The New York Times reports on the United States National Security Agency (NSA) paying $100,000 to a sketchy Russian in exchange for delivering stolen “cyber weapons” from the Tailored Access Operations team, but ended up including compromising material on President Trump:
Several American intelligence officials said they made clear that they did not want the Trump material from the Russian, who was suspected of having murky ties to Russian intelligence and to Eastern European cybercriminals. He claimed the information would link the president and his associates to Russia. Instead of providing the hacking tools, the Russian produced unverified and possibly fabricated information involving Mr. Trump and others, including bank records, emails and purported Russian intelligence data.
The United States intelligence officials said they cut off the deal because they were wary of being entangled in a Russian operation to create discord inside the American government. They were also fearful of political fallout in Washington if they were seen to be buying scurrilous information on the president.
The Central Intelligence Agency declined to comment on the negotiations with the Russian seller. The N.S.A., which produced the bulk of the hacking tools that the Americans sought to recover, said only that “all N.S.A. employees have a lifetime obligation to protect classified information.”
The negotiations in Europe last year were described by American and European intelligence officials, who spoke on the condition of anonymity to discuss a clandestine operation, and the Russian. The United States officials worked through an intermediary — an American businessman based in Germany — to preserve deniability. There were meetings in provincial German towns where John le Carré set his early spy novels, and data handoffs in five-star Berlin hotels. American intelligence agencies spent months tracking the Russian’s flights to Berlin, his rendezvous with a mistress in Vienna and his trips home to St. Petersburg, the officials said.
The N.S.A. even used its official Twitter account to send coded messages to the Russian nearly a dozen times.
The entire story is fascinating and sounds very intelligence agency-like in execution. It almost reads like a Jason Bourne novel, but with real life spies leveraging tradecraft to achieve their esoteric goals.
The Shadow Brokers attack is one of the thorns in the NSA’s side, and they severely wish to both learn how the breach was conducted and recover their lost tools. Oddly, for an agency well versed in the internet, I cannot fathom how the NSA thinks paying some nefarious Russian spy – or any country for that matter – for their stolen tools is going to guarantee the so-called bad guys will no longer utilize the tools. This seems extremely short-sighted.
Add in all the crazy political turmoil in the United States between President Trump, Congress, Democrats, Republicans, and the population, and this just seems like a very risky operation to a layman like myself.
On the one hand I understand why the NSA is willing to pay for information leading to help them determine how the Shadow Brokers stole their most guarded secrets. But on the other hand, there is a need to assess the risk and determine if such an operation is acceptable. This is not much different than network risk assessments, just the size and scale are substantially larger, with higher stakes.