 22. The content of those direct messages was consistent with, but more expansive than, the quoted tweet to the general public, which was issued on October 30. By separate filing, the government will move to file under seal the text of the direct messages. The online file sharing webpage was publicly accessible at least starting on October 22.

I’m not sure it makes the defense response any more or less suspect. But it does tie the disinformation even more closely with the election.

The Mueller disinformation was part of a month-long election season campaign

This thread, from one of the journalists who was offered the information, put it all in context back on November 7, the day after the election.

The thread shows how the release of the Mueller-related files was part of a month-long effort to seed a claim that the Internet Research Agency had succeeded in affecting the election.

Update: This story provides more background.

Other signs of the ongoing investigation into Yevgeniy Prigozhin’s trolls

Given how the Mueller disinformation functioned as part of that month-long, election oriented campaign, I’m more interested in this passage from the Mueller investigation than that the investigation had been targeted. Mueller argues that they shouldn’t have to share the sensitive discovery with Yevgeniy Prigozhin because the sensitive discovery mentions uncharged individuals who are still trying to fuck with our elections.

First, the sensitive discovery identifies uncharged individuals and entities that the government believes are continuing to engage in operations that interfere with lawful U.S. government functions like those activities charged in the indictment.

To be sure, we knew the investigation into Prigozhin’s trolls was ongoing. On October 19, just days before these files got dropped, DOJ unsealed an EDVA complaint, which had been filed under seal on September 28, against Prigozhin’s accountant, Alekseevna Khusyaynova. Along with showing Prigozhin’s trolls responding to the original Internet Research Agency indictment last February, it showed IRA’s ongoing troll efforts through at least June of last year.

Then, in December, Concord insinuated that Mueller prosecutor Rush Atkinson had obtained information via the firewall counsel and taken an investigative step on that information back on August 30.

On August 23, 2018, in connection with a request (“Concord’s Request”) made pursuant to the Protective Order entered by the Court, Dkt. No. 42-1, Concord provided confidential information to Firewall Counsel. The Court was made aware of the nature of this information in the sealed portion of Concord’s Motion for Leave to Respond to the Government’s Supplemental Briefing Relating to Defendant’s Motion to Dismiss the Indictment, filed on October 22, 2018. Dkt. No. 70-4 (Concord’s “Motion for Leave”). Seven days after Concord’s Request, on August 30, 2018, Assistant Special Counsel L. Rush Atkinson took investigative action on the exact same information Concord provided to Firewall Counsel. Undersigned counsel learned about this on October 4, 2018, based on discovery provided by the Special Counsel’s Office. Immediately upon identifying this remarkable coincidence, on October 5, 2018, undersigned counsel requested an explanation from the Special Counsel’s Office, copying Firewall Counsel on the e-mail.

[snip]

Having received no further explanation or information from the government, undersigned counsel raised this issue with the Court in a filing made on October 22, 2018 in connection with the then-pending Motion to Dismiss. In response to questions from the Court, Firewall Counsel denied having any communication with the Special Counsel’s Office.

This was a bid to obtain live grand jury investigative information, one that failed earlier this month after Mueller explained under seal how his prosecutors had obtained this information and Dabney Friedrich denied the request.

What this filing, in conjunction with Josh Russell’s explanatory Twitter thread, reveals is that the Mueller disinformation effort was part of a disinformation campaign targeted at the election.

Dan Coats doesn’t want to share the report on Russian election tampering with SSCI

And I find that interesting because of a disturbing exchange in a very disturbing Global Threats hearing the other day. After getting both Director of National Intelligence Dan Coats and FBI Director Christopher Wray to offer excuses for White House decisions to given security risks like Jared Kushner security clearance, Martin Heinrich then asked Coats why ODNI had not shared the report on election tampering even with the Senate Intelligence Committee.

Heinrich: Director Coats, I want to come back to you for a moment. Your office issued a statement recently announcing that you had submitted the intelligence community’s report assessing the threats to the 2018 mid-term elections to the President and to appropriate Executive Agencies. Our committee has not seen this report. And despite committee requests following the election that the ODNI brief the committee on any identified threats, it took ODNI two months to get a simple oral briefing and no written assessment has yet been provided. Can you explain to me why we haven’t been kept more fully and currently informed about those Russian activities in the 2018–

Chairman Richard Burr interrupts to say that, in fact, he and Vice Chair Mark Warner have seen the report.

Burr: Before you respond, let me just acknowledge to the members that the Vice Chairman and I have both been briefed on the report and it’s my understanding that the report at some point will be available.

Coats then gives a lame excuse about the deadlines, 45 days, then 45 days.

Coats: The process that we’re going through are two 45 day periods, one for the IC to assess whether there was anything that resulted in a change of the vote or anything with machines, uh, what the influence efforts were and so forth. So we collected all of that, and the second 45 days — which we then provided to the Chairman and Vice Chairman. And the second 45 days is with DHS looking, and DOJ, looking at whether there’s information enough there to take — to determine what kind of response they might take. We’re waiting for that final information to come in.

After Coats dodges his question about sharing the report with the Committee, Heinrich then turns to Burr to figure out when they’re going to get the information. Burr at least hints that the Executive might try to withhold this report, but it hasn’t gotten to that yet.

Heinrich: So the rest of us can look forward — so the rest of us can then look forward to reading the report?

Coats: I think we will be informing the Chairman and the Vice Chairman of that, of their decisions.

Heinrich: That’s not what I asked. Will the rest of the Committee have access to that report, Mr. Chairman?

[pause]

Heinrich: Chairman Burr?

Burr; Well, let me say to members we’re sort of in unchartered ground. But I make the same commitment I always do, that anything that the Vice Chairman and myself are exposed to, we’ll make every request to open the aperture so that all members will be able to read I think it’s vitally important, especially on this one, we’re not to a point where we’ve been denied or we’re not to a point that negotiations need to start. So it’s my hope that, once the final 45-day window is up that is a report that will be made available, probably to members only.

Coming as it did in a hearing where it became clear that Trump’s spooks are helpless in keeping Trump from pursuing policies that damage the country, this exchange got very little attention. But it should!

The Executive Branch by law has to report certain things to the Intelligence Committees. This report was mandated by Executive Order under threat of legislation mandating it.

And while Coats’ comment about DOJ, “looking at whether there’s information enough there to take — to determine what kind of response they might take,” suggests part of the sensitivity about this report stems from a delay to provide DOJ time to decide whether they’ll take prosecutorial action against what they saw in the election, the suggestion that only members of the committee (not staffers and not other members of Congress) will ever get the final report, as well as the suggestion that Coats might even fight that, put this report on a level of sensitivity that matches covert actions, the most sensitive information that get shared with Congress.

Maybe the Russians did have an effect on the election?

In any case, going back to the Mueller disinformation effort, that feels like very familiar dick-wagging, an effort to make key entities in the US feel vulnerable to Russian compromise. Mueller sounds pretty sure it was not a successful compromise (that is, the data came from Concord’s lawyers, not Mueller).

But if the disinformation was part an effort to boast that Putin’s allies had successfully tampered with the vote — particularly if Russia really succeeded in doing so — it might explain why this report is being treated with the sensitivity of the torture or illegal spying program.

Update: I’ve corrected this to note that in the end the Intelligence Authorization did not mandate this report, as was originally intended; Trump staved that requirement off with an Executive Order. Still, that still makes this look like an attempt to avoid admitting to Congress that your buddy Putin continues to tamper in US elections.

As I disclosed last July, I provided information to the FBI on issues related to the Mueller investigation, so I’m going to include disclosure statements on Mueller investigation posts from here on out. I will include the disclosure whether or not the stuff I shared with the FBI pertains to the subject of the post. 

The Year Long Trump Flunky Effort to Free Julian Assange

The NYT has an unbelievable story about how Paul Manafort went to Ecuador to try to get Julian Assange turned over. I say it’s unbelievable because it is 28 paragraphs long, yet it never once explains whether Assange would be turned over to the US for prosecution or for a golf retirement. Instead, the story stops short multiple times of what it implies: that Manafort was there as part of paying off Trump’s part of a deal, but the effort stopped as soon as Mueller was appointed.

Within a couple of days of Mr. Manafort’s final meeting in Quito, Robert S. Mueller III was appointed as the special counsel to investigate Russian interference in the 2016 election and related matters, and it quickly became clear that Mr. Manafort was a primary target. His talks with Ecuador ended without any deals.

The story itself — which given that it stopped once Mueller was appointed must be a limited hangout revealing that Manafort tried to free Assange, complete with participation from the spox that Manafort unbelievably continues to employ from his bankrupt jail cell — doesn’t surprise me at all.

After all, the people involved in the election conspiracy made multiple efforts to free Assange.

WikiLeaks kicked off the effort at least by December, when they sent a DM to Don Jr suggesting Trump should make him Australian Ambassador to the US.

Hi Don. Hope you’re doing well! In relation to Mr. Assange: Obama/Clinton placed pressure on Sweden, UK and Australia (his home country) to illicitly go after Mr. Assange. It would be real easy and helpful for your dad to suggest that Australia appoint Assange ambassador to DC “That’s a really smart tough guy and the most famous australian you have! ” or something similar. They won’t do it, but it will send the right signals to Australia, UK + Sweden to start following the law and stop bending it to ingratiate themselves with the Clintons. 12/16/16 12:38PM

Weeks later, Hannity would go to the Embassy to interview Assange. Assange fed him the alternate view of how he obtained the DNC emails, a story that would be critical to Trump’s success at putting the election year heist behind him, if it were successful. Trump and Hannity pushed the line that the hackers were not GRU, but some 400 pound guy in someone’s basement.

Then the effort actually shifted to Democrats and DOJ. Starting in February through May 2017, Oleg Deripaska and Julian Assange broker Adam Waldman tried to convince Bruce Ohr or Mark Warner to bring Assange to the US, using the threat of the Vault 7 files as leverage. In February, Jim Comey told DOJ to halt that effort. But Waldman continued negotiations, offering to throw testimony from Deripaska in as well. He even used testimony from Christopher Steele as leverage.

This effort has been consistently spun by the Mark Meadows/Devin Nunes/Jim Jordan crowd — feeding right wing propagandists like John Solomon — as an attempt to obstruct a beneficial counterintelligence discussion. It’s a testament to the extent to which GOP “investigations” have been an effort to spin an attempt to coerce freedom for Assange.

Shortly after this effort failed, Manafort picked it up, as laid out by the NYT. That continued until Mueller got hired.

There may have been a break (or maybe I’m missing the next step). But by the summer, Dana Rohrabacher and Chuck Johnson got in the act, with Rohrabacher going to the Embassy to learn the alternate story, which he offered to share with Trump.

Next up was Bill Binney, whom Trump started pushing Mike Pompeo to meet with, to hear Binney’s alternative story.

At around the same time, WikiLeaks released the single Vault 8 file they would release, followed shortly by Assange publicly re-upping his offer to set up a whistleblower hotel in DC.

Those events contributed to a crackdown on Assange and may have led to the jailing of accused Vault 7 source Joshua Schulte.

In December, Ecuador and Russia started working on a plan to sneak Assange out of the Embassy.

A few weeks later, Roger Stone got into the act, telling Randy Credico he was close to winning Assange a pardon.

These efforts have all fizzled, and I suspect as Mueller put together more information on Trump’s conspiracy with Russia, not only did the hopes of telling an alternative theory fade, but so did the possibility that a Trump pardon for Assange would look like anything other than a payoff for help getting elected. In June, the government finally got around to charging Schulte for Vault 7. But during the entire time he was in jail, he was apparently still attempting to leak information, which the government therefore obtained on video.

Ecuador’s increasing crackdown on Assange has paralleled the Schulte prosecution, with new restrictions, perhaps designed to provide the excuse to boot Assange from the Embassy, going into effect on December 1.

Don’t get me wrong: if I were Assange I’d use any means I could to obtain safe passage.

Indeed, this series of negotiations — and the players involved — may be far, far more damning for those close to Trump. Sean Hannity, Oleg Deripaska, Paul Manafort, Chuck Johnson, Dana Rohrabacher, Roger Stone, and Don Jr, may all worked to find a way to free Assange, all in the wake of Assange playing a key role in getting Trump elected. And they were conducting these negotiations even as WikiLeaks was burning the CIA’s hacking tools.