LawFareblog: The Time I Got Recruited to Collude with the Russians

By Matt Tait  Friday, June 30, 2017,

 read the Wall Street Journal’s article yesterday on attempts by a GOP operative to recover missing Hillary Clinton emails with more than usual interest. I was involved in the events that reporter Shane Harris described, and I was an unnamed source for the initial story.

CLICK IMAGE ABOVE for direct link to LawFareblog piece.

What’s more, I was named in, and provided the documents to Harris that formed the basis of, this evening’s follow-up story, which reported that “A longtime Republican activist who led an operation hoping to obtain Hillary Clinton emails from hackers listed senior members of the Trump campaign, including some who now serve as top aides in the White House, in a recruitment document for his effort”:

Officials identified in the document include Steve Bannon, now chief strategist for President Donald Trump; Kellyanne Conway, former campaign manager and now White House counselor; Sam Clovis, a policy adviser to the Trump campaign and now a senior adviser at the Agriculture Department; and retired Lt. Gen. Mike Flynn, who was a campaign adviser and briefly was national security adviser in the Trump administration.

I’m writing this piece in the spirit of Benjamin Wittes’s account of his interactions with James Comey immediately following the New York Times story for which he acted as a source. The goal is to provide a fuller accounting of experiences which were thoroughly bizarre and which I did not fully understand until I read the Journal’s account of the episode yesterday. Indeed, I still do not fully understand the events I am going to describe, both what they reflected then or what they mean in retrospect. But I can lay out what happened, facts from which readers and investigators can draw their own conclusions.

For the purpose of what follows, I will assume readers are already familiar with the Wall Street Journal’s reporting on this matter.

My role in these events began last spring, when I spent a great deal of time studying the series of Freedom of Information disclosures by the State Department of Hillary Clinton’s emails, and posting the parts I found most interesting—especially those relevant to computer security—on my public Twitter account. I was doing this not because I am some particular foe of Clinton’s—I’m not—but because like everyone else, I assumed she was likely to become the next President of the United States, and I believed her emails might provide some insight into key cybersecurity and national security issues once she was elected in November.

A while later, on June 14, the Washington Post reported on a hack of the DNC ostensibly by Russian intelligence. When material from this hack began appearing online, courtesy of the “Guccifer 2” online persona, I turned my attention to looking at these stolen documents. This time, my purpose was to try and understand who broke into the DNC, and why.

A few weeks later, right around the time the DNC emails were dumped by Wikileaks—and curiously, around the same time Trump called for the Russians to get Hillary Clinton’s missing emails—I was contacted out the blue by a man named Peter Smith, who had seen my work going through these emails. Smith implied that he was a well-connected Republican political operative.

Initially, I assumed the query must have been about my work on the DNC hack; after all, few people followed my account prior to the DNC breach, whereas my analysis of the break-in at the DNC had received considerably more coverage. I assumed his query about the “Clinton emails” was therefore a mistake and that he meant instead to talk to me about the emails stolen from the DNC. So I agreed to talk to him, thinking that, whatever my views on then-candidate Trump, if a national campaign wanted an independent non-partisan view on the facts surrounding the case, I should provide it to the best of my ability.

Yet Smith had not contacted me about the DNC hack, but rather about his conviction that Clinton’s private email server had been hacked—in his view almost certainly both by the Russian government and likely by multiple other hackers too—and his desire to ensure that the fruits of those hacks were exposed prior to the election.

Over the course of a long phone call, he mentioned that he had been contacted by someone on the “Dark Web” who claimed to have a copy of emails from Secretary Clinton’s private server, and this was why he had contacted me; he wanted me to help validate whether or not the emails were genuine.

Under other circumstances, I would have gone no further. After all, this was occurring in the final stretch of a U.S. presidential election, and I did not feel comfortable, and had no interest in, providing material help to either of the campaigns beyond merely answering questions on my already public analysis of Clinton’s emails, or of the DNC hack. (I’m not a U.S. citizen or resident, after all.)

In any case, my suspicion then and now was that Hillary Clinton’s email server was likely never breached by Russia, and moreover that if Russia had a copy of Clinton’s emails, they would not waste them in the run-up to an election she was likely to win. I thus thought Smith’s search for her emails was in vain.

But following the DNC hack and watching the Russian influence campaign surrounding it unfold in near real-time, Smith’s comment about having been contacted by someone from the “Dark Web” claiming to have Clinton’s personal emails struck me as critically important. I wanted to find out whether this person was merely some fraudster wanting to take Smith for a ride or something more sinister: that is, whether Smith had been contacted by a Russian intelligence front with intent to use Smith as part of their scheme by laundering real or forged documents.

I never found out who Smith’s contact on the “Dark Web” was. It was never clear to me whether this person was merely someone trying to dupe Smith out of his money, or a Russian front, and it was never clear to me how they represented their own credentials to Smith.

Over the course of our conversations, one thing struck me as particularly disturbing. Smith and I talked several times about the DNC hack, and I expressed my view that the hack had likely been orchestrated by Russia and that the Kremlin was using the stolen documents as part of an influence campaign against the United States.

I explained that if someone had contacted him via the “Dark Web” with Clinton’s personal emails, he should take very seriously the possibility that this may have been part of a wider Russian campaign against the United States. And I said he need not take my word for it, pointing to a number of occasions where US officials had made it clear that this was the view of the U.S. intelligence community as well.

Smith, however, didn’t seem to care. From his perspective it didn’t matter who had taken the emails, or their motives for doing so. He never expressed to me any discomfort with the possibility that the emails he was seeking were potentially from a Russian front, a likelihood he was happy to acknowledge. If they were genuine, they would hurt Clinton’s chances, and therefore help Trump.

When he first contacted me, I did not know who Smith was, but his legitimate connections within the Republican party were apparent. My motive for initially speaking to him was that I wondered if the campaign was trying to urgently establish whether the claims that Russia had hacked the DNC was merely “spin” from the Clinton campaign, or instead something they would need to address before Trump went too far down the road of denying it. My guess was that maybe they wanted to contact someone who could provide them with impartial advice to understand whether the claims were real or just rhetoric.

Although it wasn’t initially clear to me how independent Smith’s operation was from Flynn or the Trump campaign, it was immediately apparent that Smith was both well connected within the top echelons of the campaign and he seemed to know both Lt. Gen. Flynn and his son well. Smith routinely talked about the goings on at the top of the Trump team, offering deep insights into the bizarre world at the top of the Trump campaign. Smith told of Flynn’s deep dislike of DNI Clapper, whom Flynn blamed for his dismissal by President Obama.

Smith told of Flynn’s moves to position himself to become CIA Director under Trump, but also that Flynn had been persuaded that the Senate confirmation process would be prohibitively difficult. He would instead therefore become National Security Advisor should Trump win the election, Smith said.

He also told of a deep sense of angst even among Trump loyalists in the campaign, saying “Trump often just repeats whatever he’s heard from the last person who spoke to him,” and expressing the view that this was especially dangerous when Trump was away.

Over the course of a few phone calls, initially with Smith and later with Smith and one of his associates—a man named John Szobocsan—I was asked about my observations on technical details buried in the State Department’s release of Secretary Clinton’s emails (such as noting a hack attempt in 2011, or how Clinton’s emails might have been intercepted by Russia due to lack of encryption).

I was also asked about aspects of the DNC hack, such as why I thought the “Guccifer 2” persona really was in all likelihood operated by the Russian government, and how it wasn’t necessary to rely on CrowdStrike’s attribution as blind faith; noting that I had come to the same conclusion independently based on entirely public evidence, having been initially doubtful of CrowdStrike’s conclusions

Towards the end of one of our conversations, Smith made his pitch. He said that his team had been contacted by someone on the “dark web”; that this person had the emails from Hillary Clinton’s private email server (which she had subsequently deleted), and that Smith wanted to establish if the emails were genuine. If so, he wanted to ensure that they became public prior to the election. What he wanted from me was to determine if the emails were genuine or not.

It is no overstatement to say that my conversations with Smith shocked me. Given the amount of media attention given at the time to the likely involvement of the Russian government in the DNC hack, it seemed mind-boggling for the Trump campaign—or for this offshoot of it—to be actively seeking those emails. To me this felt really wrong.

In my conversations with Smith and his colleague, I tried to stress this point: if this dark web contact is a front for the Russian government, you really don’t want to play this game. But they were not discouraged. They appeared to be convinced of the need to obtain Clinton’s private emails and make them public, and they had a reckless lack of interest in whether the emails came from a Russian cut-out.

Indeed, they made it quite clear to me that it made no difference to them who hacked the emails or why they did so, only that the emails be found and made public before the election.

In the end, I never saw the actual materials they’d been given, and to this day, I don’t know whether there were genuine emails, or whether Smith and his associates were deluding themselves.

By the middle of September, all contact between us ended. By this time, I had grown extremely uncomfortable with the situation, so when Smith and his colleague asked me to sign a non-disclosure agreement, I declined to do so. My suspicion was that the real purpose of the non-disclosure agreement was to retrospectively apply confidentiality to the conversations we had already had before that point. I refused to sign the non-disclosure and we went our separate ways.

As I mentioned above, Smith and his associates’ knowledge of the inner workings of the campaign were insightful beyond what could be obtained by merely attending Republican events or watching large amounts of news coverage. But one thing I could not place, at least initially, was whether Smith was working on behalf of the campaign, or whether he was acting independently to help the campaign in his personal capacity.

Then, a few weeks into my interactions with Smith, he sent me a document, ostensibly a cover page for a dossier of opposition research to be compiled by Smith’s group, and which purported to clear up who was involved. The document was entitled “A Demonstrative Pedagogical Summary to be Developed and Released Prior to November 8, 2016,” and dated September 7.

It detailed a company Smith and his colleagues had set up as a vehicle to conduct the research: “KLS Research”, set up as a Delaware LLC “to avoid campaign reporting,” and listing four groups who were involved in one way or another.

The first group, entitled “Trump Campaign (in coordination to the extent permitted as an independent expenditure)” listed a number of senior campaign officials: Steve Bannon, Kellyanne Conway, Sam Clovis, Lt. Gen. Flynn and Lisa Nelson.

The largest group named a number of “independent groups / organizations / individuals / resources to be deployed.” My name appears on this list. At the time, I didn’t recognize most of the others; however, several made headlines in the weeks immediately prior to the election.

My perception then was that the inclusion of Trump campaign officials on this document was not merely a name-dropping exercise. This document was about establishing a company to conduct opposition research on behalf of the campaign, but operating at a distance so as to avoid campaign reporting. Indeed, the document says as much in black and white.

The combination of Smith’s deep knowledge of the inner workings of the campaign, this document naming him in the “Trump campaign” group, and the multiple references to needing to avoid campaign reporting suggested to me that the group was formed with the blessing of the Trump campaign.

In the Journal’s story this evening, several of the individuals named in the document denied any connection to Smith, and it’s certainly possible that he was a big name-dropper and never really represented anyone other than himself. If that’s the case, Smith talked a very good game.

I’m sure readers are wondering: why did I keep quiet at the time? Actually, I didn’t. In the fall, prior to the election, I discussed the events of the story first with a friend, and secondly with a journalist. The trouble was that neither I nor the reporter in question knew what to make of the whole operation. It was certainly clear that the events were bizarre, and deeply unsettling. But it wasn’t reportable.

After all, Clinton’s private emails never materialized. We couldn’t show that Smith had been in contact with actual Russians. And while I believed—as I still do—that he was operating with some degree of coordination with the campaign, that was at least a little murky too. The story just didn’t make much sense—that is, until the Journalyesterday published the critical fact that U.S. intelligence has reported that Russian hackers were looking to get emails to Flynn through a cut-out during the Summer of 2016, and this was no idle speculation on my part.

Suddenly, my story seemed important—and ominous.

Matt Tait
Matt Tait is the CEO and founder of Capital Alpha Security, a UK based security consultancy which focuses on research into software vulnerabilities, exploit mitigations and applied cryptography. Prior to founding Capital Alpha Security, Tait worked for Google Project Zero, was a principal security consultant for iSEC Partners, and NGS Secure, and worked as an information security specialist for GCHQ. @pwnallthethings

You must be logged in to post a comment Login