CIA spies on ‘liaison services’ — including other US intel community members?


In the wake of the 2016 U.S. election, Wikileaks and its founder Julian Assange have become, if possible, even more controversial than they were previously. Yet their latest contribution to the political chaos swirling in Washington may set some kind of new record.

In March, Wikileaks began publishing a trove of Central Intelligence Agency documents that it dubbed “Vault 7.” This ongoing release has included documentation of CIA capabilities to hack into smart phones, computer operating systems, and even devices such as televisions, among other revelations. Yet this week’s Vault 7 release of documents on a tool called “ExpressLane” — allegedly used by the CIA to secretly siphon biometric data collected by partner agencies including the FBI, National Security Agency and Department of Homeland Security — may top anything seen so far.

“The OTS (Office of Technical Services), a branch within the CIA, has a biometric collection system that is provided to liaison services around the world — with the expectation for sharing of the biometric takes collected on the systems,” according to Wikileaks. “But this ‘voluntary sharing’ obviously does not work or is considered insufficient by the CIA, because ExpressLane is a covert information collection tool that is used by the CIA to secretly exfiltrate data collections from such systems provided to liaison services.”

Under the guise of updating the biometric data collection system they provide, CIA technicians use ExpressLane to save the collected data to a thumb drive, which technicians can then compare to known data in the shared database with the liaison agency to see if it is actually providing everything that it has.

As Wikileaks puts it, the documents “show one of the cyber operations the CIA conducts against liaison services — which includes among many others the National Security Agency (NSA), the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI).” Yet exactly which “liaison services” are targeted has become the subject of some debate. “Wikileaks suggests” targets could include the FBI, NSA and DHS, “though the documentation for the program does not name targets,” notes AJ Dellinger for International Business Times.

“It’s still unclear who exactly those intel partners are,” writes Russell Brandom for The Verge. “WikiLeaks claims the program was primarily used against US agencies like the FBI and Department of Homeland Security, although the targets are far less clear from the documents themselves.”

Indeed, one of the documents refers to “liaison services around the world,” and in other contexts, “liaison services” has referred to foreign intelligence agency partners such as those of the other four member countries in the “Five Eyes” (the U.K., Canada, Australia and New Zealand). Covertly taking biometric data from our allies arguably does not look as bad as one U.S. intelligence agency spying on another — although it still looks pretty bad.

Other Wikileaks Vault 7 releases have already included documents on CIA hacking tools that cast the agency in a fairly negative light — such as the so-called Marble Framework, which apparently could allow CIA agents to effectively obfuscate the origin of their hacking and spoof foreign languages to make it appear as though an enemy intelligence agency or foreign hacker was behind the CIA’s own cyber operations.

Even as Robert Mueller’s investigation into President Donald Trump’s campaign’s potential collusion with Russia continues in the wake of shocking revelations last month that Donald Trump Jr. seemingly leapt at the chance of meeting with someone claiming to represent a Trump-supporting Russian government, the “Russiagate” case remains controversial and far from closed.

Earlier this month the left-leaning magazine The Nation published a lengthy article on the findings of a group called Veteran Intelligence Professionals for Sanity (VIPS),  which challenged the official narrative of last year’s hack of the Democratic National Committee. According to VIPS, the data breach was not a remote hack at all, and instead, because of forensic evidence of how quickly the data was transferred, must have been carried out by an insider with access to the system — or in other words the hack was actually a leak.

This view, of course, has not gone undisputed. New York Magazine called the Nation‘s story “too incoherent to even debunk” while John Hultquist, director of intelligence analysis at cybersecurity firm FireEye told The Hill that “the theory is flawed” and “the report didn’t consider a number of scenarios and breezed right past others. It completely ignores all the evidence that contradicts its claims.” The DNC itself also chimed in to defend itself, post-publication of the Nation story.

“U.S. intelligence agencies have concluded the Russian government hacked the DNC in an attempt to interfere in the election,” the DNC wrote in response to the Nation article. “Any suggestion otherwise is false and is just another conspiracy theory like those pushed by Trump and his administration. It’s unfortunate that The Nation has decided to join the conspiracy theorists to push this narrative.”

Despite the DNC’s rhetoric, the “conspiracy theorists” of VIPS include William Binney, the NSA’s former technical director for world geopolitical and military analysis, along with numerous other retired intelligence community members with experience at the CIA, FBI, NSA, Defense Intelligence Agency and other agencies. “Unlike the cacophony of anonymous sources cited by the media over the past year, these experts are ready to put their names to their assertions,” notes Danielle Ryan of Salon.

And yet, there has been little coverage of the VIPS report. “The silence from mainstream outlets on this is interesting,” Ryan writes, “if for no other reason than the information appears in a highly-regarded liberal magazine with a reputation for vigorous and thorough reporting — not some right-wing fringe conspiracy outlet carrying water for Donald Trump.

Assange, for his part, continues to claim he will be able to prove that Russia did not provide Wikileaks with the leaked DNC emails. Perhaps this latest exposure of CIA duplicity — towards not only the spy agencies of allied nations but, if what Wikileaks suggests is true, towards other intelligence agencies of the U.S. government — is a step towards providing that proof. Certainly, if elements of the U.S. intelligence community really are systematically spying on each other through tools like ExpressLane, it would explain why internal feuds of the kind represented by VIPS’ dispute with those officials pushing the Russiagate narrative are spilling out into the open.

Wikileaks and Assange have yet to provide documents conclusively proving their claims regarding the DNC leaks, or even their more recent ones about ExpressLane being used against U.S. agencies. Yet even if the CIA only uses ExpressLane against “liaison services” in other countries, the diplomatic fallout could be quite serious. The CIA has not confirmed that the ExpressLane documents are real, but as Glenn Greenwald of the Intercept notes, Wikileaks has a “perfect, long-standing record of only publishing authentic documents.” It’s understandable that the agency doesn’t want to talk about it.



Help keep independent journalism alive.

Donate today to support


One thought on “CIA spies on ‘liaison services’ — including other US intel community members?

  1. Seth Rich was the source for the DNC emails which Wikileaks published; Assange has been silently screaming this for months, both through statements and tweets, while strenuously denying that the Russian government played any role in this regard. How Seth obtained these emails, and how he conveyed them to Wikileaks, remain to be determined. If the FBI inside source which Sy Hersh discussed in his taped conversation with Ed Butowski is accurate, Seth provided them by drop box, giving Wikileaks the password. There is a recent claim that Seth had had a raucous argument with Donna Brazile regarding DNC unfairness to Bernie; this concern may have motivated Seth’s leaking, though he may also have sought payment for his risky efforts.

    On June 12th of last year, Wikileaks announced that it would soon be releasing material pertinent to Hillary’s campaign. Whether the DNC knew at this time that Seth was the source is unclear. What is clear is that DNC officials, who had previously been informed that their server had been hacked, quickly decided to convince our intelligence agencies, the press, and the public that Russian hackers, acting at the behest of the Russian government, were the source of the damaging material to be released – in that way, focusing attention on the evil machinations of the Russians, slamming Wikileaks, and detracting attention from the content of the released material.

    On June 14th, the DNC, in conjunction with the Crowdstrike cybersecurity firm that they had hired, announced that its servers had been hacked, and that a file on Trump opposition research had been taken. An entity dubbed “Guccifer 2.0” popped up online a day later, claiming to be the source for the soon-to-be-released Wikileaks DNC material, and obligingly posting a file on Trump opposition research, as well as several other files. Forensic analyses have indicated that the posted documents had had their metadata intentionally altered to leave “Russian fingerprints”. Moreover, this alteration had occurred on a computer whose MS Office had been registered to the former technical director for Joe Biden, Warren Flood; hence, this computer presumably had been used in the past by Joe Biden’s staff.

    On July 5th, Guccifer 2.0 downloaded from the DNC server a number of additional documents, some of which – all of them relatively innocuous – he subsequently posted on his own website. Forensic analysis of this download indicated that it occurred locally, most likely via USB port, and that it took place on the East Coast.

    An overview suggests that the Guccifer 2.0 persona was created by people with inside connections to the DNC – on the East Coast, with direct access both to the DNC server and to a computer that had been used by Joe Biden staffers. The evident intent of this charade was to trick our intelligence agencies into concluding that Guccifer 2.0 was the Wikileaks source and was acting at the behest of the Russian government. The fact that he released Trump opposition material a day after the DNC proclaimed that it had been taken by hackers strongly suggests collusion between top people in the DNC and the people concocting Guccifer 2.0. As Adam Carter notes, it is not at all clear how the DNC/Crowdstrike could have known that this particular file had been taken. Carter suspects that principals at Crowdstrike played a key role in creating Guccifer 2.0, as they would have had the expertise required to pull off such a scam. (Whether Imran Awan possesses such skill is not clear.)

    Five days later (July 10th), Seth Rich was murdered, most likely by hitmen. The DNC might have known by this point that Seth was the leaker to Wikileaks – and that he therefore would have been in a position to completely destroy the Russian interference hoax if he had chosen to do so.

    Crowdstrike, whose founders are known to despise the Russian government, rapidly concluded that the DNC server had been hacked by Russians affiliated with Russian intelligence. According to experts who have examined this claim, the logic behind this conclusion is unconvincing and puerile. Moreover, Crowdstrike’s previous effort to implicate Russian intelligence in a hack had been shown to be bogus. Nonetheless, the FBI chose to accept the Crowdstrike conclusions, even though they had never been able to examine the DNC servers themselves because the DNC had refused to turn them over, and the FBI had failed to subpoena them.

    If Hersh’s source inside the FBI is to be believed, the FBI has known for over a year that Seth Rich was a Wikileaks source, and has kept this knowledge secret. The FBI states that they have not participated in the investigation of Seth’s murder – thereby tacitly implying, without saying so directly, that they have not examined his computer. Given that Assange, who presumably has direct knowledge on the issue, has hinted as strongly as possible that Seth was one of his sources, the FBI would be severely derelict if indeed it has not examined Seth computer(s).

    The Obama administration was soon fully on board with the “Russia interfered” narrative, which initially shielded Hillary from the full import of the Wikileaks revelations, and, after the election, provided Hillary’s campaign with an excuse for its failure while enabling an ancillary “Trump colluded in the interference” narrative that could be employed to disable the Trump presidency. Despite Hillary’s concocted claim about “17 intelligence agencies” verifying the Russian interference story, the Obama administration made sure that the standard appropriate process for our intelligence agencies to provide a balanced evaluation – a National Intelligence Assessment, entailing participation by a number of agencies and including any dissenting judgements – was NOT FOLLOWED. Rather, the histrionic Russophobes James Clapper and John Brennan were allowed to hand-pick a group of a couple dozen intelligence personnel from just 3 agencies. The declassified version of the Intelligence Community Assessment (ICA) which they drafted, free of any dissents, accused the Russian government of a conscious campaign to support the candidacy of Trump by hacking several key political websites and providing their contents to Wikileaks and other outlets. Guccifer 2.0 was specifically cited as a Wikileaks source.

    Critics immediately noted that the declassified ICA provided no hard evidence whatever to document its claims, and that over half its length was devoted to a criticism of the RT television network as a supposed propaganda outlet. In particular, no insight was provided as to how the authors of the report had concluded that the hacked documents had been transferred to Wikileaks. The conclusions of this report evidently fit seamlessly into a broader strategy of demonizing Russia, the intent being to insure that our military-industrial complex and NATO continue to receive an outrageous level of funding, and that the warped policy agendas of the neo-cons are satisfied.

    Our MSM immediately embraced the conclusions of the ICA as Gospel truth, frequently referring to “our 17 intelligence agencies” as the source for this report. They completely ignored the fact that the “assessments” of this report are in effect just “best guesses”, that the preamble of the report pointed out that “assessments” should not necessarily be equated to “facts”, and that the NSA – which, as William Binney notes, should have been able to obtain definitive proof for any actual hacking that had occurred – expressed only “moderate confidence” in the conclusions. This sycophantic credulity is particularly inexcusable in the context of the previous “Saddam’s WMDs” hoax which they likewise had swallowed uncritically, resulting in an illegal war with utterly catastrophic consequences.

    The initial claims of Russian interference were soon embellished by media reports claiming that, according to anonymous intelligence sources, the Russian government had attempted to hack into the voter registration files of 21 states, had conducted hacking operations intended to interfere in German and French elections, and had hacked into the Qatari state news agency to plant a fake news story. The veracity of each of these unsourced claims has been called into question, and in some cases disproved, by cyberanalysts, intelligence experts, and journalists. The conclusions of the NSA document leaked by Reality Winner have likewise been shown to be purely speculative. Claims that Russian bots and paid trolls assaulted our social media in the months prior to the election are poorly documented, and, in any case, rather comical.

    Following the election, the Russian interference narrative was echoed unceasingly by the Democratic establishment, as this was the necessary concomitant of the “Trump collusion” claims that they were using to slam and cripple Trump – in the hopes of eventually impeaching him. (It presumably would have been hard for Trump to collude in Russian election interference if in fact there had been no Russian interference.) Hysterical attacks on Russia accelerated to the point that some pols referred to the “Russian interference” as “an act of war”. This New McCarthyism ultimately led to our Congress placing severe new sanctions on Russia which also harm our European allies, and which these allies decry as illegal. In other words, we are punishing Russia for a crime they almost certainly did not commit, alienating key allies in the process, and amping up a Second Cold War, with all the expense and severe danger which this may entail.

    All because the DNC and its associates concocted an overt fraud to protect and excuse Hillary, and to use as a cudgel over Trump – a fraud that was readily lapped up and sold to the public by hand-picked Russophobes in our intelligence community, and by a MSM that cares far less about truth than about access and ratings.

    We need to determine who created the Guccifer 2.0 hoax, and prosecute them to the full extent of the law. The “intelligence agents” who concluded “with high confidence” that Guccifer 2.0 was a Wikileaks source need to be fired or demoted. If the FBI has known all along that Seth was a Wikileaks source, those who shielded the public from this crucial information need to be unmasked. The “journalists” who have been credulously spreading the “Russia interfered” narrative 24/7 for most of a year, without making the least effort to question the veracity of these assertions, should be recognized by the public as the willing tools of lying warmongers that they are, and their future work studiously ignored. The sanctions recently implemented on Russia should be lifted, and the politicians who played the most egregious role in hyping the Russian interference narrative and pushing the sanctions should be repudiated at the polls when they come up for re-election. (I confess, however, that I will not hold my breath waiting for any of these things to happen.)


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s