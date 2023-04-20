Comment on this story Comment Gift Article Share

There is a scene in the film version of John LeCarre’s “Tinker, Tailor, Soldier, Spy” in which Bill Haydon, the exposed Soviet mole at the heart British secret service, tells spymaster George Smiley: “I’m someone who’s made his mark.” If nothing else in the last two weeks, we’ve learned how easy it is now for someone with access to high-level intelligence to make his mark.

If the Justice Department is correct, a 21-year-old “cyber transport systems journeyman” with the Massachusetts Air National Guard is responsible for one of the most damaging leaks of classified material in US history, which he posted on an obscure gamers’ chat platform called Discord. Things have gone seriously déclassé since the Cambridge Five.

To try and make sense of this covert craziness, I had a talk with Amy Zegart, the author of Spies, Lies, and Algorithms: The History and Future of American Intelligence. Zegart is also a senior fellow at the Hoover Institution and the Freeman Spogli Institute for International Studies at Stanford University. Here is a lightly edited transcript of our discussion:

Tobin Harshaw: You wrote a piece last week titled “Everything About the Ukraine Leak Is Incredibly Weird.” So, what’s the weirdest part so far?

Amy Zegart: The weirdest thing is that the alleged leaker wanted to impress a handful of friends by exposing top secret documents on a completely obscure gamer platform, Discord. This is presumably someone who is driven by ego, but the ego is manifesting itself in a way that we typically don’t see with these kinds of cases.

Typically, when we see cases of people charged with betraying US secrets and they’re motivated by ego, they are working with a foreign power. So far, that doesn’t appear to be the case, but again, there’s a lot we don’t know. And typically, they want to be known to the world, to make the secrets widely available to everyone.

That’s what Chelsea Manning did by sharing hundreds of thousands of top-secret documents on WikiLeaks; that’s what Edward Snowden did. But here we have an accused leaker, Jack Teixeira, who seems to have been focused on impressing a handful of his teenage gamer friends.

TH: The other day you tweeted: “Lots of people are asking how the military could trust a 21-year-old. Wrong question. Right question is how anyone could #leak vital secrets without triggering alarms.” I see your point, but I have to say: How could the military trust a 21-year-old, low-level enlisted man in an Air National Guard unit to have access to this stuff?

AZ: I think there’s been a lot of focus on his age, and as I noted in my tweet, I think that’s misplaced. The military trusts young people to do a lot of very important jobs like handling nuclear weapons, dealing with top-secret information. We ask young men and women to risk their own lives in the military and make life-and-death decisions affecting others even though they’re not old enough to buy alcohol legally. And the vast majority of those who serve do those jobs well and with honor.

We also know from historical research about the motivations and the profiles of Americans who have been charged espionage-related crimes — more than 200 cases since the 1940s — that the most common profile isn’t someone young, it’s middle-aged, married men. The worst CIA traitor in history, Aldrich Ames, worked in the agency for three decades. The FBI’s most damaging traitor, Robert Hanssen, was caught just before his retirement. So, someone Teixeira’s age with access to top-secret stuff is not the head-scratcher.

TH: What is the head-scratcher?

AZ: How did this person end up getting access to so much information given his role?

What’s been publicly reported is that this Massachusetts Air National Guard unit provides a lot of intelligence support to the US military, including supporting global surveillance drone and spy-plane missions. It may be that Teixeira’s role required a clearance high enough to give him access to a wide range of classified documents. But it could be that his access was actually not appropriate at all for his job. Was it too permissive, creating unnecessary vulnerabilities?

Another possibility is that he could have used social engineering or other methods to gain access to information that he was not supposed to have. There’s still quite a lot that we don’t know.

In the days ahead, we need to get answers to three main questions: How did the leaker get access to the information he shared on Discord? What was the damage that was caused by its release? And why did he do it?

TH: In terms of the damage, the material about Ukraine’s alleged military weaknesses has been well covered. But a couple of other things jumped out at me. One was that some of the “Five Eyes” partners, the English-speaking nations at the heart of our information-sharing, may be upset that they didn’t have access to this, and yet this kid did.

AZ: There’s a justified concern that we need a more systematic approach to who is entitled and should be getting what kinds of information and for what purpose. And again, we don’t know what level of information Teixeira was supposed to have access to.

One of the big aspects of the damage from this leak is the “trust deficit” that results — the trust deficit with the Five Eyes partners, the trust deficit with the Ukrainians, the trust deficit with other allies and partners who need to receive intelligence information from the US and who need to provide intelligence to the US. If we can’t keep our secrets secret, how can they trust us?

TH: Another trust problem that popped up, most notably with South Korea, is that some people seem surprised and outraged that we spy on our allies. I can see people being outraged — but surprised? Doesn’t everyone know we do that?

AZ: I liken this to: If you know that your spouse is cheating on you, that is one thing, but if the world knows your spouse is cheating on you, that creates a different set of challenges.

People in these governments know that everybody spies on just about everybody. So, such revelations should not be surprising to government leaders abroad. But it is a problem when their domestic publics are confronted with the realities of the espionage world. That creates domestic political headaches for our allies, and as a result it creates friction in our bilateral relationships.

TH: Many people have been blaming the leaks on the “de-siloing” of intelligence after the 9/11 attacks. Do we now overshare within the government?

AZ: There’s no question that we didn’t share enough before 9/11. The US government didn’t know what it knew. And it wasn’t just that different agencies didn’t share with each other — individual agencies didn’t even know all the information they had themselves.

It’s easy to forget just how bad the siloing of intelligence was before 9/11. To give you just one example, weeks before the attacks, three different FBI field offices uncovered crucial clues to the plot, but none of the agents working those cases knew about the others.

But it’s an important question: Have we overcorrected since 9/11? Is the US government now sharing too much with too many? We don’t know the answer to that question yet.

TH: Which I guess leads to very biggest question: Is there anything we can do about intelligence leaks in our increasingly interconnected world? Given the fact that humans remain as vulnerable as humans have always been?

AZ: I sure want to know a heck of a lot more about the security clearance process that Airman Teixeira went through. Were there red flags that were overlooked or downplayed in that process? Was there any anomalous behavior that would’ve or should have raised red flags after he got his clearance? More than a million people in the US have top-secret clearances today. And humans are, as you said, often the weak link.

The other trend is with emerging technologies. One traitor can do more damage today in a shorter period of time than has historically been the case. In the Cold War, it took a lot of effort to smuggle documents out of buildings and hand them over to other people. In the modern age, you can post a lot of documents on Discord or wherever you want. That makes counterintelligence activities, protecting our secrets, all the more challenging today.

TH: You’ve looked at intelligence failures throughout history. What do we learn from this? Are there any immediate steps that we can take to improve security?

AZ: In terms of what history tells us about why people do these things, there are four common motives. The acronym is MICE: money; ideology; compromise (someone has dirt on you that can compromise you); and ego. Ego seems to be the outsized motive here.

Those things haven’t changed. What has changed is the need to share vast amounts of intelligence with allies and partners, the need to share domestically, and the ability of one person to do the US so much harm so fast by accessing digital information.

The question moving forward is about how to strike the right balance between adding security protections and inhibiting the intelligence-sharing that we need to make the entire system work efficiently. The more you make something secure, the harder it is and the longer it takes to do your work. In a perfectly secure world, nobody shares anything with anyone and the nation becomes more vulnerable to catastrophic surprises like Pearl Harbor and 9/11. But a world where secrets don’t stay secret is dangerous, too. It will always be a tradeoff between need to know and need to share.

