Sunday, April 09, 2023

LEAKY SHIP OF STATE TOO
US hit by ‘worst leak of secret documents since Edward Snowden’

Roland Oliphant
Sat, April 8, 2023
JOE HAS DARK OILY PUPILS FROM X FILES

Joe Biden, the US president. The White House is investigating the appearance of highly classified briefing documents related to Ukraine on social media - Kevin Dietsch/Getty Images

The United States is facing possibly its worst intelligence leak since Edward Snowden flew to Moscow after a new batch of classified documents appeared on social media.

More than 100 classified documents relating to Ukraine, China, the Middle East, the Pacific, and terrorism are now believed to be in the public domain after they were posted in an obscure internet forum last month.

It comes after White House officials said they were investigating the appearance of highly classified briefing documents related to Ukraine on Twitter on Thursday.

The US Department of Justice said it had launched an investigation into the leak.

American officials said Russia or pro-Russian elements were likely behind the leak, but did not give further details.

Phillip Ingram, a retired senior British military intelligence officer, said the leak was "very significant" and potentially deeply damaging.

“It shows a failure at the very highest levels of classification,” he said. “These are top secret or above top secret. They are daily briefing documents for senior US decision-makers at joint chiefs - or potentially presidential - level.

“If it is genuine, the Americans have a very serious problem. The biggest since Edward Snowden.”
Briefings marked 'top secret'

The initial leak consisted of briefing documents dated March 1 and marked "secret" and "top secret", which began to appear on Twitter and Telegram on Thursday.

They included battle maps, casualty estimates, and a timeline for the integration of Western equipment into the Ukrainian army.

Some had been crudely doctored to increase the Ukrainian casualties and reduce the Russian ones.

One of the slides says the Ukrainian Security Service believed its own agents may have disobeyed orders and carried out the drone attack on a Russian A-50 aircraft at a Belarusian airbase on Feb 26.

The attribution suggests it was sourced from a signals intercept, which in turn suggests the Americans are eavesdropping on Ukrainian communications.

The new tranche began to circulate on social media channels on Friday.

As well as more Ukraine documents, they include an assessment of Chinese diplomatic pressure on Jordan and other issues in the Middle East and Pacific regions.

Both sets of documents carry designations that mean they should have been accessible only to a very small group of people.

Some are marked "NOFORN", or not releasable to foreign nationals, which is reserved for very high-level intelligence that the Americans do not want to share even with their Five Eyes intelligence allies Australia, Britain, Canada, and New Zealand.

Others are labelled "ORCON", or originator-controlled, meaning the agency that provided the intelligence retains full control of who can see it or which parts are replicated or disseminated.

A CIA spokesman said the agency was also aware of the posts and was looking into the claims, but would not comment on the source.

Although the leaks are likely to trigger fears of a highly placed Russian spy in the US, it would be unusual to burn such a valuable mole by releasing their intelligence online.

Aric Toler, a researcher with the Dutch investigative group Bellingcat, established that the first batch of more than 30 documents appeared to have been posted on an obscure chat server on March 1 and 2 - within a day of them being created.

The user who put them there, who goes by the username Lucca, told Mr Toler that he found the files on a third - now deleted - Discord server called Thug Shaker Central, and that there were many more of them.

“Basically, he and some friends were in a tiny Discord server and one of the guys there was posting hundreds upon hundreds of leaked documents,” said Mr Toler. “The leaked files went back at least to January of this year. The earliest I've seen a trace of is Jan 15."

The leaks cover only a small period of time, but include information the Russians may find useful.

One revealed Ukraine is running low on medium-to-high altitude air-defence missiles and could run out of them by the beginning of May - information Russia could use to plan its air campaign.

It also gives the names and training timetables for nine brigades being prepared to lead Ukraine's spring offensive. It reveals which units are receiving advanced Western kit, including the unit receiving British Challenger II tanks.

It says the offensive will begin at any time from April 1, but does not say where the main blow might fall.

The Discord server that Mr Toler tracked the leaks to belongs to a popular YouTube channel called Wow Mao, which creates “low effort” meme videos with titles like “which Communist would you smoke with?” and “who is the better philosopher? Diogenes versus Jordan Peterson”.

A few days later, some of those files were reposted to another Discord server for players of Minecraft, a video game popular among teenagers in which players explore a vast virtual world with blocky graphics and build structures from cubes.

Then, on Wednesday last week, three of those files were reposted from the Minecraft server to 4Chan, a message board about Japanese animation that is notorious for spawning far-right memes like Pepe the Frog and the “Incel”, or involuntarily celibate, movement made up on sexually frustrated young men.

It was at this point the crude adjustments to the casualty figures were added to one of the files.

The 4chan images were then quickly picked up by pro-Russian war bloggers, who posted them on Telegram and Twitter - prompting the White House to launch an investigation on Thursday.

That convoluted path makes tracing the original poster difficult.

It also suggests the leak was obtained opportunistically, perhaps by hacking, rather than by a highly-placed Russian mole. It would be reckless to blow such a valuable spy's cover by releasing the intelligence they obtained publicly.

Many commentators, including pro-Russian war bloggers, cautioned that the initial leak could be false information deliberately released by the US to mislead Russia ahead of Ukraine’s anticipated spring offensive.

Mykhailo Podolyak, an adviser to Volodymyr Zelensky, the Ukrainian president, said the leaks contained a "very large amount of fictitious information" and was probably a Russian fabrication to sow confusion between Ukraine and its allies.

"These are just standard elements of operational games by Russian intelligence. And nothing more," he wrote.



Mark Galeotti, an expert on the Russian security services, said the leaks did not seem to have been concocted by Moscow, and that the American reaction suggested the papers were genuine.

“The Russians have proven on the whole quite poor at doing really realistic fabrications,” he said.

“And if it was a total fabrication, the Americans would have dismissed it as such. As far as I know, they haven’t - they’re saying things like ‘we don’t comment on this sort of thing’.”

"The main value to the Russians is in embarrassing the Americans and raising questions about their security. This will give the Ukrainian even more excuses not to be that candid with DC."


Why Leaked Pentagon Documents Are Still Circulating on Social Media

Ryan Mac and Kellen Browning
New York Times
Sun, April 9, 2023 

The Pentagon in Arlington, Va., on April 18, 2021. (Stefani Reynolds/The New York Times)

Twitter and social media platform Discord have various policies that might have prompted them to remove the leaked Pentagon documents that Biden administration officials say revealed key information about U.S. intelligence gathering operations.

But gray areas in those rules and uneven enforcement of them make it unclear how, or even if, executives at those companies would decide to remove them.

As of Saturday, Twitter continued to host tweets with the Pentagon’s documents, some of which had been up since at least Wednesday. There is no indication that Elon Musk, who bought Twitter nearly six months ago, will take any action against the tweets with the classified documents.

Two days earlier, Musk seemed to respond sarcastically to a tweet about the leaked material. “Yeah, you can totally delete things from the Internet — that works perfectly and doesn’t draw attention to whatever you were trying to hide at all,” he wrote.

On Discord, which is a messaging platform popular with video game players, the Pentagon documents may have been circulating as early as March. Since Discord chat groups — known as servers — are not directly managed by the company as a Facebook or Twitter feed is, the distribution of the Pentagon documents would have been difficult to spot.

Musk did not respond to a request for comment Saturday, and Discord declined to comment. It is not known if the companies, which are both based in the United States, have been asked to remove the Pentagon material.

In the past, Twitter may have removed the material under rules that prohibit the publication and distribution of hacked materials, two former executives told The New York Times. Under this policy, Twitter would remove tweets with “real or synthesized hacked materials” or place warning labels on the material. Some of the Pentagon material circulating on social media may have been manipulated.

But there were caveats to Twitter’s rules, as they were described in a policy document, which was last updated in October 2020. The rules allowed for exceptions for material that forms the basis for reporting by news agencies. And debates inside social media companies about what to allow online have often been similar to discussions that traditional media have about whether leaked or hacked material is of enough public interest to justify publishing.

It was not clear Saturday whether the Pentagon material was hacked or intentionally leaked — the images circulating appeared to be photographs of documents. The documents could fall into a gray area that, at least in the past, would have led to discussion among compliance officers inside the company about whether they qualified for a takedown.

Twitter used its hacked-material policy to block the circulation of an article in October 2020 from the New York Post that said the FBI had seized a computer that purportedly belonged to Joe Biden’s son Hunter. Twitter’s leaders, including then-CEO Jack Dorsey, later called the decision a mistake.

The former executives, who spoke to the Times on the condition of anonymity for fear of retribution from Musk, said Twitter often received reports of potential violations of its polices from U.S. government organizations.

But since acquiring the company in October, Musk has shrunk the groups responsible for moderation and more than 75% of Twitter’s 7,500 employees have been fired or have left. Ella Irwin, Twitter’s head of trust and safety, did not immediately respond to requests for comment.

Twitter has removed or prevented the circulation of content at the behest of governments such as India and on Musk’s whims.

This past week, Twitter also began regulating the circulation and engagement of links to Substack, a newsletter platform, after the startup unveiled a Twitter-like service. On Friday, many Substack writers found that tweets that had links to their Substack pages could not be liked or retweeted.

Discord surged in popularity during the pandemic, moving beyond its video game roots. By late 2021, the platform had more than 150 million active users each month.

Discord provides so-called servers that are essentially chatrooms, where people can discuss their hobbies and message with one another or join audio calls. Some servers are public and contain thousands of people, while others — such as servers made just for a group of friends — are private.

This arrangement has enabled Discord to thrive but has also led to problems with harmful content. Ensuring that Discord users follow the platform’s policies and refrain from posting inappropriate or questionable material has largely been left up to the individuals who create the servers, some of whom deputize members of the server communities to help enforce rules.

The private nature of some of these groups means they can easily escape detection or moderation.

In 2017, white nationalists organized the “Unite the Right” rally in Charlottesville, Virginia, on far-right Discord servers. Company executives were aware the white nationalists were using the platform but did not remove them until after the rally.

Discord said it had since beefed up its content-moderation team, and the company’s CEO, Jason Citron, said in a 2021 interview that 15% of his employees worked on trust and safety teams.

Still, the company did not discover Discord messages in a private server posted by the shooter who killed 10 people at a grocery store in Buffalo, New York, last spring. In the messages, the shooter posted racist remarks and appeared to detail how he planned to carry out the attack. After the shooting, Discord said it was investigating the postings and working with law enforcement agencies.

In its most recent transparency report, covering the last three months of 2022, Discord said it had disabled more than 150,000 accounts for policy violations that ranged from “harassment and bullying” to “exploitative and unsolicited content.” The number of accounts it had disabled was a 17% decrease from the three months before that, the company said.

c.2023 The New York Times Company

No comments:

Post a Comment