The relationship between a young American adviser and an academic with shadowy ties to Moscow reveals a secret channel between Trump’s campaign and Russia.
They met in Moscow.
Joseph Mifsud saw her for the first time at the Bolshoi Theater. He struck up a conversation, offered to take her picture, and asked her out to dinner. Mifsud, an obscure, middle-aged academic originally from Malta, soon began dating the young Ukrainian woman. He liked to impress her by talking about his ties to important Russian officials. He told her he was friends with Sergey Lavrov, Russia’s foreign minister.
Soon he was traveling to Ukraine to visit her. He met her family and eventually asked her to marry him. They got engaged; she got pregnant.
And then, last fall, he vanished.
Anna, Joseph Mifsud’s fiancée, whose story — without her last name — was recently told in a well-crafted BuzzFeed News piece, stands at the center of one of the biggest mysteries in Special Counsel Robert Mueller’s investigation into possible collusion between Russia and Donald Trump: Where is Joseph Mifsud?
On October 30, 2017, Mueller unveiled the first charges in his Trump-Russia probe. That day, his office announced indictments against former Trump campaign manager Paul Manafort and his business associate Rick Gates, as well as a guilty plea from George Papadopoulos, a former foreign policy adviser to the Trump campaign. Papadopoulos had pleaded guilty to making false statements to the FBI in a deal approved secretly three weeks earlier, so it was clear that Papadopoulos was already cooperating with Mueller’s inquiry. The ambitious, young Greek-American Trump adviser was presumably telling Mueller everything he knew about connections between the Trump campaign and Russia.
The court documents also show that Papadopoulos had good reason to believe the professor; he knew that Mifsud had close ties to senior Russian officials.
When Papadopoulos first talked to FBI agents, he tried to downplay Mifsud’s significance. He “told the investigating agents that the professor was ‘a nothing’ and ‘just a guy talk[ing] up connections or something.’ In truth and in fact, however, defendant PAPADOPOULOS understood that the professor had substantial connections to Russian government officials (and had met with some of those officials in Moscow immediately prior to telling defendant PAPADOPOULOS about the ‘thousands of emails’) and, over a period of months, defendant PAPADOPOULOS repeatedly sought to use the professor’s Russian connections in an effort to arrange a meeting between the [Trump] Campaign and Russian government officials.”
The Papadopoulos-Mifsud connection is now Exhibit A in the argument that Trump or those close to him colluded with Moscow to gain the White House.
When Papadopoulos’s guilty plea was made public, the press quickly identified the professor as Joseph Mifsud.
The Papadopoulos-Mifsud connection is highly suggestive of a direct link between the Trump presidential campaign and the Russian government. The relationship between the young campaign adviser and the academic with shadowy ties to Moscow reveals the existence of a secret channel through which the Russian government was able to communicate with the Trump campaign as it stole Democratic emails and weaponized them to help Trump win the presidency. The Papadopoulos-Mifsud connection is now Exhibit A in the argument that Trump or those close to him colluded with Moscow to gain the White House.When I began this series of columns about Trump and Russia for The Intercept, I believed that evidence of collusion between the Trump campaign and Moscow was thin. Collusion, I thought, was the weak link in the middle of the larger Trump-Russia narrative.
At that time, I believed there was much stronger evidence that the Russians had intervened in the 2016 election to help Trump win through a cyberoffensive targeting the American political system. I also thought there was powerful evidence that Trump and his aides had engaged in efforts to obstruct justice and impede Mueller’s investigation. Further, I suspected that congressional Republicans were engaged in a similar conspiracy to obstruct justice in Mueller’s inquiry. I was much less convinced that there was compelling evidence to show that Trump or those around him had actually conspired with the Russians to win the presidency. Like many others, I was willing to believe that Trump and his aides were too haplessly disorganized and incompetent to have coordinated with the Russians.
But as I’ve dug deeper into the evidence made public so far, I have become convinced that the case for collusion is much stronger than I thought. There are still plenty of unanswered questions, but that case is getting more persuasive as new facts come to light. (On Monday, the FBI raided the office and hotel room of one of Trump’s lawyers, although it’s unclear whether that will yield evidence of collusion.)
In addition to the channel between Papadopoulos and Mifsud, a series of other links also point toward ties between the Trump campaign and Russia. Some of these connections have been known for a long time, while details of others are still emerging.
One prominent example, of course, is the case of the inflammable Roger Stone, a longtime Trump political adviser and Manafort’s onetime lobbying partner. Stone, best known as a loud, pro-Trump cable news pundit and a political dirty trickster dating back to the Nixon era, has acknowledged that in 2016, he was in contact with Guccifer 2.0, the hacker who claimed to have turned over stolen Democratic National Committee emails to WikiLeaks during the presidential campaign. WikiLeaks then published the emails, sometimes releasing them at critical moments when they seemed designed to inflict maximum damage on Clinton’s campaign.
Guccifer 2.0 is now widely believed to be a front name used by Russian intelligence. The Daily Beast recently reported that Guccifer 2.0 has been identified by U.S. investigators as an officer in the GRU, Russia’s military intelligence arm.
Last year, Stone told CNN that his brief communications with Guccifer 2.0 were harmless, and that he had only messaged him in August 2016, after Guccifer’s role was publicly known. Stone has denied any involvement in collusion with Russia. In his testimony before the House Intelligence Committee in September, Stone said that “those who believe that there was collusion between the Trump camp and the Russian state, now say Stone ‘MUST HAVE’ been involved, but that is not based on one shred of evidence.”
In February, The Atlantic reported on private Twitter messages between Stone and WikiLeaks in October 2016. The magazine added that WikiLeaks “sought to keep its channel to Stone open after Trump won the election.”told The Guardian that FBI agents asked about his relationship with Stone and whether he had ever visited the Ecuadorian embassy in London, where Assange, founder of WikiLeaks, has sought political asylum. The notion of a meeting between Stone and Assange was bolstered by Sam Nunberg, the former Trump adviser who caused a brief, comic furor last month when he camped out on cable news ranting about his unwillingness to cooperate with Mueller. Nunberg, who is now working with the special counsel, apparently gave Mueller a copy of an email from Stone dated August 4, 2016, in which Stone said: “I dined with Julian Assange last night,” the Wall Street Journal reported.
Stone has said the email was “a joke,” but the same day he sent that email, he had appeared on the radio show InfoWars claiming that he had dined with Assange and predicting “devastating” disclosures about Clinton, according to CNN.
The president’s son Donald Trump Jr. was also in contact with WikiLeaks during the 2016 campaign and afterward, also through private messages on Twitter. Last November, The Atlantic reported on the details of those messages, showing that WikiLeaks first contacted Trump Jr. in September 2016, and the president’s son had readily responded. In October 2016, according to The Atlantic, WikiLeaks sent Trump Jr. a message: “Hey Donald, great to see you and your dad talking about our publications. Strongly suggest your dad tweets this link if he mentions us. There’s many great stories the press are missing and we’re sure some of your follows will find it. Btw we just released Podesta Emails Part 4.”
Two days later, Trump Jr. tweeted the link.Ahandful of communications might be easily explained away. The problem for Trump is that evidence of suspicious contacts with the Russians or possible intermediaries keeps mounting, and the details of those contacts make it increasingly difficult to dismiss them all as merely coincidental.
Among the contacts that are now known to have occurred are many that raise questions about their purpose, questions that Trump and his aides and allies have failed to adequately answer.
In April 2016, for example, Trump gave a foreign policy speech at the Mayflower Hotel in Washington. At the same event, then-Sen. Jeff Sessions, a Trump supporter, met with the Russian ambassador to the United States, Sergey Kislyak. Kislyak told Moscow that he had talked about campaign-related issues with Sessions, the Washington Post later reported. Sessions met with Kislyak again in September 2016 at his Senate office.
During his confirmation hearings to be attorney general in January 2017, Sessions did not disclose his contacts with Kislyak; he later said the meetings were not about the Trump campaign. Sessions’s statements during his confirmation hearings raised questions about whether he had been truthful to the Senate. They also played a role in his decision in March 2017 to recuse himself from overseeing the Trump-Russia inquiry.
Other contacts raise additional ominous questions about the depths of the Trump campaign’s connections with Russia. At the National Rifle Association’s annual convention in May 2016, for example, Donald Trump Jr. spoke to Alexander Torshin, an official at the Russian central bank with close ties to Russian President Vladimir Putin. In January, McClatchy reported that the FBI was investigating whether Torshin illegally funneled money to the NRA in order to help Trump win the presidency. Torshin was one of a group of Russian individuals hit with new Treasury Department sanctions last week, an action that appears to have been taken independently of both Mueller’s investigation and the White House.
It has become increasingly clear that Mueller is aggressively pursuing questions about whether illegal Russian cash infusions helped Trump get elected.
Torshin is a life member of the NRA, as is a woman who was previously his special assistant at the Russian central bank, Maria Butina. Butina has been described in the press as a strong advocate for gun rights in Russia and has developed close ties to Republican Party operatives in the U.S. Paul Erickson, a longtime Republican operative who has fundraised for the NRA, formed a company in South Dakota with Butina and emailed a Trump campaign aide in 2016 about the idea of setting up a meeting between Putin and Trump.
Under normal circumstances, the fact that an FBI investigation was underway to determine whether the presidency had been won with Russian cash funneled through a highly partisan organization like the NRA would be enough on its own to spur talk of impeachment. But with Trump, it is just one more piece in a much larger mosaic of potentially illegal or even treasonous activity. Since the news of the NRA-Russia link broke, it has become increasingly clear that Mueller is aggressively pursuing questions about whether illegal Russian cash infusions helped Trump get elected. Mueller’s team has begun to question Russian oligarchs as they travel in the United States, stopping one when his private plane landed in New York. Mueller’s investigators have asked the Russians if they gave cash donations directly or indirectly to Trump’s campaign or his inauguration, CNN reported this month. Mueller has subpoenaed the Trump Organization for records related to its business with foreign nationals, including several Russians, the Times reported Monday.
Perhaps the most infamous meeting between the Trump campaign and Russians took place in June 2016, at Trump Tower in New York, when Donald Trump Jr., Manafort, and Jared Kushner, Trump’s son-in-law, met with Natalia V. Veselnitskaya, a Russian lawyer.
Explanations for why the meeting occurred have continually shifted ever since the New York Times first reported on it last year. Eventually, it became clear that Veselnitskaya had gone to the meeting with a memo she believed contained damaging information about the Democratic Party and Hillary Clinton. The Times reported that Veselnitskaya had discussed the allegations contained in the memo with Russia’s prosecutor general, Yury Chaika, and that her memo was similar to a document Chaika’s office had produced.
Now there are new signs that Mueller has an important ally in his investigation of the Manafort-Gates-Kilimnik collusion evidence. Deputy Attorney General Rod Rosenstein, who oversees the Mueller probe because of Sessions’s recusal, wrote a memo last August saying that Mueller should investigate allegations that Manafort colluded with Russian government officials to interfere in the 2016 election. Rosenstein’s memo was made public earlier this month.
The Kilimnik connection has already led to jail time for one figure in the collusion case. Earlier this month, Alex van der Zwaan, a Dutch lawyer who worked at the firm Skadden, Arps, Slate, Meagher & Flom, was sentenced to 30 days in prison and a $20,000 fine for lying to the FBI about his communications with Gates and Kilimnik. Gates and van der Zwaan both communicated with Kilimnik during the 2016 election campaign, according to court documents.
The evidence of continued contact between the Trump team and the Russians after the election has also continued to build and now seems to be of real significance in Mueller’s investigation. American intelligence learned about a deeply suspicious December 2016 conversation between Kushner and Kislyak, the Russian ambassador. The two men reportedly talked about setting up a secret and secure communications channel between the Trump transition team and Moscow using Russian facilities. Maybe Kushner was just showing his naiveté. But his proposal to create a secret communications channel with Moscow using Moscow’s own secure communications systems — presumably so U.S. intelligence couldn’t eavesdrop — sounds like something a spy would suggest.
At about the same time, Gen. Michael Flynn, Trump’s first national security adviser, was also in repeated contact with Kislyak. In December 2016, before Trump took office, Flynn and Kislyak discussed sanctions imposed on Russia by the outgoing Obama administration. Flynn allegedly lied to Vice President Mike Pence about the content of that conversation and was subsequently fired. In December 2017, he pleaded guilty to lying to the FBI about his contacts with Kislyak and began cooperating with Mueller’s investigation.
The meeting included Erik Prince, the founder of Blackwater, whose sister Betsy DeVos is Trump’s education secretary. Prince, who has been close to Trump’s national security team, met with Kirill Dmitriev, a Russian fund manager with ties to Putin, along with Mohammed bin Zayed, crown prince of Abu Dhabi and the de facto ruler of the United Arab Emirates, where Prince has had extensive business dealings. George Nader, a Lebanese-American businessman who also attended the meeting, is said to be cooperating with Mueller’s team, and has reportedly revealed that the meeting was designed to create a backchannel between the new Trump administration and Moscow.While evidence of collusion continues to pile up, I keep coming back to the curious case of Joseph Mifsud. Anyone who has read John le Carré’s spy novels would immediately recognize him. The slightly sketchy intermediary between East and West is a le Carré archetype. In his 1979 novel “Smiley’s People,” there is Otto Leipzig, nicknamed “The Magician,” who blackmails a Russian intelligence officer to get vital information to the British, but ends up dead.
Le Carré could hardly have invented a better go-between than the Maltese professor.
Le Carré could hardly have invented a better go-between than the Maltese professor.
Mifsud has spent years as a nomadic academic, with postings of uncertain seriousness at institutions throughout Europe, including several that seem to have occurred at more or less the same time. He has variously been described as a teaching fellow at University of Stirling in Scotland; the “honorary director” of the London Academy of Diplomacy; an “honorary” professor at the University of East Anglia; and a visiting professor at Link Campus University in Rome. At one time, he reportedly held a position with the London Centre of International Law Practice, where George Papadopoulos also worked for a few months as director of the organization’s Center for International Energy and Natural Resources Law and Security.
Mifsud’s academic life and background would provide perfect cover for an intelligence asset. His credentials were just enough to gain him entree to the European academic circuit, yet his postings couldn’t withstand much scrutiny once his name surfaced in the Trump-Russia case. Quartz quickly discovered that the “London Centre of International Law Practice” was nothing more than “four people working in an undecorated backroom, all of whom declined to comment.”a fawning 2015 piece of pro-Putin propaganda about Russian policies in Syria.
“Whilst according to many Western and Arab analysts the United States has been dillydallying with the world order, more intent on imposing a verbal “unilateral diktat”, other centres of power (e.g. the Russian Federation in Syria, Saudi Arabia in Yemen) were taking the bull by the horns and resorting to military force as a measure of last resort,” Mifsud wrote. “One can also contend that the Russian military participation in Syria was clearly organised in such a way as to ensure that diplomacy also takes its course. … The United States administration is on the defensive, still heavily labouring under the internal repercussions of the nuclear deal with Iran, the ‘fiasco’ in Libya, the heating up of the presidential race, the dismantling of the ‘iron partnerships’ with Saudi Arabia and Israel, and the overt economic power struggle with China. On the other hand, the Russian leader has walked the talk with ‘facts on the ground’ and has ensured that the Russian presence emanating from its direct involvement in the war in Syria will have a major impact on the shared solution.”
After Papadopoulos’s guilty plea became public last October, an Italian newspaper quickly tracked Mifsud down in Rome. “This is nonsense,” Mifsud said, referring to Mueller’s accusations that he had acted as an intermediary between the Trump campaign and Moscow. “The only thing I did was to facilitate contacts between official and unofficial sources to resolve a crisis. It is usual business everywhere. I put think tanks in contact, groups of experts with other groups of experts.” He denied “any discussion of mine about secrets concerning Hillary Clinton. … Let’s be clear: the Russians didn’t ask me to meet Papadopoulos.”
Shortly after that interview, published on November 1, 2017, Mifsud disappeared. No one has acknowledged seeing him since. BuzzFeed reported last month that Italian prosecutors, who were seeking him in an unrelated case, couldn’t find him.
Mifsud’s fiancée, Anna, recently gave birth to a baby girl. She says Mifsud is the child’s father, yet she still hasn’t heard from him. Questions abound about what happened to the professor. But one thing we know is that a key intermediary between the Trump campaign and Moscow has been missing for months. Mifsud’s disappearance comes at a time when bad things are happening to those who get in Vladimir Putin’s way.
That makes me increasingly suspect that Mueller’s investigation into collusion is on the right track.
James Risen weighs the evidence for accusations of Russian election interference, collusion, and obstruction of justice.
Americans must live with the uncertainty of not knowing whether Trump has the best interests of the United States or those of Russia at heart.
I find it hard to write about Donald Trump.
It is not that he is a complicated subject. Quite the opposite. It is that everything about him is so painfully obvious. He is a low-rent racist, a shameless misogynist, and an unbalanced narcissist. He is an unrelenting liar and a two-bit white identity demagogue. Lest anyone forget these things, he goes out of his way each day to remind us of them.
At the end of the day, he is certain to be left in the dustbin of history, alongside Father Coughlin and Gen. Edwin Walker. (Exactly – you don’t remember them, either.)
What more can I add?
Unfortunately, another word also describes him: president. The fact that such an unstable egomaniac occupies the White House is the greatest threat to the national security of the United States in modern history.
Which brings me to the only question about Donald Trump that I find really interesting: Is he a traitor?
Did he gain the presidency through collusion with Russian President Vladimir Putin?
One year after Trump took office, it is still unclear whether the president of the United States is an agent of a foreign power. Just step back and think about that for a moment.
The fact that such an unstable egomaniac occupies the White House is the greatest threat to U.S. national security in modern history.
His 2016 campaign is the subject of an ongoing federal inquiry that could determine whether Trump or people around him worked with Moscow to take control of the U.S. government. Americans must now live with the uncertainty of not knowing whether the president has the best interests of the United States or those of the Russian Federation at heart.
Most pundits in Washington now recoil at any suggestion that the Trump-Russia story is really about treason. They all want to say it’s about something else – what, they aren’t quite sure. They are afraid to use serious words. They are in the business of breaking down the Trump-Russia narrative into a long series of bite-sized, incremental stories in which the gravity of the overall case often gets lost. They seem to think that treason is too much of a conversation-stopper, that it interrupts the flow of cable television and Twitter. God forbid you might upset the right wing! (And the left wing, for that matter.)
But if a presidential candidate or his lieutenants secretly work with a foreign government that is a longtime adversary of the United States to manipulate and then win a presidential election, that is almost a textbook definition of treason.
In Article 3, Section 3, the U.S. Constitution states that “treason against the United States, shall consist only in levying War against them, or in adhering to their Enemies, giving them Aid and Comfort.”
Based on that provision in the Constitution, U.S. law – 18 U.S. Code § 2381 – states that “[w]hoever, owing allegiance to the United States, levies war against them or adheres to their enemies, giving them aid and comfort within the United States or elsewhere” is guilty of treason. Those found guilty of this high crime “shall suffer death, or shall be imprisoned not less than five years and fined under this title but not less than $10,000; and shall be incapable of holding any office under the United States.”
Now look at the mandate given to former FBI Director Robert Mueller when he was appointed special counsel by Deputy Attorney General Rod Rosenstein, who was acting in place of Attorney General Jeff Sessions, who had recused himself because of his role in the Trump campaign and the controversy surrounding his own meetings with the Russian ambassador to the United States.
On May 17, 2017, Rosenstein issued a letter stating that he was appointing a special counsel to “ensure a full and thorough investigation of the Russian government’s efforts to interfere in the 2016 presidential election.” He added that Mueller’s mandate was to investigate “any links and/or coordination between the Russian government and individuals associated with the campaign of President Donald Trump; and any matters that arose or may arise directly from the investigation.” Rosenstein noted that “[i]f the Special Counsel believes it is necessary and appropriate, the Special Counsel is authorized to prosecute federal crimes arising from the investigation of these matters.”
How closely aligned is Mueller’s mandate with the legal definition of treason? That boils down to the rhetorical differences between giving “aid and comfort, in the United States or elsewhere” to “enemies” of the United States and “any links and/or coordination” between the Russian government and Trump campaign aides related to “the Russian government’s efforts to interfere in the 2016 presidential election.”
Sounds similar to me.
As a practical matter, the special counsel is highly unlikely to pursue treason charges against Trump or his associates. Treason is vaguely defined in the law and very difficult to prove. To the extent that it is defined – as providing aid and comfort to an “enemy” of the United States – the question might come down to whether Russia is legally considered America’s “enemy.”
Russia may not meet the legal definition of an “enemy,” but it is certainly an adversary of the United States. It would make perfect sense for Russian President and de facto dictator Vladimir Putin to use his security services to conduct a covert operation to influence American politics to Moscow’s advantage. Such a program would fall well within the acceptable norms of great power behavior. After all, it is the kind of covert intelligence program the United States has conducted regularly against other nations – including Russia.
Throughout the Cold War, the CIA and the KGB were constantly engaged in such secret intelligence battles. The KGB had a nickname for the CIA: glavnyy vrag or “the main enemy.” In 2003, I co-authored a book called “The Main Enemy” with Milt Bearden, a retired CIA officer who had been chief of the CIA’s Soviet/Eastern European division when the Berlin Wall fell and the Soviet Union collapsed. The book was about the intelligence wars between the CIA and the KGB.
Today’s cyber-spy wars are just the latest version of “The Great Game,” the wonderfully romantic name for the secret intelligence battles between the Russian and British empires for control of Central Asia in the 19th century. Russia, the United States, and other nations engage in such covert intelligence games all the time – whether they are “enemies” or simply rivals.
In fact, evidence of the connections between Trump’s bid for the White House and Russian ambitions to manipulate the 2016 U.S. election keeps piling up. Throughout late 2016 and early 2017, a series of reports from the U.S. intelligence community and other government agencies underlined and reinforced nearly every element of the Russian hacking narrative, including the Russian preference for Trump. The reports were notable in part because their findings exposed the agencies to criticism from Trump and his supporters and put them at odds with Trump’s public dismissals of reported Russian attempts to help him get elected, which he has called “fake news.”
In addition, a series of details has emerged through unofficial channels that seems to corroborate these authorized assessments. A classified NSA document obtained by The Intercept last year states that Russia’s military intelligence agency, the GRU, played a role in the Russian hack of the 2016 American election. In August, a Russian hacker confessed to hacking the Democratic National Committee under the supervision of an officer in Russia’s Federal Security Service, or FSB, who has separately been accused of spying for the U.S. And Dutch intelligence service AIVD has reportedly given the FBI significant inside information about the Russian hack of the Democratic Party.
On February 16, just hours after this column was published, the special counsel announced indictments of 13 Russians and three Russian entities for meddling in the U.S. election. The special counsel accused them of intervening to help Trump and damage the campaign of Hillary Clinton. The indictments mark the first time Mueller has brought charges against any Russians in his ongoing probe.
Given all this, it seems increasingly likely that the Russians have pulled off the most consequential covert action operation since Germany put Lenin on a train back to Petrograd in 1917.
There are four important tracks to follow in the Trump-Russia story. First, we must determine whether there is credible evidence for the underlying premise that Russia intervened in the 2016 election to help Trump win. Second, we must figure out whether Trump or people around him worked with the Russians to try to win the election. Next, we must scrutinize the evidence to understand whether Trump and his associates have sought to obstruct justice by impeding a federal investigation into whether Trump and Russia colluded. A fourth track concerns whether Republican leaders are now engaged in a criminal conspiracy to obstruct justice through their intense and ongoing efforts to discredit Mueller’s probe.
This, my first column for The Intercept, will focus on the first track of the Trump-Russia narrative. I will devote separate columns to each of the other tracks in turn.
The evidence that Russia intervened in the election to help Trump win is already compelling, and it grows stronger by the day.
There can be little doubt now that Russian intelligence officials were behind an effort to hack the DNC’s computers and steal emails and other information from aides to Hillary Clinton as a means of damaging her presidential campaign. Once they stole the correspondence, Russian intelligence officials used cutouts and fronts to launder the emails and get them into the bloodstream of the U.S. press. Russian intelligence also used fake social media accounts and other tools to create a global echo chamber both for stories about the emails and for anti-Clinton lies dressed up to look like news.
To their disgrace, editors and reporters at American news organizations greatly enhanced the Russian echo chamber, eagerly writing stories about Clinton and the Democratic Party based on the emails, while showing almost no interest during the presidential campaign in exactly how those emails came to be disclosed and distributed. The Intercept itself has faced such accusations. The hack was a much more important story than the content of the emails themselves, but that story was largely ignored because it was so easy for journalists to write about Clinton campaign chair John Podesta.
The attack on the Clinton campaign and the Democratic Party looks like the contemporary cyber-descendant of countless analog KGB propaganda efforts.
To anyone who has studied the history of the KGB, particularly during the Cold War, the attack on the Clinton campaign and the Democratic Party during the 2016 U.S. election looks like the contemporary cyber-descendant of countless analog KGB propaganda efforts. Back in the 1970s and 1980s, the KGB frequently engaged in ambitious disinformation campaigns that were designed to sow suspicion of the United States in the developing world. The KGB’s so-called “active measures” programs would use international front organizations, cutouts, and sometimes unwitting enablers in the press to disseminate their anti-American propaganda.
The most infamous and dangerously effective KGB disinformation campaign of the Cold War was known as Operation Infektion. It was a secret effort to convince people in developing countries that the United States had created the HIV/AIDS virus.
In 1983, a newspaper in India printed what purported to be a letter from an American scientist saying the virus had been developed by the Pentagon. The letter went on to suggest that the U.S. was moving its experiments to Pakistan, India’s archenemy. Meanwhile, the KGB got an East German scientist to spread misinformation supporting the Moscow-backed conspiracy theory that the U.S. was behind the virus.
While these lies never penetrated the U.S. mainstream, they nonetheless spread insidiously through much of the world.
Vladimir Putin was a KGB officer during the 1980s when the KGB was conducting this disinformation campaign. He was stationed in East Germany in the late 1980s, and there is a good chance he knew about the East German component of Operation Infektion.
After the fall of the Soviet Union in 1991, the KGB was broken up and its successor agencies renamed. But the KGB never really went away. Instead, it underwent an extensive rebranding that did little to change its culture and traditions.
The KGB’s First Chief Directorate, its foreign intelligence service, was renamed the SVR. Like its predecessor agency, it was still housed in the First Chief Directorate’s headquarters in the Yasenevo District of Moscow, which was known as the “Russian Langley” for its similarities to CIA headquarters. In the late 1990s and early 2000s, I met many former KGB officials in Moscow, including Leonid Shebarshin, the last leader of the First Chief Directorate, who was running the agency in 1991 when communist hardliners launched a coup against Soviet President Mikhail Gorbachev. By the time I met Shebarshin, he was retired and running an “economic intelligence” firm out of an office in Moscow’s old Dynamo Stadium, the home of the KGB’s soccer team. A mural on his office wall depicted scenes from the Battle of Stalingrad and the Bolshevik Revolution, signaling his immersion in the Soviet era.
After the Soviet collapse, the KGB’s Second Chief Directorate, which handled spy-hunting and counterintelligence, along with other directorates that handled the KGB’s internal police state functions, were bundled into a new organization known as the FSB, the Federal Security Service. I conducted extensive interviews with one of the most legendary spy-hunters of the Second Chief Directorate, Rem Krassilnikov, a man whose personal history showed how entwined Russian intelligence still was with its Soviet past. His first name, Rem, was an acronym for Revolutsky Mir – the “World Revolution” Soviet leaders had longed to bring about. His father had been a general in the NKVD, the Stalinist predecessor to the KGB, and whenever I talked to him, Krassilnikov made it clear that he still considered the United States his adversary. He proudly took me on a tour of sites around Moscow where he had arrested American spies.
No one even bothered to rename the GRU, Russia’s military intelligence agency. During the Cold War, the KGB considered the GRU a lower-class cousin, much as the CIA has always looked down upon the Pentagon’s Defense Intelligence Agency. Today, the GRU has added cyber and hacking capabilities like those of the National Security Agency. The GRU was involved in the Russian hack of the 2016 American election, according to a classified NSA document obtained by The Intercept, yet it still operates in the shadows of the more influential FSB and SVR.
Russian intelligence was briefly weakened following the collapse of the Soviet Union, but under Putin – the first KGB man to run the country since Yuri Andropov died in 1984 – it has come roaring back. During his KGB career, Putin served in both the First and Second Chief Directorates. One of his key formative experiences occurred in 1989, when the Berlin Wall fell. Putin was stationed in East Germany at the time, and his biographers have written that the personal humiliation he felt watching the Soviet empire collapse helps explain his drive to return Russia to great power status.
In 1998, Russian President Boris Yeltsin named Putin director of the FSB. Since coming to power himself, Putin has deployed his country’s spies in Chechnya, Georgia, the Crimea, eastern Ukraine, and Syria in a bid to reassert Moscow’s global influence.
Why wouldn’t he be willing to deploy his spies inside the computer system of the DNC as well?
The chronology of the attack on the Democratic Party is a sad testament to the overconfidence of the Clinton campaign. It also highlights the inattention of American intelligence and law enforcement and their failure to adequately warn the major political parties of looming cyberthreats to the U.S. electoral system.
In September 2015, the FBI made a halfhearted effort to tell the DNC that its computer system had been invaded. In November 2015, the FBI told the DNC that its computers were sending data to Russia, but even that didn’t seem to prompt much concern on the Democrats’ part. In March 2016, Podesta’s email account was hacked in a phishing attack, giving thieves access to thousands of his emails.
In May 2016, CrowdStrike, a cybercompany hired by the DNC after the party finally recognized it had a problem, told DNC officials that its computers had been compromised in two separate attacks with two sets of malware associated with Russian intelligence.
While the DNC used CrowdStrike, a private contractor, to conduct an investigation, it did not give the FBI access to its computer systems. That fact has since been seized upon by skeptics who say that CrowdStrike’s analysis can’t be considered credible. But according to a November BuzzFeed story, CrowdStrike’s lead investigator, Robert Johnston, was a former Marine captain who had previously worked at the U.S. Cyber Command, where he had investigated an attempted hack of the Joint Chiefs of Staff that he identified as likely associated with the FSB. He had recent experience in identifying the signatures of hacking linked to Russian intelligence.
In June 2016, WikiLeaks founder Julian Assange said WikiLeaks had obtained emails associated with Clinton. Just days later, the Washington Post reported that Russian intelligence had hacked the DNC’s computers.
In July 2016, just before the Democratic National Convention, Wikileaks released thousands of DNC emails, and the party’s chairwoman, Debbie Wasserman Schultz, was forced to resign.
In September 2016, Sen. Dianne Feinstein, the ranking Democrat on the Senate Intelligence Committee, and Rep. Adam Schiff, the ranking Democrat on the House Intelligence panel, issued a statement that they had received classified briefings that made it clear that Russian intelligence was trying to intervene in the election.
The pattern and timing of the disclosures strongly suggests that the objective was to damage Clinton’s campaign and help Trump.
“We believe that orders for the Russian intelligence agencies to conduct such actions could come only from very senior levels of the Russian government,” their statement noted.
The key moment in the 2016 campaign came on October 7, when three events unfolded one after another. That afternoon, the Department of Homeland Security and the Director of the Office of National Intelligence issued a statement that U.S. intelligence believed Russia was behind the Democratic Party hacks and email releases.
“The U.S. Intelligence Community (USIC) is confident that the Russian Government directed the recent compromises of emails from US persons and institutions, including from US political organizations,” the statement read. “The recent disclosures of alleged hacked e-mails on sites like DCLeaks.com and WikiLeaks and by the Guccifer 2.0 online persona are consistent with the methods and motivations of Russian-directed efforts. These thefts and disclosures are intended to interfere with the U.S. election process.”
That statement was immediately overshadowed later that afternoon when the Washington Post published the infamous “Access Hollywood” tape, in which Trump is heard talking about how easy it is for him to get away with sexual assault, including groping and forcibly kissing women.
Later that afternoon, WikiLeaks started tweeting links to emails hacked from Podesta’s account. WikiLeaks then began releasing Podesta emails on a regular basis throughout the last month of the campaign. Meanwhile, a group called DC Leaks, which is now believed to be a front for the Russian hackers who sought to intervene in the election, released more Democratic Party-related documents.
Within days, Trump was telling his supporters at rallies: “I love WikiLeaks.”
The scope of the impact of Russian hacking and subsequent disclosures of Democratic Party emails and data on the outcome of the 2016 election remains unclear. But the disclosures certainly helped take at least some of the media’s attention off Trump, and probably should be credited with giving him time to recover from the disastrous “Access Hollywood” tape. The pattern and timing of the disclosures also strongly suggests that the objective was to damage Hillary Clinton’s campaign and help Donald Trump.
In December 2016, a month after the election, the FBI and the National Cybersecurity and Communications Integration Center issued a joint report detailing the cybertools used by Russian intelligence to attack the Democratic Party.
The report is still illuminating today because it suggests that the original DNC hack in 2015 was part of a much broader Russian cyberassault on a wide array of American institutions, including government agencies. Originally, it seems, the Russians were not specifically targeting the Democrats, but were simply casting a wide net in Washington to see who might take the bait.
The agencies’ report determined that in the summer of 2015, “an APT29 [Advanced Persistent Threat 29, one of two Russian intelligence “actors” identified in the report, also known as Cozy Bear] spearphishing campaign directed emails containing a malicious link to over 1,000 recipients, including multiple U.S. Government victims. APT29 used legitimate domains, to include domains associated with U.S. organizations and educational institutions, to host malware and send spearphishing emails. In the course of that campaign, APT29 successfully compromised a U.S. political party.”
The report adds that the Russians quickly followed up when they gained access to the Democrats. “APT29 delivered malware to the political party’s systems, established persistence, escalated privileges, enumerated active directory accounts, and exfiltrated email from several accounts through encrypted connections back through operational infrastructure.”
While intervening in the 2016 election may not have been the initial purpose of the cyberattack, once the Russians opportunistically struck gold by breaking into the DNC, they went after the Democrats relentlessly.
“In spring 2016, APT28 [another Russian intelligence “actor”] compromised the same political party, again via targeted spearphishing,” the report states. “This time, the spearphishing email tricked recipients into changing their passwords through a fake webmail domain hosted on APT28 operational infrastructure. Using the harvested credentials, APT28 was able to gain access and steal content, likely leading to the exfiltration of information from multiple senior party members.”
By luck or design, Russian intelligence had obtained a vast trove of inside information from the Democratic Party in the middle of a presidential campaign.
In January 2017, just days before Trump took office, a remarkable report from the CIA, FBI, and NSA was made public, plunging the U.S. intelligence community into American politics in an unprecedented way. Its aftershocks continue to reverberate a year later.
The report states that “we assess Russian President Vladimir Putin ordered an influence campaign in 2016 aimed at the US presidential election.” It continues: “Russia’s goals were to undermine public faith in the US democratic process, denigrate Secretary Clinton, and harm her electability and potential presidency. We further assess Putin and the Russian Government developed a clear preference for President-elect Trump. We have high confidence in these judgments. We also assess Putin and the Russian Government aspired to help President-elect Trump’s election chances when possible by discrediting Secretary Clinton and publicly contrasting her unfavorably to him.”
The report also notes that “further information has come to light since Election Day that, when combined with Russian behavior since early November 2016, increases our confidence in our assessments of Russian motivations and goals.”
Trump has sought to discredit the report, and by extension, the entire intelligence community, ever since. His cronies have chimed in, dismissing it as the work of the so-called deep state.
Yet interestingly, CIA Director Mike Pompeo – a Trump loyalist who has been criticized for transparently currying favor with Trump in hopes of being named secretary of state – still stands by the January intelligence assessment. In November, after Trump once again publicly trashed the intelligence community’s conclusions, the CIA issued a statement that “[t]he Director stands by and has always stood by the January 2017 Intelligence Community Assessment.” According to the CIA, “the intelligence assessment with regard to Russian election meddling has not changed.” Pompeo’s willingness to stand by the assessment is clearly not in his own political interest and thus, lends credibility to the assessment.
Earlier this week, meanwhile, top intelligence officials, including Pompeo and Director of National Intelligence Dan Coats, underlined their ongoing concerns about Russian election meddling, warning that Moscow once again seems to be seeking to intervene, this time in the 2018 midterm elections. In a congressional hearing, Coats suggested that the Russians believe they were successful in 2016 and want to build on their success in 2018. Coats said that “the 2018 midterm elections are a potential target for Russian influence operations,” and that “at a minimum, we expect Russia to continue using propaganda, social media, false flag personas, sympathetic spokespeople, and other means of influence to try to exacerbate social and political fissures in the United States.”
Further documentary evidence of Russian intervention in the 2016 election came from an important story published by The Intercept last June.
The story was notable because it was based on a classified U.S. intelligence document about Russian election hacking obtained through an unauthorized leak. All the other U.S. intelligence assessments and reports that have so far been made public about the issue have come through officially authorized channels. Thus, the NSA report leaked to The Intercept has the enhanced credibility that comes from being disclosed against the will of the U.S. intelligence community.
The classified report is significant because it reveals that Russian interference in the election extended beyond the direct attack on the Democratic Party and included attempts to gain access to the basic infrastructure involved in actually counting American votes. It details how the GRU conducted a cyberattack on a U.S. voting software supplier and engaged in spear-phishing to try to hack local election officials before the 2016 vote
Pompeo’s willingness to stand by the assessment is clearly not in his own political interest and thus, lends credibility to the assessment.
The classified May 2017 NSA report, provided anonymously to The Intercept, shows that Russian hackers sought to pose as an e-voting vendor and trick local government officials into opening Microsoft Word documents loaded with malware that would let the hackers remotely control the government computers. To fool the local officials, the Russians first sought to gain access to the vendor’s internal systems, which they hoped would provide a convincing disguise.
“Russian General Staff Main Intelligence Directorate actors [redacted] executed cyber espionage operations against a named U.S. company in August, 2016, evidently to obtain information on elections-related software and hardware solutions, according to information that became available in April, 2017,” the report states. “The actors likely used data obtained from that operation to create a new email account and launch a voter registration-themed spear-phishing campaign targeting U.S. local government organizations.”
The compromise of the vendor would provide cover for the direct attack on the local officials. “It was likely that the threat actor was targeting officials involved in the management of voter registration systems,” the report adds. “It is unknown whether the aforementioned spear-phishing deployment successfully compromised the intended victims, and what potential data could have been accesses by the cyber actor.”
The growing evidence that Russia was behind the attack on the Democratic Party now includes the confession of a Russian hacker in a Moscow court. The story of Konstantin Kozlovsky appears to be one of the most significant of the entire Trump-Russia saga. It is one of several intriguing tales now emerging that suggests that the secrecy surrounding the Russian hacking is beginning to unravel.
In December 2017, The Bell, an independent Russian news site, reported on Kozlovsky’s stunning testimony in Moscow City Court. Kozlovsky — a young Russian hacker who had been arrested, along with other members of the Lurk hacking group, in connection with the cybertheft of more than $50 million from Russian bank accounts — testified that he had conducted the Democratic Party hack on behalf of Russian intelligence. In an August 15 court hearing in Moscow, Kozlovsky said he “performed various tasks under the supervision of FSB officers,” including hacking “of the National Committee of the Democratic Party of the USA and electronic correspondence of Hillary Clinton,” and hacking “very serious military enterprises of the United States and other organizations,” according to the Bell.
The news site reported that Kozlovsky said he had conducted the hack at the direction of Dmitry Dokuchaev, a major in the FSB’s Information Security Center, the intelligence agency’s cyber arm.
When Kozlovsky made this statement in court, he was already facing serious criminal charges for hacking. He may have thought that claiming involvement in the DNC hack would help him with his ongoing criminal case, or he may have thought that he had nothing left to lose and so should tell all. He remains in pretrial detention in Moscow.
Dokuchaev, meanwhile, is a fascinating character, and his involvement in Kozlovsky’s story plunges it into the wilderness of mirrors of present-day espionage battles between the U.S. and Russia.
In December 2016, Dokuchaev was arrested in Moscow and charged with spying for the United States. He and three others have reportedly been accused of providing information to U.S. intelligence on the Russian hack of the Democratic Party. Along with Dokuchaev, FSB Col. Sergey Mikhailov, Ruslan Stoyanov of Kaspersky Labs, and Georgy Fomchenkov, a Russian businessman, have been charged with treason in the case.
Dokuchaev is now being detained in Russia, but since Kozlovsky’s confession was made public, Dokuchaev, through his lawyer, has told the Russian press that he doesn’t know the hacker and was not involved with the theft of documents from the Democratic Party.
In March 2017, just months after Dokuchaev was arrested in Moscow for spying for the United States, the U.S. Justice Department announced that he had been indicted by a federal grand jury on charges of hacking Yahoo’s network and webmail accounts. Dokuchaev, identified by the Justice Department as a 33-year-old FSB officer, was one of four men indicted in the case. “The defendants used unauthorized access to Yahoo’s systems to steal information from about at least 500 million Yahoo accounts and then used some of that stolen information to obtain unauthorized access to the contents of accounts at Yahoo, Google and other webmail providers, including accounts of Russian journalists, U.S. and Russian government officials, and private-sector employees of financial, transportation and other companies,” according to the Justice Department.
At the press conference announcing the indictments, officials displayed a large FBI wanted poster for Dokuchaev.
This chain of events leaves plenty of questions unanswered, but I wouldn’t be surprised if Dokuchaev’s December 2016 arrest for treason in Moscow and his March 2017 indictment in the United States were somehow related.
While the Washington press corps has been obsessing over Donald Trump’s tweets and a ginned-up memo from House Republicans seeking to discredit the Trump-Russia investigation, another major break in the story has just begun to unfold in the Netherlands. In late January, a Dutch newspaper, de Volkskrant, along with Nieuwsuur, a Dutch current affairs television program, reported that Dutch intelligence service AIVD has turned over to the FBI conclusive inside information about the Russian hack of the Democratic Party.
The two news organizations reported that in 2014, Dutch hackers working for the AIVD gained secret access to the Russian hacker group known as Cozy Bear – also known as Advanced Persistent Threat 29 – a Russian intelligence unit behind the hack of the DNC.
Dutch intelligence first told their American counterparts about their successful penetration of Cozy Bear in 2014, tipping off Washington that the Russian hackers were trying to break into the State Department’s computer system. That warning led the NSA to scramble to counter the Russian threat.
In 2015, the Dutch were also able to watch, undetected by the Russians, as the Cozy Bear hackers launched their first attack on the Democratic Party, according to the two news organizations. In addition to gaining access to the Cozy Bear computers, the Dutch were able to hack into a security camera that recorded who was working in Cozy Bear’s office in a university building in Moscow near Red Square. The Dutch discovered that there were about 10 people working there, and they were eventually able to match the faces to those of Russian intelligence officers who work for the SVR.
The information flowing from the Dutch was considered so vital by the Americans that the NSA opened a direct line with Dutch intelligence to get the data as fast as possible, according to the Dutch news organizations. To show their appreciation, the Americans sent cake and flowers to AIVD headquarters in the Dutch city of Zoetermeer.
If the Dutch story is accurate, it would help explain why the U.S. intelligence community is so confident in its assessment that Russian intelligence was behind the attack on the Democratic Party.
The Dutch news organizations say that the AIVD is no longer inside the Cozy Bear network, and that Dutch intelligence has become increasingly suspicious of working with the Americans.
Since Trump’s election, who can blame them?
Update: Feb. 16, 2018
This article has been updated with news of the special counsel’s indictment of 13 Russians and three Russian organizations.
James Risen weighs the evidence for accusations of Russian election interference, collusion, and obstruction of justice.