Sunday, May 20, 2018

UPDATED: Crossfire Hurricane: The How and Why

We're getting to the point in Obamagate where it's possible to begin to gather some of the disparate threads together. Yes, there's still plenty to uncover, but a lot of the picture is slowly emerging--and the process is gathering momentum as the Deep State begins to switch over to damage control mode. That aspect has become apparent with the revelation of Stefan Halper as a key operative for the FBI, the revelation of the codename for the FBI Full Investigation as "Crossfire Hurricane," and the floating of the desperately absurd new narrative: We weren't spying on Trump--we wanted to protect him!

To understand what Crossfire Hurricane was all about, it helps to begin with the realization that it was not the FBI's first choice--in the big picture it amounts to a fall back option that was more or less forced on the FBI by circumstances beyond their control.

Make no mistake about it--the FBI was all in with the effort to enable a Democrat presidential handoff from Obama to Clinton. In modern political campaigns, intelligence and data in digital form is essential to success, and that's where the FBI came in. Running informants, such as Halper, against the GOP wasn't going to guarantee a Clinton victory--not in and of itself. However, access to bulk amounts of sensitive inside data could play a significant role. And the FBI had that access, in the form of access to raw NSA data, which means just about all digital communications in the world. Remember Nellie Ohr? The former CIA contractor and former employee of Fusion GPS? She became a ham radio operator during the 2016 campaign, so I guess she understood what it takes to fly under the Deep State radar.

Now, the FBI wasn't about to do something totally stupid, like mine the NSA for data and ship boatloads of it over to the DNC or some other intermediary to the Clinton campaign. Not as an institution. No, the smart way to do this would be to hire non-government contractors--we'll call them Fusion GPS and Crowdstrike--to provide the FBI with "analytical assistance." As if the FBI didn't have an army of analysts already. And then give these contractors total access to NSA data without telling NSA, who would have thought that only FBI employees were combing through their data. You can read the gory details in Jeff Carlson's excellent article: The FBI’s Outside Contractors, DNC Servers & Crowdstrike.

The beauty of this approach was that it totally bypassed legal controls. There was no need to falsify things in writing, no need to make stuff up to open a Full (Counterintelligence) Investigation (FI) on a US Person (USPER), and then lie to the FISC to get FISA coverage on the USPER. No need to have to regularly renew the FISA and lie all over again to the FISC each time. Of course, it wasn't as if the FISC was doing much besides rubber stamping FISA applications but, hey, who needs the bother? And besides, better safe than sorry. Because, in the unlikely event that the FBI would be questioned about this arrangement, they could just play dumb: Gosh, we didn't know the contractors were looking at all that stuff! How do you prove criminal intent?

So this cute arrangement was humming along, working like a charm. For how long? That's hard to say, but we know that it was in operation no later than December of 2015. And the way that came to light was that in the Spring of 2016 the unlikely event actually occurred: Admiral Mike Rogers, head of NSA, learned of irregularities in FBI accessing of NSA data and did an audit of the activity. That audit covered the period beginning from December 2015, and it discovered that fully 85% of the queries failed to comply with what are called "minimization procedures" (procedures designed to shield the identities of persons who fell within certain criteria--like, USPERs who had no connection to intelligence or terrorist activities). Then, as if Rogers learning about this weren't bad enough, Rogers went and blew a whistle--to the FISC itself--and put a stop to it all. That was in April, 2016, just as it was becoming obvious that Trump was going to be the GOP candidate for President.

Naturally this put the FBI in a bind. Everything had been working so smoothly, freeing the FBI's top agents to play make believe investigation of things like the Clinton Foundation and Hillary's home brewed email server. With Rogers having thrown a monkey wrench into the works, the question became: how could the FBI continue to please their Democrat masters, with the non-government contractors out of the picture?

Well, as it happened, there was a way to continue access to all that data, but there would be a lot more work involved and a lot more fudging of the facts would be required. What the FBI needed to do was to get a FISA order that would give them legal access to the Trump campaign. Now, when I say "legal access" I mean that in a formal sense: the legal requirements would appear to be satisfied, but the underlying facts might be a bit dodgy. Or even very dodgy. But what would be required to obtain that sort of FISA coverage would be a FI on an USPER connected to the Trump campaign, because the FISA law and The Attorney General's Guidelines for Domestic FBI Operations stipulate that FISA can only be used if there's a FI authorized and open. (N.B., these Guidelines supersede, essentially by incorporation, the earlier Attorney General Guidelines for FBI National Security Investigations and Foreign Intelligence Collection. Which is to say, for our purposes, they're the same in essentials.)

Moreover, opening a FI isn't so easy, especially not on an USPER (for the details, refer to the Guidelines--it's all spelled out there). For starters, since FISA is a CI technique you need to come up with a nexus to a hostile foreign power. That means the FBI needed to identify someone associated with the Trump campaign who had some connection to a hostile foreign power. What hostile foreign power? Well, Russia comes to mind, since it was in the news so much. So, the obvious approach was to examine the roster of Trump's foreign policy advisers for a likely candidate--someone with Russian connections. Again, I say "likely candidate," but if you read the Guidelines you'll realize that simply having a connection to a hostile foreign power such as Russia doesn't mean the FBI can open a FI on you. Heck, Bill and Hillary Clinton had those connections, as did John Podesta and plenty of others in that crowd. No, essentially, you need to show that the USPER in question is probably a spy. Exactly how are you going to do that, especially when the likelihood of it being true is approximately zero?

One time honored way is to simply pay people to say that your targeted USPERs are spies. For example, Glenn Simpson at Fusion GPS--an opposition research firm for the Clinton campaign--knew a former MI-6 operative named Christopher Steele. For a price, Steele could write up a "dossier" that purported to provide information from Russian sources that could arguably provide the basis for opening a FI on Trump foreign policy advisers or, who knows, on Trump himself! Let's see. We know that Carter Page traveled to Moscow recently, maybe Steele's "sources" could say that Page met with bad people there, and then Steele could pass that along to Fusion GPS, who could pass it along to the FBI. That's good, but it's inherently unverifiable, so it would be helpful to have some additional sourcing. Where could that come from?

Well, the FBI had a source, who we'll call Stefan Halper. They could claim that Halper had a long history of providing highly reliable, highly specific information in the CI field. The FBI could contrive a way to have Halper put himself in contact with Trump foreign policy advisers. Halper could then feed back "information" that could be used to buttress Steele and Simpson's "dossier." That might cost a bit, but it would be worth it and, anyway, the US Government would be footing the bill, so ...

But there's a bit of a catch at this point, related to the fact that Halper is a US citizen and the FBI is a US agency that's supposed to follow US law. It's one thing for a Brit like Steele to volunteer information, but for a US law enforcement and CI agency like the FBI to direct a source to get in touch with a targeted USPER the FBI needs to have an open investigation on that USPER. How do they do that, if the whole point of the exercise of acquiring source information is to open an FI? Well, there's a way. There's always a way.

If you consult the Guidelines, you'll find that there's more than one kind of investigation. There's the FI, which we've already discussed, and we know that the threshhold for opening a FI on an USPER is, in practice, fairly high. Fortunately for the FBI there's also a type of investigation with a much lower threshhold, called a Preliminary Investigation (PI). Now, you can't get FISA coverage with a PI, but you can use most other investigative techniques (and, yes, the Guidelines spell all this out, too). For example, you can use National Security Letters. Or Pen Registers. Or consensual monitoring. And, handily for this case, the Guidelines allow the FBI to use the investigative technique of putting sources in contact with your target and seeking to develop information of use. And that might help provide predication for that all important FI, which in turn could serve as the basis for FISA coverage.

My assumption is that the FBI would have wanted to play this by the book, to preserve at least the appearance of legality. That means they would have had at least one PI opened in order to use Halper to target USPERs in the Trump campaign, and there may have actually been several PIs opened. This would have happened in April or May of 2016, whereas the FI that was eventually opened (on Carter Page) was opened on July 31, 2016. What was happening in the meantime? Quite a bit. Steele was busy writing "reports" for his "dossier" during that time period. Halper was in contact with Trump foreign policy advisers: George Papadopoulos and Carter Page. And, intriguingly, a dodgy Russian lawyer offered "dirt on Hillary" to the Trump campaign and met at Trump Towers on June 9, 2016 with ... Don Trump Jr. and Paul Manafort.

Why is that Trump Towers meeting so intriguing to me? Because it has many of the earmarks of a setup, and because many of the factors surrounding the meeting don't add up in any other way. For example. The Russian lawyer, Veselnitskaya, who met with Trump Jr. and Manafort had to be admitted to the US on a special visa by AG Lynch. The reason Veselnitskaya came to the US was to lobby against the sanctions that the Obama administration had placed on Russia. Why would the Obama administration go to any trouble for that? In addition, when Veselnitskaya showed up at Trump Towers, instead of dishing dirt on Hillary she only wanted to talk about sanctions. Is it possible that she was trying to set up a situation in which the Trump campaign might appear to be entering into some sort of quid pro quo with regard to easing of sanctions? If so, that would certainly work for initiating a FI--or even torpedoeing the Trump candidacy entirely. We know that Veselnitskaya met with Glenn Simpson both shortly before and shortly after the meeting. Was Simpson cooperating with the FBI? We know he had connections to the FBI. Was this whole meeting an FBI directed setup, or attempted setup? There seems no question but that that would have served the end that the FBI was clearly working toward: authorization for a FI and FISA coverage.

In any event, these various efforts bore fruit, because on July 31, 2016, a FI on Carter Page was opened, which we now know was codenamed Crossfire Hurricane. The authorization for that FI was based in large part on Steele and Simpson's "dossier." However, since the FBI almost immediately attempted to parley that FI into a FISA warrant, and we know from Devin Nunes as well as James Comey that the FISA application was based on more than just the "dossier," we can safely assume that Halper's contacts with Page were a factor as well. In the event, the FISA warrant wasn't obtained until shortly before the election, but it has continued to serve a valuable purpose by providing at least an arguable legal basis for the FBI's actions.

So there we are. But for Mike Rogers at NSA, who forced the FBI into more open action, the American people would probably have been none the wiser regarding the politicization and weaponization of our Government intelligence agencies and of the Deep State's attempted manipulation of the 2016 election. As I said at the top, there's plenty more that needs to be fit into this scenario--the role of John Brennan at the CIA, in particular. But for now, this should serve as a useful framework.


Today, @ 4:52 EST sundance at CTH, in the course of a slightly longer blog post, included two paragraphs that succinctly second what I'm saying in this post. Yes, it's important to understand the distinctions in the Guidelines that the FBI operates under--Preliminary v. Full Investigations, and so forth. But the real big picture has to do with the use by the Intelligence Community agencies of electronic surveillance in an attempt to prevent the election of Donald Trump and then, in the wake of that election, to nullify the electorate's choice. Hear are those two paragraphs:

As we have outlined since early 2017, it is the: unlawful FISA(702) search query issues; the prior investigation by NSA Director Mike Rogers; the admissions by the DOJ-NSD and FBI; and the fraudulent FISA court application (Carter Page) which lay at the heart of everything that took place within the spying and surveillance operation.

Everything that happened AFTER April 2017 in the spying and surveillance of the Trump campaign, happened downstream.  All activity, including the counterintelligence operation, the Steele Dossier, the need for Stefan Halper (agent provocateur), the FISA warrant on Carter Page, everything…. all of that action was downstream consequences from Mike Rogers building the FISA dam to shut down contractor use of the NSA and FBI databases.


  1. Jeff Carlson's article suggests to me that Russian Intelligence began to study the DNC server in July 2015 (fifteen) because it discovered that a Crowdstrike employee, enabled by an FBI contract, was using that server to search the NSA database for information about Republican candidates in the Presidential election race.

    In other words, Russian Intelligence was not interested primarily in information about Democrat or Republican politicians. Rather, Russian Intelligence was interested in the access through the DNC server into the NSA database.

    Carlson does not write this explanation explicitly, but I perceive that Carlson is developing that hypothesis. Read Carlson's article again with that perspective.

    If that hypothesis is correct, then I speculate further that Russian Intelligence has aggravated the e-mail controversy as a red herring to deflect attention from Russia's success in accessing the NSA database through the DNC server.

    I speculate even further that a few top members of the US Intelligence Community realized that Russian Intelligence had exploited thus the FBI's use of contractors to search the NSA database for information about Republican politicians. This would be the ultimate scandal for the FBI, which is determined to cover it up forever.

  2. Mike, I'm not ready to go there, for this reason. Your idea here posits that the FBI allowed contractors to utilize FBI identity to remotely access the NSA database, i.e., from DNC computers. I don't think the FBI would allow that but would require that the contractors do so from an FBI controlled SCIF. The FBI could claim that the use of contractors was legal, but they could never make that claim about the use of DNC computers.

    That said, I admit that Carlson appears to be saying that data moved from HSA databases through the FBI to the DNC, and Carlson does appear to suggest that this was a digital flow of data, i.e., not hand written notes. That's a big question for me: how did that occur? No wonder the DNC server was destroyed. I have to assume it was destroyed to conceal the fact that the data flow had in fact occurred, and the "replica" servers would not reflect that fact.

  3. Thank you for laying it all out in such clear fashion.... this is the most concise explanation I've read of what likely happened.

    Sadly, although a lot of what they did is 'dodgy' and borderline illegal, I think it will be hard to prosecute these people. I'm not a lawyer, but I'm curious; what are the major legal infractions here? It seems that the small group were careful enough to have 'legal' justification for each step they took to avoid blatant criminality. I think it's obvious they pushed the boundaries, but do you think anyone will be prosecuted here?

  4. Thanks for your critical response and for your link to the WND article.

    Your point about the contractors having to use a SCIF is compelling. Keep in mind, however, that some very capable person in the FBI was enabling the Democratic Party to search NSA databases for information about Republicans. Important security rules were being violated. The rule about using a SCIF is just another rule that can be violated.

    I doubt that Russian Intelligence thought that activities at the DNC were a high priority. Collection efforts have to be prioritized. Russia has to deal with many threats from terrorists and other violent people. In those circumstances, how much money, manpower and risk would Russian Intelligence invest in studying DNC politics?

    I think that Russian Intelligence was studying the DNC server only because of its potential access to the NSA database. I speculate that some free-lancing hackers discovered NSA data on that server and sold that insight to Russian Intelligence.

    Then Russian Intelligence managed to insert an application onto the DNC server, which systematically sent the server's data to Russian Intelligence.

    Those transmissions of data from the DNC server to Russian Intelligence might have come to the attention of NSA, which then figured out that the FBI's contractors were the key problem.

    The FBI's own concern -- like Russian Intelligence's concern -- about the DNC server seems excessive to me. The FBI has to investigate many problems that are obviously far more important than cyber-attacks on the DNC server. The FBI cannot investigate absolutely every problem in the USA. The FBI has to prioritize its resources and efforts. How did the DNC server rise very high on the FBI's list of priorities in early 2016? That DNC server is just one of hundreds of thousands of servers in the USA.

    This hypothetical situation explains to me why the DNC refused to give the server to the FBI and then even physically destroyed the server.

    This hypothetical situation explains to me also why the FBI has so stubbornly and persistently resisted an effective investigation of this scandal.

    I often have wondered:

    Why doesn't the FBI simply tell the whole story and get it over with?

    I speculate that the ultra secret that the FBI is trying to cover up forever is that Russian Intelligence was able to access the NSA database through the DNC because the FBI had enabled contractors to search the NSA database for information about Republicans for the DNC.

  5. Anon, thanks. I think the most likely prosecutions would involve false statements and misrepresentations, and would be focused on the FISA requests and the opening docs for investigations. For example, in re the Carter Page FISA request, it seems clear that they only way the FISA was obtained was by making assertions re Page while knowingly witholding from the FISC information that would contradict those assertions. A lot of the false statements would have taken place in the context of misleading investigators. You're right, I think, that these aren't necessarily easy cases to make. What could be crucial is the fact that Carter Page was a trusted source of the FBI, cooperating in a case against Russians in NY, up until Spring 2016. For the FBI to turn on a dime and claim that Page was a Russian spy but without informing anyone of his past cooperation will work heavily against them.

    Evidence in support of what I'm saying comes from the determination with which the FBI and DoJ are resisting efforts to release those docs to Congress. It's become at this point a rather desperate holding action, and I think the motives for the determination and desperation of the stonewalling are probably as much political as anything else.

  6. Mike, I can't speak to the technicalities of database access. However, your question "Why doesn't the FBI simply tell the whole story and get it over with?" is important. It seems clear that they're desperate to prevent the whole truth from coming out--so why the desperation. Anyone would want to know. If you or I took over an organization in the shape the FBI is right now, we would want to drain the Swamp ASAP so the organization could move on and recover its morale and credibility. Yet that is clearly not FBI Director Wray's point of view. Again, your question: Why?

  7. Yes . Definitely . But why not just tell the truth ? Because it is the rarest of human beings who will publicly admit to playing the fool . Whistleblowers lose all of their friends and all of their career enrichment . Do you truly see so much and so little at the same time time ? All connections point back to then-Pres. Obama . There is no way that his hands are clean . Here's a fun game to play : how many insiders are implicated in operation Crossfire Hurricane ? It might be easier to discover who is not implicated .Never mind what you can prove in a court of law ( for now ) , all of the insiders know that they are all guilty at various levels , and therefor all are required to cooperate with each other in the cover-up .Does anybody in D.C. really want to take down Obama ? All of former Pres. Obama's supporters know that the evidence trails lead to him . No-one in the Nixon White House was willing to sacrifice themselves for him because they expected him to protect them . Exactly the same with Obama . They all stand or fall together . They know that even if no-one else does .

  8. intercessor, in support of what you're saying I would cite the fact that we can trace the FBI's involvement all the way back to December, 2015. This indicates an intent to place a thumb on the electoral scale in one way or another, and acting on that intent indicates--to my way of thinking--that they were complying with requests/wishes that came from much higher up the Executive Branch ladder.

    As for the coup attempt after the election, my assumption is complicity among the Republican leaders. That's something we may never know the full details on, but I take it as a given.

  9. Question: After ODNI IG Charles McCullough announced TS level breach of info via HRC server (AND THUMB DRIVE) in Aug 15', a resultant CI referral was made to FBI. Later in Jan 16, IG updated the breach to include SAP level material. My understanding of such a breach, is that both #MidYearExam & #CrossFireHurricane "could" have been justified as a dual-track spillage mitigation operation, with MYE being the public face and CFH working covertly in background. MYE covered the 'domestic' side while CFH would have been a feverish investigation to find/verify what foreign elements had possibly gained the material. I don't know that this is necessarily 'more likely' than a more vanilla attempt by the FBI to tip domestic electoral scales; my argument is that this could give underlying plausible deniability or legal justification for actions we've witnessed thus far.

  10. Anon, the problem, of course, is that CFH never actually was an investigation of the Guccifer hack. There was a certain amount of basic investigation done of the hack, but since the FBI to this day has not got possession of the actual server, no true forensic exam was conducted. Copies aren't good enough.

    Re your point concerning "plausible deniability or legal justification," re CFH, I strongly believe that if the FBI had vigorously pursued the allegations that the Trump organization colluded in the hack, we'd have heard about whatever investigative steps were taken. OTOH, re "plausible deniability or legal justification," we have seen some attempts in that direction. The most obvious example is Clapper's claim that the use of informants targeting the Trump campaign (rather than affording the campaigna defensive briefing) was part of an effort to "protect" the Trump campaign. The fact that Clapper's trial balloon in that regard was so quickly laughed out of public consciousness is a pretty good indication that the FBI's activity was too unambiguously aggressive to be explained away in that manner.

    What interests me is that there has been no public mention of the opening of Preliminary Investigations (and possibly of at least one Full Investigation) before CFH. That would afford a type of "legal justification" in this sense: the actual investigative techniques used, as far as we know, were actually authorized for a PI. They could, then, simply say: Look, maybe you disagree with our assessment of the threat to national security, with how we went about "protecting" the Trump campaign from the Russians, but all our techniques (informants, National Security Letters, etc.) were perfectly legal--so go away. I believe that the reason this hasn't been raised as defense is that the obvious bias exhibited in the texts works so strongly against it. To raise that defense would make the texts even more pertinent than they already are and point directly at the improper political origin of the investigation.

    Thanks for raising these issues.

  11. Thanks for swift response and comments. Please ponder a few things...

    1) CRITICAL CLARIFICATION: I posit CFH would be a cover for the 811 investigation into spillage from the HRC server which contained verified SAP assets, not the DNC server. Please comment.

    2) Protecting "Trump" is laughable justification, but assessing/mitigating SAP spillage is not. However, its also not something that can be ADMITTED to, so we're offered laughable/improbable covers.

    (For the record, I still feel its overwhelmingly possible/probable for the entire debacle to be a vanilla 'political crime' for HRC, but I'm arguing Devil's Advocate here for a possible, hidden, legal justification into CFH)

    3) You mention its interesting that there's been no mention thus far of (likely) PI's that would have preceded CFH and provided legal justification. EXACTLY. That brings us full circle to point 1: an 811 was opened from the get-go. And if the spillage was SAP of an extreme variety, the 811 investigation would include fierce mitigation efforts, especially in the heat of a presidential election (HRC as POTUS potentially compromised).

  12. Anon, I understand what an 811 investigation (based on the Intelligence Authorization Act of 1995) is. However, I find wildly improbable the idea that Crossfire Hurricane would have been opened as "cover" for that investigation. Think about it. Covering for HRC's reckless handling of "SAP of an extreme variety" by smearing the other presidential candidate with leaks of another supposed investigation into Trump? That's arguably worse than what we have now. What could possibly be the legal justification for a "cover" investigation that was clearly used to attempt to tilt a presidential election through leaks?

    For my own information, could you please explain the term: "verified SAP assets".

    Also, how would you assess what's going on with the Awan investigation in light of what you're arguing here?

    Thanks, again.

  13. Anon, I should add that what we have here by your Devil's Advocacy is a "cover" investigation that has cost numerous high level civil servants their jobs and reputations. What kind of legal justification would allow that? Further, the internal communications we have seen--especially re briefings of Comey--strongly tend to confirm that Crossfire Hurricane is exactly what it appears to be. I also would argue that if this were a legitimate investigation into catastrophic spillage it would be hushed up and we would have no Congressional investigations--something like the Awan case.