A new and puzzling kind of security leak

Espionage is as old as biblical history. The Book of Numbers describes Moses sending twelve spies into the land of Canaan to gather intelligence on its resources and occupants, with only Joshua and Caleb reporting an accurate account of how the land could be taken by God’s people. Joshua in turn relates how two Israelite spies slipped into Jericho to covertly map the city’s vulnerabilities, while Hebrews praises Rahab the harlot for her faithfulness in protecting those spies and then helping arrange their surreptitious escape—in what may have been the first exfiltration operation in recorded history.

Though ancient in roots, effective espionage and the ability to protect national security secrets are also vital for a modern nation-state. This is why the recent leak of a trove of highly classified American national security documents is so worrisome. It is one of the most damaging intelligence leaks in American history. It is also one of the most peculiar.

The release of this information is damaging for many reasons. The documents reportedly reveal sensitive “sources and methods.” (I say “reportedly” because I have not read the documents themselves and only know what has been reported in various news stories.) Sources and methods are the crown jewels of tradecraft by which the United States gathers intelligence around the world.

Such disclosures potentially put any human sources spying for the United States at risk, and enable our adversaries such as China and Russia to adapt their technologies accordingly by blocking possible American surveillance. The leaks are provoking vexation and distrust among America’s most important allies and partners, who now question whether our government can be trusted to keep the secrets they share with us. And the information reportedly contained in the disclosures, particularly about the vulnerabilities of Ukrainian forces, provides Russia with valuable intelligence for its war effort.

It is peculiar because of how it happened. A tranche of documents seems to have first appeared back in January in the obscure precincts of an internet chat room. They sat there relatively unnoticed until March when they began to circulate in cyberspace, with some newer documents added to the collection. Then last week they became public when reporters published a series of news stories in national media. Most of the initial headlines about the documents highlight those pertaining to the Ukraine War, but other documents in the stash reportedly pertain to China, the Middle East, and Africa. Even more peculiar, some of the documents have reportedly been doctored, with classification levels altered or even figures changed such as the number of Ukrainian casualties in the war.

As far as I can tell, this is the first time that a large amount of classified U.S. information has been disclosed in this way. To oversimplify, there are generally four ways in which U.S. national security documents end up in unauthorized hands. First, a person with access to the documents leaks them deliberately to a journalist, and the journalist then publishes a story based on the documents. Second, a large tranche of documents gets leaked by someone to a platform intending them for broad distribution. This is what Bradley (now Chelsea) Manning did with Wikileaks in 2010, and what Edward Snowden did with his public disclosures in 2013.

Third, an American official with access to the documents shares them secretly with a foreign intelligence service, usually in exchange for money. This is what infamous traitors such as John Walker and Aldrich Ames did during the Cold War. Fourth, a foreign intelligence service hacks or otherwise accesses a U.S. government system and directly purloins the documents. In these latter two cases, it is often a considerable time before the loss of the documents becomes known—usually only if the spy is caught, or the hacking operation is discovered.

The current leaks are puzzling in part because their provenance remains unknown. They could reflect the second, third, or fourth scenarios above—or even some strange combination thereof. Purely to speculate, the leaks could come from a disgruntled American official who wants to undermine U.S. policies. Or they could stem from a U.S. official acting on behalf of a hostile nation, who uploaded the documents to the chat room in a clumsy effort to transmit them to the foreign intelligence service. Or they could stem from a sophisticated hacking operation by either a domestic actor or a foreign adversary. Or they could originate somewhere else altogether.

In that unknown lies perhaps the biggest worry: Until those behind the leak are identified and stopped, they could do it again.