CIA's Ex-No. 2 Says ISIS ‘Learned From Snowden’
Edward Snowden’s leaks about U.S. intelligence operations “played a role in the rise of ISIS.” That’s the explosive new allegation from the former deputy director of the CIA, Michael Morell, who was among the United States’ most senior intelligence officials when Snowden began providing highly classified documents to journalists in 2013.
U.S. intelligence officials have long argued that Snowden’s disclosures provided valuable insights to terrorist groups and nation-state adversaries, including China and Russia, about how the U.S. monitors communications around the world. But in his new memoir, to be published next week, Morell raises the stakes of that debate by directly implicating Snowden in the expansion of ISIS, which broke away from al Qaeda and has conquered large swaths of territory in Iraq and Syria.
“Within weeks of the leaks, terrorist organizations around the world were already starting to modify their actions in light of what Snowden disclosed. Communications sources dried up, tactics were changed,” Morell writes. Among the most damaging leaks, he adds, was one that described a program that collects foreigners’ emails as they move through equipment in the United States.
Terrorist groups, including ISIS, have since shifted their communications to more “secure” platforms, are using encryption, or “are avoiding electronic communications altogether.”
“ISIS was one of those terrorist groups that learned from Snowden, and it is clear that his actions played a role in the rise of ISIS,” Morell writes.
That is not a consensus view within the U.S. intelligence community, where officials have been divided over how much ISIS really learned from the Snowden leaks that it didn’t already know. The group didn’t begin seizing territory in Iraq until a year after the leaks began. And last year, a U.S. intelligence official with access to information about ISIS’s current tactics told The Daily Beast that while the group had “likely learned a lot” from the Snowden leaks, “many of their forces are familiar with the U.S. from their time in AQI, [and] they have adapted well to avoiding detection.”
The acronym refers to al Qaeda in Iraq, the group from which ISIS sprang. It was the target of a massive surveillance and hacking campaign by the NSA and U.S. military forces in Iraq from 2007 to 2008, which primarily targeted fighters’ cellphones. Presumably, ISIS learned from its predecessors—long before Snowden appeared on the scene—that its communications were subject to surveillance and that it should be careful about how it used its phones and email.
But three current and former U.S. officials recently told The Daily Beast that the Snowden leaks had undoubtedly tipped off at least some terrorists to the fact that their communications could be monitored, particularly as part of the program that collects foreigners’ emails in the United States.
That program, authorized by Section 702 of the Foreign Intelligence Surveillance Act, was among the first to be revealed in Snowden’s disclosures, though the fact that the United States had the legal authority to collect emails in that way was well known. But the current and former officials said the documents Snowden leaked named the U.S. companies that were providing information to the NSA and that some terrorists who were under surveillance then stopped using those companies’ email services.
The officials didn’t name those individuals or say which companies they’d been using, but they were convinced that absent the Snowden leaks, the terrorists would have continued to use the American email providers.
“The damage has already been significant and will continue to grow,” Morell writes, referring to the Snowden disclosures. He notes that while much of the public debate in the U.S. stemming from the leaks was over the NSA’s collection of Americans’ phone records, “Snowden damaged a much more important program” in leaking about activities conducted under Section 702.
In his book, Morell also raises the possibility that Snowden’s leaks weren’t limited to the NSA, and he strongly suggests that the ex-systems administrator, who now lives in Russia, may have stolen from the CIA, as well. Snowden was a CIA employee from 2006 to 2009, before he went to work for the NSA as a contractor.
Morell writes that in a briefing with CIA Director John Brennan in mid-June 2013, shortly after the first stories about NSA surveillance appeared in the Guardian and The Washington Post, “I made clear that we needed to know a number of things—as soon as possible. One, were there CIA documents or information in the materials that Snowden had stolen from the NSA? Two, had he stolen any classified information when he served at the CIA?”
Once CIA officers were given access to the NSA’s internal security review about what Snowden took, “the news was not good,” Morell writes. “[A]mong the documents at risk were not just NSA secrets but CIA secrets as well.” Morell doesn’t elaborate on what those secrets were or what kinds of operations they might have involved. But the CIA does some gathering of electronic intelligence, like the NSA, and it works closely with the agency on some operations.
As to the second question of whether Snowden stole classified information while he worked at the CIA, Morell writes, “I am not permitted to provide the answer that was briefed to me, because of concerns about the national security implications if this information were disclosed.”
But Morell does go on at length about Snowden’s term of employment at the CIA, noting that “amazingly” the agency chose to hire him even though he had no college degree, had served briefly in the military, and “had self-taught computer skills but little else going for him.”
Morell also says that “Snowden’s employment application, work performance, and behaviors created concerns at the [CIA]—including security concerns. Snowden was aware of this, and he departed the Agency before they could be resolved and before the Agency could take any action against him.”
Morell appears to be referring, at least in part, to an account from one of Snowden’s CIA supervisors, who reportedly wrote a “derogatory” note in Snowden’s file based on the supervisor’s suspicions that Snowden was behaving strangely in the time before he left the agency to take work as a contractor. In 2013, The New York Times reported that the CIA suspected Snowden was trying to break into classified computer files that he didn’t have permission to access.
A day after the Times story ran, the CIA issued a public statement denying that the agency suspected that Snowden might be trying to break into classified computer networks. But the CIA didn’t dispute that Snowden’s supervisor had written a report noting a “disturbing shift” in Snowden's behavior and that the supervisor’s concerns were not forwarded to the NSA or its contractors until after Snowden began leaking to journalists. The Times based its original report on half a dozen law enforcement, congressional, and intelligence officials with “direct knowledge” of the supervisor’s report.
In his book, Morell counts himself among the numerous intelligence officials, past and present, who have labeled Snowden a “traitor” who risked exposing U.S. intelligence secrets to national adversaries, as well as terrorists. Morell stops short, however, of accusing Snowden of being an agent of a foreign government or spying on its behalf.
“My own view on this question is that both Chinese and Russian intelligence officers undoubtedly pitched him—offering him millions of dollars to share the documents he had stolen and to answer any questions they had about the NSA and CIA. But my guess is that Snowden said, ‘No, thank you,’ given his mind-set and his clear dislike for intelligence services of any stripe.”
That said, Morell argues that Snowden may have “unwittingly led the Chinese or, more likely, the Russians to his treasure chest of documents.” Morell says they then could have applied the “immense capabilities” of their own intelligence services. Those capabilities include industrial-scale computer hacking to steal secrets from countless U.S. companies and, in the case of the Russians, to breach sensitive computer networks at the White House and the State Department.