When fans wrote to Lamo and the film’s director, Sam Bozzo, asking how they could support the film with donations, Lamo wrote on his Twitter feed on May 20 that donors should give their money instead to WikiLeaks, the whistleblower organization that one month before had released Manning’s Apache helicopter video to an explosive response.
For a young, conscience-stricken soldier who had just completed a massive leak of secret documents, everything would have pointed to Lamo as a sympathetic confidant.
Just a day later, Lamo says he began receiving e-mails from Bradley Manning. The text of the messages was encrypted, and the public key encryption Manning had used was designed so that only Lamo could decrypt it. But Lamo couldn’t find the key that would unlock those messages, so they remained hopelessly scrambled. Lamo wrote back suggesting they simply chat over instant messenger.
On May 21, Lamo received the following message, this time encrypted using the Off-the-Record chat protocol:
“Hi. How are you? I’m an army intelligence analyst, deployed to Eastern Baghdad, pending discharge for ‘adjustment disorder’ . . . I’m sure you’re pretty busy,” the message from a user named Bradass87 read. And then before even waiting for a response, it continued: “If you had unprecedented access to classified networks fourteen hours a day seven days a week for eight plus months, what would you do?”
After a year of shuttling briefcases of documents out of RAND and standing over photocopiers for nights on end, Ellsberg was ready to spill the Pentagon Papers. His next problem: finding someone to take them.
Ellsberg’s Plan A was to have a legislator read the papers into the Congressional Record or hold a hearing based on them, an avenue to the public that still played within Washington’s rules. But Ellsberg’s first choice in the Senate, William Fulbright, balked. After some initial enthusiasm, Fulbright read a portion of the documents and performed a swift about-face after he realized just what kind of political maelstrom might surround the report’s release. “Isn’t it after all only history?” he asked Ellsberg dismissively when they next met in his office.
Ellsberg moved on to the Democratic presidential hopeful Senator George McGovern, who at first seemed even more gung-ho about airing the papers. McGovern offered to read the study on the Senate floor as filibustering material, which would make it fair game for the media. “I want to do it. I will do it,” Ellsberg remembers the Democratic legislator declaring in their meeting.
A week later, he called Ellsberg on the phone. “I’m sorry, I can’t do it,” McGovern said. His campaign for the presidency, it seemed, would have been hamstrung by the controversy of a political pipe-bomb like Ellsberg’s leak.
So Ellsberg turned to Plan B, a whistleblowing outlet he felt was almost sure to result in his spending many years in prison: the press. A few years earlier, Ellsberg had experimented with several single-document leaks to The New York Times aimed at chipping away at Vietnam policy. So he knew a political reporter there, Neil Sheehan. Ellsberg had moved to Cambridge after resigning from RAND to protect his former colleagues from whatever backlash might follow the papers’ leak. And in his apartment near Harvard Square, he showed Sheehan a copy of his stolen bounty. Sheehan took a portion with him, but told Ellsberg his editors still hadn’t decided whether to go ahead with publication.
In fact, Sheehan’s pretense of dallying over the study was designed to prevent the Times from being scooped by another publication. A few weeks later, Sheehan used a key Ellsberg had loaned him to sneak into the Cambridge apartment, have the papers photocopied in a nearby shop, and return them. The newspaper had already rented out a portion of the New York Hilton and begun frantically, secretly, building its story on the study.
On June 13, 1971, the story splashed across the front page of the Times: VIETNAM ARCHIVE: PENTAGON STUDY TRACES 3 DECADES OF GROWING U.S. INVOLVEMENT.
And how long did it take for the leak to be traced to Ellsberg? In fact, some RAND analysts already suspected him even before the Times’ presses started rolling. The newspaper had called RAND executive Leslie Gelb to give him a chance to comment on the story, and according to Ellsberg biographer Tom Wells, Gelb immediately fixated on Ellsberg as the source. How many high-level analysts, after all, had both access to the papers and such a fierce opposition to the war?
The White House didn’t take long to finger Ellsberg either. In archived White House recordings, Nixon names Ellsberg and RAND executives Mort Halperin and Leslie Gelb as the only three analysts who had access to the study. Within days, Ellsberg—or “Ellstein” as Nixon called him with crude anti-Semitic humor—was being discussed as the assumed perpetrator of the leak.
When the Times hit newsstands, it immediately launched a free-speech battle that would redefine the First Amendment. The White House, arguing that the Times had violated the Espionage Act, successfully convinced a federal court to file an injunction against the newspaper to prevent it from publishing any articles on the study. But Ellsberg had already given another copy to The Washington Post, which picked up where the Times left off.
The Post was injuncted too. But Ellsberg stayed a step ahead of the government’s censors, distributing copies of the study to The Boston Globe, the L.A. Times, The Christian Science Monitor, the St. Louis Post-Dispatch, and others, avoiding wiretapped phones and staying in friends’ houses to dodge arrest until all the papers could be distributed. Faced with an endless game of injunction Whac-A-Mole, the White House would eventually give up on preventing the papers’ publication.
Meanwhile, any illusion Ellsberg may have had of remaining anonymous quickly collapsed. A legislative aide to McGovern and Senator Pete McCloskey—another senator who had rebuffed Ellsberg’s leak offer—both told Newsweek that Ellsberg had offered them classified documents. The FBI soon extracted an affidavit from Ellsberg’s ex-wife, whom he’d told about the leak to prepare her for the possibility that he would soon be in prison and unable to pay alimony. In exchange for a grant of immunity, Tony Russo’s advertising friend—the one who had offered Ellsberg her photocopier—testified to the bureau’s agents too.
Every element of Ellsberg’s leak—from his access to narrowly shared information to that information’s copying to its distribution to countless reporters—had left fingerprints for the feds. The press certainly had no doubts: By the time that Ellsberg turned himself in to federal authorities in Boston, Time magazine had already put his face on its cover below the words “The War Exposed.”
With no anonymity tools or cryptographic protections at his disposal, the whistleblower had also exposed himself.
In Baghdad’s forward operating base, Hammer, where Manning was stationed as an intelligence analyst, security was shockingly lax—“physically, technically, and culturally,” as Manning would tell Lamo. He sat among rows of other young analysts watching car chases, music videos, clips of buildings exploding, and often writing data to CDs and DVDs. Even the locks on the doors weren’t properly implemented. Though they were secured with electronic codes, soldiers would simply knock and be let in. “The culture fed opportunities,” he wrote.
And then there were the networks. Although SIPRNet wasn’t connected to the Internet, it lacked sophisticated monitoring. Manning would tell Lamo that he once asked an NSA agent at the base if the network was capable of detecting local suspicious activity. Manning says the agent responded that it “wasn’t a priority” and returned to watching the Shia LaBeouf film Eagle Eye and eating Girl Scout cookies. On another occasion, Manning says he asked the agent specifically about a hypothetical mass internal leak. Manning says the agent responded that he doubted “anyone could figure it out. . . . Resources are strained.”
“Weak servers, weak logging, weak physical security, weak counter-intelligence, inattentive signal analysis,” Manning listed to Lamo. It was, all told, a “perfect example of how not to do infosec.”
In a Senate hearing in early 2011, Senato
r Susan Collins would grill military and State Department officials over those exact vulnerabilities. “How could it be that a low-level member of the military could download such a volume of documents without it being detected for so long?” she asks in a slow, exasperated tone. “That truly baffles me.”
Thomas Ferguson, the deputy undersecretary of defense for intelligence, answers her, sounding distinctly like the teacher’s pet who finds himself in the assistant principal’s office. “The situation in the theater was such that we took a risk,” the gray-goateed official responds flatly, trying to get his confessional over with as quickly as possible. “We took a risk that by putting information out there . . . to provide agility and flexibility of the military forces there, they would be able to reach into any database on SIPRNet, download that information, and move that information using removable media.”
And why weren’t there at least network forensics to catch Manning after his epic data dump? Here the heat can almost be felt building under Ferguson’s collar. “A lot of the systems there are, for lack of a technical term, cobbled together,” he continues with a tight chest. “It’s not just like Bank of America where it’s one homogeneous system and they can insert things and take them out. They have multiple systems and putting in new intrusion software or monitoring tools, you have to approach each system differently.”
The military, he adds, “took on the risk. . . . These people are cleared, they go through background investigations.”
And then finally, the remarkably honest kicker: “Frankly, most of our focus was on the outside intruder threat, not the inside threat.”
Manning, by all indications, was the quintessential insider threat, and he fluidly negotiated the network’s vulnerabilities. In fact, until he sent his fateful, encrypted missive to Adrian Lamo, he performed most of his epic data breach as if he were following a leaker’s best practices handbook.
As Manning told Lamo, the two SIPRNet machines that linked to troves of classified information lacked most of the forensic monitoring tools that might have detected his abnormal searches and his repeated copying of that data to his camouflaged rewritable disks. But even after collecting that contraband, Manning didn’t dare leak it over Internet-connected military networks to WikiLeaks. The timing of his leaks suggests he waited until he was able to return to the United States on leave, and upload it from his MacBook’s connection to a nonmilitary network—perhaps from his aunt’s house in Rockville, Maryland. Like Ellsberg, in other words, he walked his leak out through the Pentagon’s front door.
From there, Manning described to Lamo how he used a combination of security tools to cover every link in the leaking chain that led from WikiLeaks to his MacBook. He connected to WikiLeaks’ Web servers that deployed Secure Sockets Layer, or SSL, the Web encryption commonly used to hide e-commerce or banking sites’ data from any network snoops looking for passwords or credit card numbers. Then he used Secure Shell File Transfer Protocol, or SSH FTP, a method of creating a tunnel of encryption between two remote systems to allow them to securely share files. Finally, and most significantly, he ran Tor, an anonymity tool that took his path to WikiLeaks’ drop site through a series of hops around the Internet, each new address in the series encrypted to prevent anyone from piecing together his final destination and his origin. With that hidden, trace-resistant connection set up, Manning proceeded to siphon out the military’s secrets, through Tor’s tangle of obfuscating blind alleys around the world, and out to the WikiLeaks server at a data center in Stockholm, Sweden.
A year later, after Manning’s loose lips had led military investigators to his name, they confiscated every machine that might have been involved in his leak, from the SIPRNet computers to the MacBook that had by then been shipped back to his aunt’s home in Maryland. With access to those specific computers, the game was over. Investigators found plenty of evidence stored on his hard drives to tie Manning to the leak: He had attempted to expunge all the evidence on his MacBook by overwriting the files with junk data, but his laptop had somehow aborted the process. There were Guantánamo detainee files, ten thousand State Department Cables, and—significantly—chat logs between Manning and Julian Assange in which Assange seemed to help Manning crack into an administrator’s account to access the military network while covering his tracks. (Assange had wanted to know as little about Manning as possible, and their communications likely remained pseudonymous. “Lie to me,” he had told Manning.)
Investigators even found a “readme” file on Manning’s MacBook that he had submitted to WikiLeaks along with his megaleak. “This is possibly one of the more significant documents of our time, removing the fog of war, revealing the true nature of 21st century asymmetric warfare,” it read. “Have a good day.”
But it’s important to remember that none of those fingerprints initially led the investigators to Manning’s name. Adrian Lamo, not digital detective work, put the army on Manning’s scent: All appearances indicate a forensic trail from WikiLeaks to Manning’s identity was never found. Before Lamo handed the investigators Manning’s name on a platter, they could hardly have confiscated every machine on SIPRNet—not to mention every possible laptop used by every intelligence officer on leave in every home in America. Manning, after all, was just another of the 1.2 million Americans with a top-secret security clearance, a well-concealed needle in the towering military-industrial haystack.
All of which means that if the young army private hadn’t detailed his entire leaking process to a stranger he had met online just minutes before, step by incriminating step, he might never have been found out.
Ellsberg’s leak was such a blow to President Nixon’s ego and sense of executive power that the White House overreacted in spectacular fashion. “Goddammit, someone has to go to jail!” Nixon was recorded saying, pounding on his desk with a fist. “That’s all there is to it!”
Later, the administration’s attack methods broadened: “We’ve got to get him,” the president said to Kissinger and Attorney General John Mitchell, referring to Ellsberg. “Don’t worry about his trial. Just get everything out. Try him in the press. . . . We want to destroy him in the press. Is that clear?”
What came next must be considered some of the most absurd and shameful tactics in presidential history. One group of Nixon’s operatives followed Ellsberg’s psychotherapist, Lewis Fielding, disguised with wigs, pipes, and, for one agent, a shoe insert to create a fake limp. Later they broke into Fielding’s office to dig up Ellsberg’s records. The burglars hoped to find dirt on his personal life, or even a connection to a foreign government or subversive group. They found nothing: Fielding hadn’t stored any notes on Ellsberg in his office.
The break-in was followed by an attempt to drug Ellsberg with LSD before a speech he planned to give in Washington. Cuban hotel workers in Miami were recruited by a team led by G. Gordon Liddy to infiltrate the event, spike Ellsberg’s soup with acid to “befuddle” him, and “make him appear to be a near burnt-out drug case.” But by the time it was all approved, the Miami waiters couldn’t be flown to Washington in time. The plan was scrapped.
In the Watergate trial, prosecutors would find that a team of twelve Cuban men had also been hired to assault and “totally incapacitate” Ellsberg at a peace rally. Members of that team later said their mission had been variously to punch Ellsberg in the face or break his legs. But the crowd around the newly famous whistleblower had been too thick, and the twelve goons decided to instead beat up random, unlucky protesters at the event’s edges.
Much of that criminal behavior didn’t become public until after Ellsberg’s trial. But in the meantime, Ellsberg’s defense team found that investigators had illegally wiretapped Ellsberg and RAND’s Mort Halperin without a court order and, even worse, neglected to share those files with the defense. Finally, the judge in the case, William Byrne, revealed that he had been approached by a Nixon aide and offered nothing less than the direct
orship of the FBI in exchange for influence in the Ellsberg trial.
That mountain of improprieties added up to a mistrial. “The totality of the circumstances of this case . . . offend a sense of justice,” wrote Byrne in his decision. “The bizarre events have incurably infected the prosecution of this case.”
Ellsberg was free. The same day, newspapers reported that Nixon’s attorney general, John Mitchell, who had indicted Ellsberg, had himself been indicted on charges of conspiracy, obstruction of justice, and perjury.
It was the beginning of the end of the Nixon presidency—and, eventually, the war in Vietnam.
When Manning and Lamo first began their exchange of encrypted messages, Lamo made two promises of confidentiality. “I’m a journalist and a minister,” he told Manning. “You can pick either, and treat this as a confession or an interview (never to be published) and enjoy a modicum of legal protection.”
In fact, within forty-eight hours of first contact with Bradley Manning, Lamo says he was already mulling the possibility of turning his newfound friend in to authorities. He contacted Tim Webster, a former army counterintelligence agent and friend, and later Chet Uber, an ex-intelligence contractor who worked with Lamo in a volunteer cybersecurity research group called Project Vigilant.
Webster put Lamo in contact with army counterintelligence officers who soon telephoned him at his home. They were skeptical, and asked for proof of Lamo’s claims. It hardly seemed credible that a private first class had accessed and stolen gigabytes of some of the world’s most sensitive information and then confessed it casually over instant messenger to a stranger. Lamo says he responded by referring to a code-named secret project that Manning had mentioned to him. There was a long silence. Then one of the agents asked Lamo never to repeat that code name. “They told me to forget that I’d ever even heard the word,” he says. The feds didn’t question Lamo’s credibility again.
This Machine Kills Secrets Page 5
