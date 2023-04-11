Photo: Daniel Slim/AFP via Getty Images

A stunning leak of a cache of classified Pentagon documents appears to be one of the most significant breaches of U.S. intelligence in decades, purportedly revealing national security secrets regarding Ukraine, Russia, Asia, and the Middle East, as well as details about U.S. espionage methods and the country’s spying on adversaries and allies. The Pentagon has confirmed the leak’s authenticity, and while the documents have been circulating online for more than a month, U.S. officials figured this out only after the leaked documents were reported by the New York Times on April 6. The Justice Department has since opened a criminal investigation into what happened. Below is what we know about the leak thus far, including what the documents reveal and who may be responsible for it.

What are the documents, and how many were leaked?

It appears that at least 100 documents were leaked, according to analysts who spoke with the Times. Other news organizations have reported on the contents of 50 pages. The surfaced files are photographs of briefing documents and slides, mostly prepared in February and March, based on intel collected by the NSA, CIA, Defense Intelligence Agency, DEA, and National Reconnaissance Office (which manages U.S. spy satellites). Markings on the documents indicate that some were cleared for sharing with allies, while others were designated for U.S. eyes only — suggesting they originated from an American source.

Many of the documents appear to have been prepared for Mark Milley, chairman of the Joint Chiefs of Staff, though anyone with a high enough security clearance would have had access to them. Former U.S. officials who spoke with the Times say the documents are likely part of a classified briefing that was folded and put in someone’s pocket, then taken somewhere where the pages could be photographed. The Wall Street Journal reports that “a variety of items can be seen in the margins of the photos, including Gorilla glue, shoes and instructions for a GlassHawk HD spotting scope, details that could facilitate the search for the leaker.”

Some of the circulating leaked documents appear to have been doctored but apparently after they were leaked.

How did they come out?

Per what has been reported thus far, the documents began appearing in early March on Discord servers, which are essentially group-chat channels focused on specific interests like video games. According to a Bellingcat investigation, a Discord user seems to have shared more than 30 of the purported documents on one server on March 1 and 2. Some of those documents were then apparently reshared on another server days later, about a month before they began appearing on Telegram, the 4chan messageboard, and Twitter — at which point they gained far more widespread attention. Some news reports have indicated documents were shared on Discord in late February as well.

It’s also possible the leak began as early as mid-January. According to Discord users who spoke with Bellingcat, some of the documents might have been shared on January 17 on yet another Discord server.

On April 7, a larger collection of documents began to appear on social-media platforms, though they might have just been resurfacing from the earlier leak.

Who leaked them and why?

That’s far from clear. Based on what has been reported, it’s probable that the photographed documents were at some point in the possession of a U.S. official since some of them were marked for U.S. eyes only. At least hundreds, if not thousands, of Americans have the level of security clearance required to access such documents.

It seems unlikely at this point that Russia was behind the leak. As one intelligence expert, Brunel University lecturer Dan Lomas, explained to the Financial Times:

The documents reveal how good U.S. intelligence is and the extent to which it has penetrated Russian agencies — and the FSB, GRU and SVR have already had a bad war. So an insider job is far more likely. The enemy within is always the bigger threat.

Are there more?

It’s not clear if this was a onetime leak, if all of the documents have now surfaced, or if the leaker has more to share. The documents revealed thus far seem to have been prepared no later than early March.

What about the doctored documents?

Some of the documents circulated on social media have been doctored — for instance, to reduce the number of estimated Russian casualties in Ukraine and inflate Ukraine’s estimated losses. But that disinformation effort appears to have been made after the documents were leaked.

How has the Pentagon responded to the breach, and what damage could the leak do?

After becoming aware of the leaked documents, the Pentagon launched an investigation and reportedly imposed a strict clampdown on access to U.S. intelligence.

The potential damage of the leak is manifold. It might have compromised various intelligence-collection methods, allowing adversaries like Russia and China to evade future U.S. espionage efforts. Information in the documents regarding Ukraine’s military weaknesses may also prove valuable to Russia if the country was not previously aware of that information. But the documents also contain numerous assessments based on U.S. signals intelligence (the spy term for intercepted communications) that targeted friends and foes alike. In addition to the diplomatic fallout, this could prompt allies to shore up their defenses against U.S. surveillance.

Revelations So Far

Although no news organization or government source has confirmed the accuracy of the information contained in the leaked documents, there is at this point little reason to doubt the documents themselves are authentic. Below are some of the key purported revelations from the cache.

.

The Washington Post highlights how the leaked documents have shed new light on the ways the U.S. conducts espionage:

Among other secrets, they appear to reveal where the CIA has recruited human agents privy to the closed-door conversations of world leaders; eavesdropping that shows a Russian mercenary outfit tried to acquire weapons from a NATO ally to use against Ukraine; and what kinds of satellite imagery the United States uses to track Russian forces, including an advanced technology that appears barely, if ever, to have been publicly identified.

.

The New York Times and Washington Post report that the documents indicate the U.S. has gained access to most of Russia’s security and intelligence services and high levels of Russian military command. It has intercepted communications within Russia’s defense ministry; gained insight into the internal planning of Russia’s military-intelligence agency, GRU; and has obtained actionable intelligence on Russia’s military capabilities and war plans in Ukraine — many of which the U.S. likely passed along to Kyiv.

.

One of the leaked documents indicates the U.S. has been surveilling Zelenskyy’s communications, CNN reports:

The U.S. intelligence report, which is sourced to signals intelligence, says that Zelensky in late February “suggested striking Russian deployment locations in Russia’s Rostov Oblast” using unmanned aerial vehicles, since Ukraine does not have long-range weapons capable of reaching that far.

Though it’s not unexpected that the U.S. would be monitoring Ukraine’s leadership, Ukraine has publicly attempted to discredit the disclosures, and Ukrainian officials are reportedly furious about the leaked intel, which has forced Kyiv to make changes to its spring-offensive plans.

The leaked documents also reveal that the U.S. had intercepted recent discussions with South Korean leadership on whether to break policy and provide military aid to Ukraine via an intermediary country. South Korean president Yoon Suk Yeol has since attempted to downplay the breach and the subsequent scandal it has caused in his country.

.

U.S. intelligence assessments from early February expressed serious doubt about Ukraine’s ability to take back a great deal of Russian-occupied territory this spring, according to a review of one of the leaked documents by the Washington Post. The upcoming offensive is likely to produce only “modest territorial gains” owing to Ukraine’s lack of equipment, ammunition, and troops, the document said. It also noted that “enduring Ukrainian deficiencies in training and munitions supplies probably will strain progress and exacerbate casualties during the offensive.”

.

According to the Washington Post, one of the reports in the leaked documents indicates that, in early February, the Kremlin-backed mercenary force “met with Turkish contacts to purchase weapons and equipment from Turkey for [Wagner’s] efforts in Mali and Ukraine,” and that Mali’s interim president confirmed it could get the arms from Turkey on the group’s behalf. Turkey declined to comment on the allegation when contacted by the Post, but if the assessment is accurate, it could mean the NATO member was covertly supplying weapons to both sides of the Ukraine conflict.

.

According to a leaked top-secret document from mid-February, Egyptian president Abdel Fattah El-Sisi secretly ordered the production and shipment of as many as 40,000 rockets to Russia, the Washington Post reports. Egypt, a longtime key U.S. ally in the Middle East, has publicly maintained a policy of noninvolvement toward the war in Ukraine, and in a statement to the Post, the foreign ministry suggested that policy has not changed. Regarding the rocket plan, an anonymous U.S. official also told the Post, “We are not aware of any execution of that plan.” It’s not clear how far the plan has progressed, assuming the leaked intel is accurate, nor is it clear how such a move would have impacted the relationship between the U.S. and Egypt.

.

According to one leaked U.S. military document, British defense minister Ben Wallace told U.K. lawmakers last October that on September 29, two Russian Su-27 fighter jets intercepted and harassed a British RC-135 reconnaissance plane flying in international airspace over the Black Sea. Wallace said one Russian jet had flown within 15 feet of the U.K. plane and another had released a missile from a distance, but Russian defense officials had told him the missile launch was due to a “technical malfunction.” The U.S. military document referred to the incident as a “near shoot down.” British officials have pushed back on the leaked U.S. assessment.

.

Another of the leaked documents reveals that, earlier this year, the U.S. intercepted electronic communications between the pro-Russian hacking group Zarya and officers with Russia’s FSB security service in which the hackers said they had breached a Canadian gas-pipeline company and gained access to its control systems. The hackers purportedly shared screenshots of their access with the officers and claimed the breach gave them the ability to “increase valve pressure, disable alarms, and initiate an emergency shutdown of the facility.” The leaked briefing did not identify the Canadian company or the facility. It said the hackers claimed that they did unspecified damage, causing “profit loss” for the company, and that FSB officers told the hackers to maintain their access and await further instructions.

After news of the alleged hack surfaced, the Globe and Mail reported that it was unable to verify the claims and noted that “there is no evidence to date that a natural-gas pipeline company in Canada suffered such an attack, which the Pentagon documents suggest occurred earlier this year.” According to cybersecurity reporter Kim Zetter, “a U.S. government source who closely follows critical infrastructure incidents in the U.S. said they heard chatter a while back that something had occurred at a Canadian gas facility, but was not aware of anyone confirming that any ‘physical impact’ had occurred.”

.

According to one of the leaked documents, a March 1 CIA assessment said that, according to intercepted communications, leaders of Israel’s intelligence agency had backed protests against prime minister Benjamin Netanyahu’s controversial attempt to overhaul the country’s judiciary. Mossad leaders “advocated for Mossad officials and Israeli citizens to protest against the new Israeli Government’s proposed judicial reforms, including several explicit calls to action that decried the Israeli government,” the assessment said.

Netanyahu’s power play has triggered mass protests and strikes in Israel, and the backlash recently prompted him to at least temporarily abandon the effort. Israeli officials have denied the leaked assessment. Some Israeli pundits have also suggested that the assessment might have been referring to an open letter supporting the protests sent by former Mossad leaders and/or how the agency’s leadership allowed employees to join the demonstrations, provided they did so only as private citizens.

.

One late-February report in the leaked documents said the Wagner Group, the notorious Kremlin-backed Russian mercenary force, “planned to discreetly travel to Haiti to assess the potential for contracts with the Haitian government to fight against local gangs.”

It’s not clear how far those plans progressed. The Miami Herald reports that a Haitian government official told the paper “that Prime Minister Ariel Henry has not had any discussions with the Wagner Group or any Russian officials, nor has he sought help from either as part of his request to international partners to deploy a rapid response force to Haiti to help the national police take on gangs.”

.

Another document said that, according to intercepted communications, Nicaragua has been deepening its ties with China since its primary security ally, Russia, became entangled in the Ukraine invasion. Nicaragua and China have conducted negotiations over building a deepwater port in Bluefields, and a Chinese engineering firm purportedly began moving forward with initial plans in the middle of 2022. The U.S. assessment concludes that though Nicaragua still favors Russia, it “probably would consider offering Beijing naval access in exchange for economic investment.”