When the orthodox media depicts the Pentagon as in an uproar about now two leaks of sets of official-looking documents, and tries to spin it that they show how much dirt we’ve gotten on Russia, it’s not a good look. There are too many admissions against interest (which oddly no one has denied) like the generally depleted state of Ukraine’s military, which as we discussed was evident even in the first batch.
In case you’ve been enjoying the holiday weekend by taking a news break, we’ll start with the New York Times to set the stage. Again, recall the New York Times was the first MSM outlet to discuss that what turned out to be the first of (so far) two groups of Pentagon slides, focused on Ukraine preparedness, had made their way to a Russian Telegram account. Some had argued that the first set was a US or Russian psyop, but the authenticity of jargon and the amount of unflattering information argued against it. The second batch extends beyond Ukraine and is perceived to be damaging to US interests.
Mind you, as many war-watchers have pointed out, these revelations don’t appear likely to have much impact on the too-widely-anticipated Ukraine offensive. While the level of detail is tantalizing, the broad findings, like Ukraine’s air defenses have been depleted and are only going to get worse, were evident via open sources. Yet some of the claims are bizarre, like 97% of Russia’s forces being committed to Ukraine. Recall UK Defence Secretary Ben Wallace said that in February, and appeared to be retailing Ukraine propaganda then. Did Wallace get that factoid from these documents?
Nevertheless, this breach will make the US clamp down on distribution of sensitive information, which won’t be helpful so close to the launch of the expected counter-offensive.
From the Grey Lady on Saturday, after the second lot got traction:
A new batch of classified documents that appear to detail American national security secrets from Ukraine to the Middle East to China surfaced on social media sites on Friday, alarming the Pentagon and adding turmoil to a situation that seemed to have caught the Biden administration off guard.
The scale of the leak — analysts say more than 100 documents may have been obtained — along with the sensitivity of the documents themselves, could be hugely damaging, U.S. officials said. A senior intelligence official called the leak “a nightmare for the Five Eyes,” in a reference to the United States, Britain, Australia, New Zealand and Canada, the so-called Five Eyes nations that broadly share intelligence….
Early Friday, senior national security officials dealing with the initial leak, which was first reported by The New York Times, said a new worry had arisen: Was that information the only intelligence that was leaked?
By Friday afternoon, they had their answer. Even as officials at the Pentagon and national security agencies were investigating the source of documents that had appeared on Twitter and on Telegram, another surfaced on 4chan, an anonymous, fringe message board. The 4chan document is a map that purports to show the status of the war in the eastern Ukrainian city of Bakhmut, the scene of a fierce, monthslong battle.
But the leaked documents appear to go well beyond highly classified material on Ukraine war plans. Security analysts who have reviewed the documents tumbling onto social media sites say the increasing trove also includes sensitive briefing slides on China, the Indo-Pacific military theater, the Middle East and terrorism.
Let’s stop here. At least one slide in this second group bore the label “Secret/NoForn,” which means distribution is limited to US citizens. That would seem to rule out our notion, based on the first batch (widely distributed among US allies, including Ukraine) that a Ukrainian unhappy with how the war is being conducted could have been behind the leak. This marking suggests these documents came from a Pentagon source, which could include contractors.
The Times’ chest-thumping about being the first to take up the story is likely to create confusion about the timetable. Some of these documents had been on the Internet for over a month, but oddly only in limited circulation. The Washington Post describes when they apparently went public:
Photographs of at least several dozen pages of highly classified documents, which looked to have been printed and then folded together into a packet, were shared on Feb. 28 and March 2 on Discord, a chat platform popular with gamers. The documents were shared by a user to a server called “Wow Mao.”
I hate having to cite Bellingcat, but perhaps someone in the intel state tossed some bread crumbs over the fence to help bolster their credibility. From the Wall Street Journal:
Some experts who have studied the documents are doubtful the breach is part of a Russian disinformation campaign.
Aric Toler, head of research and training at the Bellingcat investigative consortium….said Saturday that he had traced the original source of the posting to a small group of users called Thug Shaker Central on Discord. Hundreds of files were posted there in January, February and March. Later, some of these documents were reposted by users to a bigger group, uniting fans of the Minecraft game. The original group has since been wiped clean, as was the much bigger document trove.
“I really doubt this is some Russian op, so there’s a good chance only a few internet weirdos saw the hundreds of documents,” said Eliot Higgins, the founder of Bellingcat. “It’s really only something you’d find if you were terminally online.”….
The U.S. is considering a range of possibilities over how the breach occurred, including that someone with top-secret security clearance leaked the information or that U.S. intelligence systems were hacked, U.S. officials said Saturday….
Because the documents appear to be images of printed presentation slides, the investigation will likely focus on that possible method of transferring them from a classified system. Classified documents can only be printed on approved systems, which can be tracked.
OK, so documents were leaked in a way so that almost no one saw them???? The point of a leak is normally to have things seen. So is the idea here that the data breach was the result of a geek manhood competition and someone outside the inner circle noticed or decided to toss some of the records over to Russian Telegram?1
In addition, as Lambert pointed out, “The fact that Bellingcat is claiming that “only a few” in the gaming community saw the information early on should be taken to mean “only a few thousand.”
Regarding the “printed presentation slides,” see these images from Twitter as examples:
Um, those images sure do look folded. The Journal describes how Reality Winner and Terry Albury each were caught by having printouts successfully tracked to them. Albury also took snapshots of screen images. I would assume the powers that be would look into the possibility that photos were manipulated to create the appearance of having been folded.
The Washington Post reassures us that they are hot on the trail of the bad guys:
The Post identified the user that shared the images in February and March who, according to a review of previous social media posts, is based in southern California. A Twitter account using the same handle and avatar image as the Discord account wrote on Friday they had “found some info from a now banned server and passed it on.”
A man who answered the door at a house registered to the Discord user’s father on Friday evening declined to comment. “I’m not talking to anyone,” he said, closing the door of the family’s home at the edge of a cul-de-sac.
About three miles away, at a townhouse registered to the user’s mother, a knock at the door went unanswered. The parents did not respond to calls or messages.
Note the story quotes one official as saying all the documents appear to be a single tranche, which would reinforce the idea that there might be a single actor, despite their being discovered by the officialdom in a two-step process.
For now, the fact of the leaks appears to be more serious than their content. From the Washington Post:
According to one defense official, many of the documents seem to have been prepared over the winter for Gen. Mark A. Milley, chairman of the Joint Chiefs of Staff, and other senior military officials, but they were available to other U.S. personnel and contract employees with the requisite security clearances….
The documents describe intelligence activities at the National Security Agency, the CIA, the Defense Intelligence Agency, law enforcement agencies and the National Reconnaissance Office (NRO) — arguably the most secretive intelligence agency in the government, responsible for a multibillion dollar constellation of spy satellites.
Both the New York Times and the Washington Post pushed the idea that the expose also showed US prowess in spying on Russia. For instance, the Post described how the Wagner Group, which recall is not part of the Russian government, was trying to buy arms in Turkey and Mali. Mercs buying arms! Shocker! It also mentions Wagner having “plans” to recruit from prisons. Um, that’s so well known it’s been widely criticized, even as Wagnerites who finished their six month commitment have been photographed returning to Russia as free men. The GRU was reported as planning a propaganda in Africa. The US also supposedly unearthed Russian plans to shell Ukraine troops in two locations “on a certain date”. Perhaps, but that sound like an option (what if Ukraine changed its force disposition?) as opposed to something more like an order.
Nevertheless, the Washington Post did say in its headline that the US was spying on allies too. Here that means Israel, the UK, and South Korea.
And what about the Ukraine revelations?
Both the Times and the Post ran articles on the degraded state of Ukraine’s air defenses. Neither piece ‘fesses up to the fact that that old S300 system that Ukraine inherited (and presumably was kept fairly up to date through the Maidan coup) is better than anything the West has. War porn fans already have seen ample evidence that Ukraine’s air defenses are weakened and will only get worse. For instance, Russia has been able to send in slow drones of late and they’s been largely unmolested.
Nevertheless, the horror! First the Times in Leaked Documents Suggest Ukrainian Air Defense Is in Peril if Not Reinforced:
For more than a year, Ukrainian air defenses, reinforced by Western weaponry, have kept Russian planes at bay.
But without a huge influx of munitions, Ukraine’s entire air defense network, weakened by repeated barrages from Russian drones and missiles, could fracture…
Stocks of missiles for Soviet-era S-300 and Buk air defense systems, which make up 89 percent of Ukraine’s protection against most fighter aircraft and some bombers, were projected to be fully depleted by May 3 and mid-April, according to one of the leaked documents. The document, which was issued on Feb. 28, based the assessment on consumption rates at the time. It is not clear if those rates have changed.
The same document assessed that Ukrainian air defenses designed to protect troops on the front line, where much of Russia’s air power is concentrated, will “be completely reduced” by May 23, resulting in strains on the air defense network deeper into Ukrainian territory.
These dates explain the sense of urgency about launching the Ukraine counteroffensive. The article mentions that the Russian missile attacks on Ukraine electrical and other infrastructure have worn down Ukraine’s air defense capacity.
On the expenditure of air defense targeting air attacks, it would seem to be an obvious move from Russia, for both practical and psychological reasons, to launch another series of big missile and drone attacks on the launch of the Ukraine counter-offensive.
As for “air defenses designed to defend troops on the front line” I’m not sure what that means, since Russia has overwhelmingly been using artillery (although in fairness of late has added glide bombs, which do have the punch to destroy buildings and other sturdier fortifications). Is this maneuver warfare thinking, that Russia would be doing big arrow attacks (which require air support) were it not for Ukraine’s air defense? Or would Russia indeed make much heavier use of drones and planes against the Ukraine line of contact?
Additional tidbits from the Post in Leaked documents warn of weaknesses in Ukraine’s defenses:
One chart contained in the leak shows the burn rate of Ukrainian air defense projectiles and specifies the time frames for depletion, predicting that SA-11 systems will be out of commission by April 13, U.S.-made NASAMs by April 15, and SA-8s by May. On another chart, the prediction that particular types of ammunition will run dry suggests that Ukrainian defenders should prioritize their efforts by targeting Russian jets and helicopters but hold fire on smaller threats such as drones.
The Times also described how officials were upset about the revelation of equipment levels and force concentration:
The documents on Ukraine’s military appear as photographs of charts of anticipated weapons deliveries, troop and battalion strengths, and other plans. Pentagon officials acknowledge that they are legitimate Defense Department documents, but the copies appear to have been altered in certain parts from their original format. The modified versions, for example, overstate American estimates of Ukrainian war dead and underestimate estimates of Russian troops killed.
In the Brave New World of ISR, it’s likely Russia knew all of this, although perhaps not always in the same level of detail. Recall TASS just identified that only 21% of the recently promised tanks had been delivered to Ukraine….all from public documents. Dima at Military Summary daily shows maps that include Ukraine deployments. With satellite and drone surveillance, Russia likely has a good guesstime, outside urban settings like Bakhmut, how far below full strength these units are. And if I recall correctly, this information was as of early March, so now stale. Nevertheless, Russia could look at its intel as of then and see if it had systematic errors it could address.
Finally, the Post claimed that the Pentagon was worried the leak exposed the workings of cutting edge tools:
For instance, a Feb. 23 overview of fighting in Ukraine’s Donbas region forecasts a “grinding campaign of attrition” by Russia that “is likely heading toward a stalemate, thwarting Moscow’s goal to capture the entire region in 2023.”
That confident statement, which is printed in boldface type, is supported by information obtained from “NRO-collected and commercial imagery,” a new generation of infrared satellites, signals intelligence and “liaison reporting,” a reference to intelligence from a friendly government, about the high rate of Russian artillery fire, mounting troop losses and the military’s inability to make significant territorial gains over the past seven months.
The fact that the United States bases its assessments on many sources is no secret. But U.S. officials said these more detailed disclosures could help Moscow thwart some avenues for collecting information. For example, the Feb. 23 battlefield document names one of its sources as “LAPIS time-series video.” Officials familiar with the technology described it as an advanced satellite system that allows for better imaging of objects on the ground and that could now be more susceptible to Russian jamming or interference. They indicated that LAPIS was among the more closely guarded capabilities in the U.S. intelligence arsenal.
This is all over my pay grade, but the discussion of LAPIS assumes that Russia hasn’t discerned that the US has something like that. As Andrei Martyanov has regularly said, Russia’s forces are fully networked, which means among other things lots of real time data collection. Perhaps it’s an artifact of a very incomplete description of what LAPIS is and does, but a “time series video” sound retrospective, even if recent and therefore less useful than real time.
More important, good intel becomes less useful when filtered through prior beliefs. As we can see above, the US can’t get over its idea that Russia is out to acquire territory, and not first and foremost destroy Ukraine’s (and now NATO’s) ability to wage war. The articles contain denigrating asides about how Russia has conducted the war. One senses that this isn’t mere media messaging but is well internalized among US and NATO decision-makers. That sort of under-estimation has worked out very well for Russia. And the very solidly build echo chamber in the Beltway means it’s likely to continue.
1 I’m now getting sucked into way way too much speculation but perhaps someone who though he was at risk decided that if the documents got into circulation in Russia, the usual “Everything is Putin’s fault” would apply.