Trump and Russia
Americans must live with the uncertainty of not knowing whether Trump has the best interests of the United States or those of Russia at heart.
I find it hard to write about Donald Trump.
It is not that he is a complicated subject. Quite the opposite. It is that everything about him is so painfully obvious. He is a low-rent racist, a shameless misogynist, and an unbalanced narcissist. He is an unrelenting liar and a two-bit white identity demagogue. Lest anyone forget these things, he goes out of his way each day to remind us of them.
At the end of the day, he is certain to be left in the dustbin of history, alongside Father Coughlin and Gen. Edwin Walker. (Exactly – you don’t remember them, either.)
What more can I add?
Unfortunately, another word also describes him: president. The fact that such an unstable egomaniac occupies the White House is the greatest threat to the national security of the United States in modern history.
Which brings me to the only question about Donald Trump that I find really interesting: Is he a traitor?
Did he gain the presidency through collusion with Russian President Vladimir Putin?
One year after Trump took office, it is still unclear whether the president of the United States is an agent of a foreign power. Just step back and think about that for a moment.
His 2016 campaign is the subject of an ongoing federal inquiry that could determine whether Trump or people around him worked with Moscow to take control of the U.S. government. Americans must now live with the uncertainty of not knowing whether the president has the best interests of the United States or those of the Russian Federation at heart.
Most pundits in Washington now recoil at any suggestion that the Trump-Russia story is really about treason. They all want to say it’s about something else – what, they aren’t quite sure. They are afraid to use serious words. They are in the business of breaking down the Trump-Russia narrative into a long series of bite-sized, incremental stories in which the gravity of the overall case often gets lost. They seem to think that treason is too much of a conversation-stopper, that it interrupts the flow of cable television and Twitter. God forbid you might upset the right wing! (And the left wing, for that matter.)
But if a presidential candidate or his lieutenants secretly work with a foreign government that is a longtime adversary of the United States to manipulate and then win a presidential election, that is almost a textbook definition of treason.
In Article 3, Section 3, the U.S. Constitution states that “treason against the United States, shall consist only in levying War against them, or in adhering to their Enemies, giving them Aid and Comfort.”
Based on that provision in the Constitution, U.S. law – 18 U.S. Code § 2381 – states that “[w]hoever, owing allegiance to the United States, levies war against them or adheres to their enemies, giving them aid and comfort within the United States or elsewhere” is guilty of treason. Those found guilty of this high crime “shall suffer death, or shall be imprisoned not less than five years and fined under this title but not less than $10,000; and shall be incapable of holding any office under the United States.”
Now look at the mandate given to former FBI Director Robert Mueller when he was appointed special counsel by Deputy Attorney General Rod Rosenstein, who was acting in place of Attorney General Jeff Sessions, who had recused himself because of his role in the Trump campaign and the controversy surrounding his own meetings with the Russian ambassador to the United States.
On May 17, 2017, Rosenstein issued a letter stating that he was appointing a special counsel to “ensure a full and thorough investigation of the Russian government’s efforts to interfere in the 2016 presidential election.” He added that Mueller’s mandate was to investigate “any links and/or coordination between the Russian government and individuals associated with the campaign of President Donald Trump; and any matters that arose or may arise directly from the investigation.” Rosenstein noted that “[i]f the Special Counsel believes it is necessary and appropriate, the Special Counsel is authorized to prosecute federal crimes arising from the investigation of these matters.”
How closely aligned is Mueller’s mandate with the legal definition of treason? That boils down to the rhetorical differences between giving “aid and comfort, in the United States or elsewhere” to “enemies” of the United States and “any links and/or coordination” between the Russian government and Trump campaign aides related to “the Russian government’s efforts to interfere in the 2016 presidential election.”
Sounds similar to me.
As a practical matter, the special counsel is highly unlikely to pursue treason charges against Trump or his associates. Treason is vaguely defined in the law and very difficult to prove. To the extent that it is defined – as providing aid and comfort to an “enemy” of the United States – the question might come down to whether Russia is legally considered America’s “enemy.”
Russia may not meet the legal definition of an “enemy,” but it is certainly an adversary of the United States. It would make perfect sense for Russian President and de facto dictator Vladimir Putin to use his security services to conduct a covert operation to influence American politics to Moscow’s advantage. Such a program would fall well within the acceptable norms of great power behavior. After all, it is the kind of covert intelligence program the United States has conducted regularly against other nations – including Russia.
Throughout the Cold War, the CIA and the KGB were constantly engaged in such secret intelligence battles. The KGB had a nickname for the CIA: glavnyy vrag or “the main enemy.” In 2003, I co-authored a book called “The Main Enemy” with Milt Bearden, a retired CIA officer who had been chief of the CIA’s Soviet/Eastern European division when the Berlin Wall fell and the Soviet Union collapsed. The book was about the intelligence wars between the CIA and the KGB.
Today’s cyber-spy wars are just the latest version of “The Great Game,” the wonderfully romantic name for the secret intelligence battles between the Russian and British empires for control of Central Asia in the 19th century. Russia, the United States, and other nations engage in such covert intelligence games all the time – whether they are “enemies” or simply rivals.
In fact, evidence of the connections between Trump’s bid for the White House and Russian ambitions to manipulate the 2016 U.S. election keeps piling up. Throughout late 2016 and early 2017, a series of reports from the U.S. intelligence community and other government agencies underlined and reinforced nearly every element of the Russian hacking narrative, including the Russian preference for Trump. The reports were notable in part because their findings exposed the agencies to criticism from Trump and his supporters and put them at odds with Trump’s public dismissals of reported Russian attempts to help him get elected, which he has called “fake news.”
In addition, a series of details has emerged through unofficial channels that seems to corroborate these authorized assessments. A classified NSA document obtained by The Intercept last year states that Russia’s military intelligence agency, the GRU, played a role in the Russian hack of the 2016 American election. In August, a Russian hacker confessed to hacking the Democratic National Committee under the supervision of an officer in Russia’s Federal Security Service, or FSB, who has separately been accused of spying for the U.S. And Dutch intelligence service AIVD has reportedly given the FBI significant inside information about the Russian hack of the Democratic Party.
On February 16, just hours after this column was published, the special counsel announced indictments of 13 Russians and three Russian entities for meddling in the U.S. election. The special counsel accused them of intervening to help Trump and damage the campaign of Hillary Clinton. The indictments mark the first time Mueller has brought charges against any Russians in his ongoing probe.
Given all this, it seems increasingly likely that the Russians have pulled off the most consequential covert action operation since Germany put Lenin on a train back to Petrograd in 1917.
There are four important tracks to follow in the Trump-Russia story. First, we must determine whether there is credible evidence for the underlying premise that Russia intervened in the 2016 election to help Trump win. Second, we must figure out whether Trump or people around him worked with the Russians to try to win the election. Next, we must scrutinize the evidence to understand whether Trump and his associates have sought to obstruct justice by impeding a federal investigation into whether Trump and Russia colluded. A fourth track concerns whether Republican leaders are now engaged in a criminal conspiracy to obstruct justice through their intense and ongoing efforts to discredit Mueller’s probe.
This, my first column for The Intercept, will focus on the first track of the Trump-Russia narrative. I will devote separate columns to each of the other tracks in turn.
The evidence that Russia intervened in the election to help Trump win is already compelling, and it grows stronger by the day.
There can be little doubt now that Russian intelligence officials were behind an effort to hack the DNC’s computers and steal emails and other information from aides to Hillary Clinton as a means of damaging her presidential campaign. Once they stole the correspondence, Russian intelligence officials used cutouts and fronts to launder the emails and get them into the bloodstream of the U.S. press. Russian intelligence also used fake social media accounts and other tools to create a global echo chamber both for stories about the emails and for anti-Clinton lies dressed up to look like news.
To their disgrace, editors and reporters at American news organizations greatly enhanced the Russian echo chamber, eagerly writing stories about Clinton and the Democratic Party based on the emails, while showing almost no interest during the presidential campaign in exactly how those emails came to be disclosed and distributed. The Intercept itself has faced such accusations. The hack was a much more important story than the content of the emails themselves, but that story was largely ignored because it was so easy for journalists to write about Clinton campaign chair John Podesta.
To anyone who has studied the history of the KGB, particularly during the Cold War, the attack on the Clinton campaign and the Democratic Party during the 2016 U.S. election looks like the contemporary cyber-descendant of countless analog KGB propaganda efforts. Back in the 1970s and 1980s, the KGB frequently engaged in ambitious disinformation campaigns that were designed to sow suspicion of the United States in the developing world. The KGB’s so-called “active measures” programs would use international front organizations, cutouts, and sometimes unwitting enablers in the press to disseminate their anti-American propaganda.
The most infamous and dangerously effective KGB disinformation campaign of the Cold War was known as Operation Infektion. It was a secret effort to convince people in developing countries that the United States had created the HIV/AIDS virus.
In 1983, a newspaper in India printed what purported to be a letter from an American scientist saying the virus had been developed by the Pentagon. The letter went on to suggest that the U.S. was moving its experiments to Pakistan, India’s archenemy. Meanwhile, the KGB got an East German scientist to spread misinformation supporting the Moscow-backed conspiracy theory that the U.S. was behind the virus.
While these lies never penetrated the U.S. mainstream, they nonetheless spread insidiously through much of the world.
Vladimir Putin was a KGB officer during the 1980s when the KGB was conducting this disinformation campaign. He was stationed in East Germany in the late 1980s, and there is a good chance he knew about the East German component of Operation Infektion.
After the fall of the Soviet Union in 1991, the KGB was broken up and its successor agencies renamed. But the KGB never really went away. Instead, it underwent an extensive rebranding that did little to change its culture and traditions.
The KGB’s First Chief Directorate, its foreign intelligence service, was renamed the SVR. Like its predecessor agency, it was still housed in the First Chief Directorate’s headquarters in the Yasenevo District of Moscow, which was known as the “Russian Langley” for its similarities to CIA headquarters. In the late 1990s and early 2000s, I met many former KGB officials in Moscow, including Leonid Shebarshin, the last leader of the First Chief Directorate, who was running the agency in 1991 when communist hardliners launched a coup against Soviet President Mikhail Gorbachev. By the time I met Shebarshin, he was retired and running an “economic intelligence” firm out of an office in Moscow’s old Dynamo Stadium, the home of the KGB’s soccer team. A mural on his office wall depicted scenes from the Battle of Stalingrad and the Bolshevik Revolution, signaling his immersion in the Soviet era.
After the Soviet collapse, the KGB’s Second Chief Directorate, which handled spy-hunting and counterintelligence, along with other directorates that handled the KGB’s internal police state functions, were bundled into a new organization known as the FSB, the Federal Security Service. I conducted extensive interviews with one of the most legendary spy-hunters of the Second Chief Directorate, Rem Krassilnikov, a man whose personal history showed how entwined Russian intelligence still was with its Soviet past. His first name, Rem, was an acronym for Revolutsky Mir – the “World Revolution” Soviet leaders had longed to bring about. His father had been a general in the NKVD, the Stalinist predecessor to the KGB, and whenever I talked to him, Krassilnikov made it clear that he still considered the United States his adversary. He proudly took me on a tour of sites around Moscow where he had arrested American spies.
No one even bothered to rename the GRU, Russia’s military intelligence agency. During the Cold War, the KGB considered the GRU a lower-class cousin, much as the CIA has always looked down upon the Pentagon’s Defense Intelligence Agency. Today, the GRU has added cyber and hacking capabilities like those of the National Security Agency. The GRU was involved in the Russian hack of the 2016 American election, according to a classified NSA document obtained by The Intercept, yet it still operates in the shadows of the more influential FSB and SVR.
Russian intelligence was briefly weakened following the collapse of the Soviet Union, but under Putin – the first KGB man to run the country since Yuri Andropov died in 1984 – it has come roaring back. During his KGB career, Putin served in both the First and Second Chief Directorates. One of his key formative experiences occurred in 1989, when the Berlin Wall fell. Putin was stationed in East Germany at the time, and his biographers have written that the personal humiliation he felt watching the Soviet empire collapse helps explain his drive to return Russia to great power status.
In 1998, Russian President Boris Yeltsin named Putin director of the FSB. Since coming to power himself, Putin has deployed his country’s spies in Chechnya, Georgia, the Crimea, eastern Ukraine, and Syria in a bid to reassert Moscow’s global influence.
Why wouldn’t he be willing to deploy his spies inside the computer system of the DNC as well?
The chronology of the attack on the Democratic Party is a sad testament to the overconfidence of the Clinton campaign. It also highlights the inattention of American intelligence and law enforcement and their failure to adequately warn the major political parties of looming cyberthreats to the U.S. electoral system.
In September 2015, the FBI made a halfhearted effort to tell the DNC that its computer system had been invaded. In November 2015, the FBI told the DNC that its computers were sending data to Russia, but even that didn’t seem to prompt much concern on the Democrats’ part. In March 2016, Podesta’s email account was hacked in a phishing attack, giving thieves access to thousands of his emails.
In May 2016, CrowdStrike, a cybercompany hired by the DNC after the party finally recognized it had a problem, told DNC officials that its computers had been compromised in two separate attacks with two sets of malware associated with Russian intelligence.
While the DNC used CrowdStrike, a private contractor, to conduct an investigation, it did not give the FBI access to its computer systems. That fact has since been seized upon by skeptics who say that CrowdStrike’s analysis can’t be considered credible. But according to a November BuzzFeed story, CrowdStrike’s lead investigator, Robert Johnston, was a former Marine captain who had previously worked at the U.S. Cyber Command, where he had investigated an attempted hack of the Joint Chiefs of Staff that he identified as likely associated with the FSB. He had recent experience in identifying the signatures of hacking linked to Russian intelligence.
In June 2016, WikiLeaks founder Julian Assange said WikiLeaks had obtained emails associated with Clinton. Just days later, the Washington Post reported that Russian intelligence had hacked the DNC’s computers.
In July 2016, just before the Democratic National Convention, Wikileaks released thousands of DNC emails, and the party’s chairwoman, Debbie Wasserman Schultz, was forced to resign.
In September 2016, Sen. Dianne Feinstein, the ranking Democrat on the Senate Intelligence Committee, and Rep. Adam Schiff, the ranking Democrat on the House Intelligence panel, issued a statement that they had received classified briefings that made it clear that Russian intelligence was trying to intervene in the election.
“We believe that orders for the Russian intelligence agencies to conduct such actions could come only from very senior levels of the Russian government,” their statement noted.
The key moment in the 2016 campaign came on October 7, when three events unfolded one after another. That afternoon, the Department of Homeland Security and the Director of the Office of National Intelligence issued a statement that U.S. intelligence believed Russia was behind the Democratic Party hacks and email releases.
“The U.S. Intelligence Community (USIC) is confident that the Russian Government directed the recent compromises of emails from US persons and institutions, including from US political organizations,” the statement read. “The recent disclosures of alleged hacked e-mails on sites like DCLeaks.com and WikiLeaks and by the Guccifer 2.0 online persona are consistent with the methods and motivations of Russian-directed efforts. These thefts and disclosures are intended to interfere with the U.S. election process.”
That statement was immediately overshadowed later that afternoon when the Washington Post published the infamous “Access Hollywood” tape, in which Trump is heard talking about how easy it is for him to get away with sexual assault, including groping and forcibly kissing women.
Later that afternoon, WikiLeaks started tweeting links to emails hacked from Podesta’s account. WikiLeaks then began releasing Podesta emails on a regular basis throughout the last month of the campaign. Meanwhile, a group called DC Leaks, which is now believed to be a front for the Russian hackers who sought to intervene in the election, released more Democratic Party-related documents.
Within days, Trump was telling his supporters at rallies: “I love WikiLeaks.”
The scope of the impact of Russian hacking and subsequent disclosures of Democratic Party emails and data on the outcome of the 2016 election remains unclear. But the disclosures certainly helped take at least some of the media’s attention off Trump, and probably should be credited with giving him time to recover from the disastrous “Access Hollywood” tape. The pattern and timing of the disclosures also strongly suggests that the objective was to damage Hillary Clinton’s campaign and help Donald Trump.
In December 2016, a month after the election, the FBI and the National Cybersecurity and Communications Integration Center issued a joint report detailing the cybertools used by Russian intelligence to attack the Democratic Party.
The report is still illuminating today because it suggests that the original DNC hack in 2015 was part of a much broader Russian cyberassault on a wide array of American institutions, including government agencies. Originally, it seems, the Russians were not specifically targeting the Democrats, but were simply casting a wide net in Washington to see who might take the bait.
The agencies’ report determined that in the summer of 2015, “an APT29 [Advanced Persistent Threat 29, one of two Russian intelligence “actors” identified in the report, also known as Cozy Bear] spearphishing campaign directed emails containing a malicious link to over 1,000 recipients, including multiple U.S. Government victims. APT29 used legitimate domains, to include domains associated with U.S. organizations and educational institutions, to host malware and send spearphishing emails. In the course of that campaign, APT29 successfully compromised a U.S. political party.”
The report adds that the Russians quickly followed up when they gained access to the Democrats. “APT29 delivered malware to the political party’s systems, established persistence, escalated privileges, enumerated active directory accounts, and exfiltrated email from several accounts through encrypted connections back through operational infrastructure.”
While intervening in the 2016 election may not have been the initial purpose of the cyberattack, once the Russians opportunistically struck gold by breaking into the DNC, they went after the Democrats relentlessly.
“In spring 2016, APT28 [another Russian intelligence “actor”] compromised the same political party, again via targeted spearphishing,” the report states. “This time, the spearphishing email tricked recipients into changing their passwords through a fake webmail domain hosted on APT28 operational infrastructure. Using the harvested credentials, APT28 was able to gain access and steal content, likely leading to the exfiltration of information from multiple senior party members.”
By luck or design, Russian intelligence had obtained a vast trove of inside information from the Democratic Party in the middle of a presidential campaign.
In January 2017, just days before Trump took office, a remarkable report from the CIA, FBI, and NSA was made public, plunging the U.S. intelligence community into American politics in an unprecedented way. Its aftershocks continue to reverberate a year later.
The report states that “we assess Russian President Vladimir Putin ordered an influence campaign in 2016 aimed at the US presidential election.” It continues: “Russia’s goals were to undermine public faith in the US democratic process, denigrate Secretary Clinton, and harm her electability and potential presidency. We further assess Putin and the Russian Government developed a clear preference for President-elect Trump. We have high confidence in these judgments. We also assess Putin and the Russian Government aspired to help President-elect Trump’s election chances when possible by discrediting Secretary Clinton and publicly contrasting her unfavorably to him.”
The report also notes that “further information has come to light since Election Day that, when combined with Russian behavior since early November 2016, increases our confidence in our assessments of Russian motivations and goals.”
Trump has sought to discredit the report, and by extension, the entire intelligence community, ever since. His cronies have chimed in, dismissing it as the work of the so-called deep state.
Yet interestingly, CIA Director Mike Pompeo – a Trump loyalist who has been criticized for transparently currying favor with Trump in hopes of being named secretary of state – still stands by the January intelligence assessment. In November, after Trump once again publicly trashed the intelligence community’s conclusions, the CIA issued a statement that “[t]he Director stands by and has always stood by the January 2017 Intelligence Community Assessment.” According to the CIA, “the intelligence assessment with regard to Russian election meddling has not changed.” Pompeo’s willingness to stand by the assessment is clearly not in his own political interest and thus, lends credibility to the assessment.
Earlier this week, meanwhile, top intelligence officials, including Pompeo and Director of National Intelligence Dan Coats, underlined their ongoing concerns about Russian election meddling, warning that Moscow once again seems to be seeking to intervene, this time in the 2018 midterm elections. In a congressional hearing, Coats suggested that the Russians believe they were successful in 2016 and want to build on their success in 2018. Coats said that “the 2018 midterm elections are a potential target for Russian influence operations,” and that “at a minimum, we expect Russia to continue using propaganda, social media, false flag personas, sympathetic spokespeople, and other means of influence to try to exacerbate social and political fissures in the United States.”
Further documentary evidence of Russian intervention in the 2016 election came from an important story published by The Intercept last June.
The story was notable because it was based on a classified U.S. intelligence document about Russian election hacking obtained through an unauthorized leak. All the other U.S. intelligence assessments and reports that have so far been made public about the issue have come through officially authorized channels. Thus, the NSA report leaked to The Intercept has the enhanced credibility that comes from being disclosed against the will of the U.S. intelligence community.
The classified report is significant because it reveals that Russian interference in the election extended beyond the direct attack on the Democratic Party and included attempts to gain access to the basic infrastructure involved in actually counting American votes. It details how the GRU conducted a cyberattack on a U.S. voting software supplier and engaged in spear-phishing to try to hack local election officials before the 2016 vote.
The classified May 2017 NSA report, provided anonymously to The Intercept, shows that Russian hackers sought to pose as an e-voting vendor and trick local government officials into opening Microsoft Word documents loaded with malware that would let the hackers remotely control the government computers. To fool the local officials, the Russians first sought to gain access to the vendor’s internal systems, which they hoped would provide a convincing disguise.
“Russian General Staff Main Intelligence Directorate actors [redacted] executed cyber espionage operations against a named U.S. company in August, 2016, evidently to obtain information on elections-related software and hardware solutions, according to information that became available in April, 2017,” the report states. “The actors likely used data obtained from that operation to create a new email account and launch a voter registration-themed spear-phishing campaign targeting U.S. local government organizations.”
The compromise of the vendor would provide cover for the direct attack on the local officials. “It was likely that the threat actor was targeting officials involved in the management of voter registration systems,” the report adds. “It is unknown whether the aforementioned spear-phishing deployment successfully compromised the intended victims, and what potential data could have been accesses by the cyber actor.”
The growing evidence that Russia was behind the attack on the Democratic Party now includes the confession of a Russian hacker in a Moscow court. The story of Konstantin Kozlovsky appears to be one of the most significant of the entire Trump-Russia saga. It is one of several intriguing tales now emerging that suggests that the secrecy surrounding the Russian hacking is beginning to unravel.
In December 2017, The Bell, an independent Russian news site, reported on Kozlovsky’s stunning testimony in Moscow City Court. Kozlovsky — a young Russian hacker who had been arrested, along with other members of the Lurk hacking group, in connection with the cybertheft of more than $50 million from Russian bank accounts — testified that he had conducted the Democratic Party hack on behalf of Russian intelligence. In an August 15 court hearing in Moscow, Kozlovsky said he “performed various tasks under the supervision of FSB officers,” including hacking “of the National Committee of the Democratic Party of the USA and electronic correspondence of Hillary Clinton,” and hacking “very serious military enterprises of the United States and other organizations,” according to the Bell.
The news site reported that Kozlovsky said he had conducted the hack at the direction of Dmitry Dokuchaev, a major in the FSB’s Information Security Center, the intelligence agency’s cyber arm.
When Kozlovsky made this statement in court, he was already facing serious criminal charges for hacking. He may have thought that claiming involvement in the DNC hack would help him with his ongoing criminal case, or he may have thought that he had nothing left to lose and so should tell all. He remains in pretrial detention in Moscow.
Dokuchaev, meanwhile, is a fascinating character, and his involvement in Kozlovsky’s story plunges it into the wilderness of mirrors of present-day espionage battles between the U.S. and Russia.
In December 2016, Dokuchaev was arrested in Moscow and charged with spying for the United States. He and three others have reportedly been accused of providing information to U.S. intelligence on the Russian hack of the Democratic Party. Along with Dokuchaev, FSB Col. Sergey Mikhailov, Ruslan Stoyanov of Kaspersky Labs, and Georgy Fomchenkov, a Russian businessman, have been charged with treason in the case.
Dokuchaev is now being detained in Russia, but since Kozlovsky’s confession was made public, Dokuchaev, through his lawyer, has told the Russian press that he doesn’t know the hacker and was not involved with the theft of documents from the Democratic Party.
In March 2017, just months after Dokuchaev was arrested in Moscow for spying for the United States, the U.S. Justice Department announced that he had been indicted by a federal grand jury on charges of hacking Yahoo’s network and webmail accounts. Dokuchaev, identified by the Justice Department as a 33-year-old FSB officer, was one of four men indicted in the case. “The defendants used unauthorized access to Yahoo’s systems to steal information from about at least 500 million Yahoo accounts and then used some of that stolen information to obtain unauthorized access to the contents of accounts at Yahoo, Google and other webmail providers, including accounts of Russian journalists, U.S. and Russian government officials, and private-sector employees of financial, transportation and other companies,” according to the Justice Department.
At the press conference announcing the indictments, officials displayed a large FBI wanted poster for Dokuchaev.
This chain of events leaves plenty of questions unanswered, but I wouldn’t be surprised if Dokuchaev’s December 2016 arrest for treason in Moscow and his March 2017 indictment in the United States were somehow related.
While the Washington press corps has been obsessing over Donald Trump’s tweets and a ginned-up memo from House Republicans seeking to discredit the Trump-Russia investigation, another major break in the story has just begun to unfold in the Netherlands. In late January, a Dutch newspaper, de Volkskrant, along with Nieuwsuur, a Dutch current affairs television program, reported that Dutch intelligence service AIVD has turned over to the FBI conclusive inside information about the Russian hack of the Democratic Party.
The two news organizations reported that in 2014, Dutch hackers working for the AIVD gained secret access to the Russian hacker group known as Cozy Bear – also known as Advanced Persistent Threat 29 – a Russian intelligence unit behind the hack of the DNC.
Dutch intelligence first told their American counterparts about their successful penetration of Cozy Bear in 2014, tipping off Washington that the Russian hackers were trying to break into the State Department’s computer system. That warning led the NSA to scramble to counter the Russian threat.
In 2015, the Dutch were also able to watch, undetected by the Russians, as the Cozy Bear hackers launched their first attack on the Democratic Party, according to the two news organizations. In addition to gaining access to the Cozy Bear computers, the Dutch were able to hack into a security camera that recorded who was working in Cozy Bear’s office in a university building in Moscow near Red Square. The Dutch discovered that there were about 10 people working there, and they were eventually able to match the faces to those of Russian intelligence officers who work for the SVR.
The information flowing from the Dutch was considered so vital by the Americans that the NSA opened a direct line with Dutch intelligence to get the data as fast as possible, according to the Dutch news organizations. To show their appreciation, the Americans sent cake and flowers to AIVD headquarters in the Dutch city of Zoetermeer.
If the Dutch story is accurate, it would help explain why the U.S. intelligence community is so confident in its assessment that Russian intelligence was behind the attack on the Democratic Party.
The Dutch news organizations say that the AIVD is no longer inside the Cozy Bear network, and that Dutch intelligence has become increasingly suspicious of working with the Americans.
Since Trump’s election, who can blame them?
Update: Feb. 16, 2018
This article has been updated with news of the special counsel’s indictment of 13 Russians and three Russian organizations.