The game to unmask Primoris Era was afoot.
In 2010, Thomas Ryan of Provide Security, LLC, launched a project to investigate just how deeply a constructed personality on the Internet could penetrate the secrecy apparatus. He created what he described as a “blatantly false identity” and joined Twitter, Facebook, and LinkedIn (a social network for industry professionals).5 He chose as his avatar a striking young woman of vaguely Asian descent. He gave her ten years of experience as a cyber-security professional—which would have meant she entered the field at the age of fifteen. She was an MIT graduate, and her “present” job title was cyber-threat analyst for the Naval Network Warfare Command (a job that does not exist). He even named her Robin Sage.
The U.S. Army Special Forces training pipeline can last up to two years depending on a soldier’s specialty, but every would-be Green Beret ends his training at the John F. Kennedy Special Warfare Center located at Fort Bragg, North Carolina. There, salty candidates are sent to the “People’s Republic of Pineland” to engage in Robin Sage, a notoriously challenging three-week field exercise that puts years of Special Forces training to the test. Robin Sage is not a secret, and anyone with passing knowledge of special operations forces—certainly those in high-profile positions at the Department of Defense—would have heard the phrase a thousand times.
In the case of newly minted “Robin Sage,” the counterintelligence red flags were everywhere. A possibly foreign female easy on the eyes with a fictitious job. An inexplicable résumé. An obvious pseudonym. An invented degree. According to Thomas Ryan’s findings, presented in a paper titled “Getting in Bed with Robin Sage”:
By the end of this experiment, Robin finished the month having accumulated hundreds of connections through various social networking sites. Contacts included executives at government entities such as the [National Security Agency], [Department of Defense] and Military Intelligence groups. Other friends came from Global 500 corporations. Throughout the experiment Robin was offered gifts, government and corporate jobs, and options to speak at a variety of security conferences.6
It should be noted that not everyone fell for Robin Sage’s electronic charms, and those who discovered her false identity did so by means available in the public domain. One industry professional asked a friend at MIT to look her up. No such person existed. One security specialist researched her National Security Agency Information Security Assessment Methodology credentials. (A listing of every NSA ISAM graduate is available to anyone.) But males dominate the national security industry, which “allows women to be a commodity in more ways than one.”7
After Robin established a baseline of industry professionals, she grew her sphere of influence based on virtual association. Wrote one suitor, “I’ve never met you, but I saw you had Marty on your Facebook list, so that was good enough for me.”8 Her looks helped broaden her connections. Among the many photos she posted to Facebook was “one of her at a party posing in thigh-high knee socks and a skull-and-crossbones bikini captioned, ‘doing what I do best.’”9 Her job title suggested a Top Secret/Sensitive Compartmented Information security clearance, and thus enhanced her reputation. Government and industry leaders solicited her advice. “If the creator behind Robin had intentions other than to perform a social experiment, he would have had means to mislead experts in their studies and even steal their research.”10
The similarities to the case of Primoris Era are striking. When Shawn Gorman first appeared on Twitter, she actively courted the friendship and confidence of national security policy wonks, journalists, and subject matter experts in the defense sector, many of whom work for the government and hold security clearances. Her reach extended even to Admiral James Stavridis, the Supreme Allied Commander of NATO.
Gorman, the “Doyenne of Air, Space, and Missile Defense,” offered commentary and Internet links on the subject with clockwork regularity.11 She debated experts on the START treaty, which concerns nuclear arms reductions between the United States and Russia (she spoke in vehement opposition), and flirted audaciously with many of her male audience. In both public and private, she reached out to journalists on the national security beat, occasionally responding to questions about technical issues in missile defense.
Before the incident with Frostina, several online followers noted what appeared to be inconsistencies in Gorman’s career and life story. Her family lived in North Carolina—or maybe Hawaii. She was deployed overseas—or operated strictly in the Washington, D.C., area. She lived in Alexandria, but never appeared at the many informal national security happy hours put together by defense industry associates. (It was, in fact, at one of those drinking sessions in early April 2011 that doubts about her true identity first surfaced.)
When Frostina confronted Gorman, Gorman allegedly responded with a physical threat, and then deleted it. (According to one person who read the exchange in real time, the Primoris Era account suggested that Frostina was putting herself in peril, as Primoris Era knew the “right people.” Gorman denies this.)
Frostina was indignant. “Seriously, you threatened me & then deleted it? At least I have the fucking balls to call you a sociopath to your face.” She continued, “Your feed is riddled with lies about yourself & I can assure you sooner or later the house of cards will fall. You know the right people?? Ha, let me walked [sic] down to their offices & asked [sic] about you. They’ll return blank stares.”
Then came the bombshell from Frostina to the bombshell Primoris Era. “Just to be clear, I have intel that Primoris Era is a Honey Pot & if you’re in my field you know what that means.”
Frostina’s purported proof stemmed from the Pentagon’s master e-mail list. She allegedly checked the name Shawna Elizabeth Gorman against the database. There were no matches. The analyst concluded that Primoris Era was not who she said she was, and notified Frostina’s superiors. Hours later, Frostina wrote on Twitter, “I have been informed that Primoris Era is asking people for programs to delete mass amounts of tweets. It’s not real don’t follow/engage.”
Sam LaGrone, a journalist for Jane’s Defense Weekly, investigated the back-and-forth and reported back to Twitter “after couple hours of digging [Primoris Era]. The woman’s name attached to account has no record of being current [Department of Defense] employee.”
Internet shorthand might seem to paint the dispute as a schoolyard fight. (Its prose certainly isn’t Shakespearean.) But the consequences of an online spy, highly skilled in the art of social engineering and reaching the highest levels of the intelligence community, could prove to be catastrophic. It sounds like hyperbole, but our troops have already learned this lesson in Iraq and Afghanistan.
Mark Zuckerberg runs a giant spy machine in Palo Alto, California. He wasn’t the first to build one, but his was the best, and every day hundreds of thousands of people upload the most intimate details of their lives to the Internet. The real coup wasn’t hoodwinking the public into revealing their thoughts, closest associates, and exact geographic coordinates at any given time. Rather, it was getting the public to volunteer that information. Then he turned off the privacy settings.
“People have really gotten comfortable not only sharing more information and different kinds, but more openly and with more people,” said Zuckerberg after moving 350 million people into a glass privacy ghetto. “That social norm is just something that has evolved over time.”12
If the state had organized such an information drive, protestors would have burned down the White House. But the state is the natural beneficiary of this new “social norm.” Today, that information is regularly used in court proceedings and law enforcement. There is no need for warrants or subpoenas. Judges need not be consulted. The Fourth Amendment does not come into play. Intelligence agencies don’t have to worry about violating laws protecting the citizenry from wiretapping and information gathering. Sharing information “more openly” and with “more people” is a step backward in civil liberties. And spies, whether foreign or domestic, are “more peopl
e,” too.
Julian Assange, founder of WikiLeaks, knows better than anyone how to exploit holes in the secrecy apparatus to the detriment of American security. His raison d’être is to blast down the walls protecting state secrets and annihilate the implicit bargain, yet even he is frightened by the brazenness of Facebook and other such social networking sites:
Here we have the world’s most comprehensive database about people, their relationships, their names, their addresses, their locations and the communications with each other, their relatives, all sitting within the United States, all accessible to U.S. intelligence. Facebook, Google, Yahoo—all these major U.S. organizations have built-in interfaces for U.S. intelligence. It’s not a matter of serving a subpoena. They have an interface that they have developed for U.S. intelligence to use.13
It’s all there, and the Internet never forgets. But even if the impossible happened and the Internet did somehow develop selective amnesia, in the case of microblogging service Twitter, the Library of Congress has acquired every message ever posted by its two hundred million members.14 As Jeffrey Rosen wrote in the New York Times:
We’ve known for years that the Web allows for unprecedented voyeurism, exhibitionism and inadvertent indiscretion, but we are only beginning to understand the costs of an age in which so much of what we say, and of what others say about us, goes into our permanent—and public—digital files. The fact that the Internet never seems to forget is threatening, at an almost existential level, our ability to control our identities; to preserve the option of reinventing ourselves and starting anew; to overcome our checkered pasts.15
The U.S. government isn’t the only institution to notice. Early in the military campaigns in Afghanistan and Iraq, soldiers of the social networking generation uploaded to their MySpace profiles pictures of camp life in the war zone. Innocuous photographs of troops horsing around in front of tent cities, bunkers, outposts, motor pools, and operations centers circulated freely on what was then described as “A place for friends.”
The U.S. military soon realized that foreign intelligence services, sympathetic to America’s enemies and savvy to the social revolution, could collect these photographs by the thousands and build detailed, full-color maps of American military bases. During the Cold War, this would have required the insertion of first-rate spies, briefcases filled with cash, and elaborate blackmail schemes. In the age of radical transparency, all it would take is a free MySpace account to know exactly where to fire the mortar rounds to inflict maximum damage on the United States. The Marine Corps confirmed this in a 2009 directive. “These Internet sites in general are a proven haven for malicious actors and content and are particularly high risk due to information exposure, user generated content and targeting by adversaries.” The directive continued, “The very nature of [social networking sites] creates a larger attack and exploitation window, exposes unnecessary information to adversaries and provides an easy conduit for information leakage,” putting operational security, communications security, and U.S. military personnel “at an elevated risk of compromise.”16
This type of clever thinking on the part of America’s enemies is not unique to this conflict. During the run-up to the Gulf War, foreign intelligence services had a pretty good idea that the U.S. war machine was preparing for its most substantial engagement since Vietnam. The U.S. military recognized a new kind of threat—one that didn’t require foreign intelligence to insert an agent onto every base in the Republic. Open source information could be just as dangerous. Spikes in late-night orders from pizzerias near key military bases and an exceptionally busy parking lot at the Pentagon could tell hostile powers everything they needed to know.
In determining what should remain secret and what should not, the military—like each component of the American secrecy apparatus—is good at overreaction. The default answer: more secrets. To counter the MySpace problem, they banned blogs and social networks. This benefited base security but killed morale at home. No longer could parents see their young sons and daughters safe—and even happy—in the war zone. All that remained were breathless reports of intense combat on the cable news networks. And while the average supply clerk is probably safer in Baghdad than in Detroit, every parent and spouse saw the same thing: a son or daughter in a flag-draped casket. (In 2010, the Department of Defense revised and consolidated its ad hoc policy on social media.17 On its official website it declared, “Service members and [Department of Defense] employees are welcome and encouraged to use new media to communicate with family and friends—at home stations or deployed,” but warned, “it’s important to do it safely.”)18
Primoris Era was no honeypot, however. She did not obtain secrets about technical capabilities or troop movements. But she was a spy.
She was a serving member of the National Clandestine Service of the CIA. She joined Twitter while confined to a hospital in Germany, having had her legs nearly blown off by a vehicle-borne improvised explosive device in Gaza. When her identity was questioned, someone from the front company that the CIA was using to protect her identity tried to change her Wikipedia page. The Internet service provider of the editor was easily traced back to Dynetics, a small missile defense company based in Huntsville, Alabama. The company later provided the following statement for this book, which just about says it all:
Dynetics would like to assure you that the company has had no involvement with the Twitter or other social media activities associated with Ms. Gorman that constituted the subject of your inquiry. While Ms. Gorman was an employee of Dynetics until the beginning of May, 2011, any Twitter, Facebook, or other social media activities were not a part of her work for Dynetics, and Dynetics did not authorize or have knowledge of such activities. Moreover, any social media activities, including social media updates to accounts associated with Ms. Gorman, were not done by Dynetics or authorized by Dynetics. Finally, Ms. Gorman’s work at Dynetics had nothing to do with secret cover operations for intelligence agencies. While Dynetics doubts that any of the social media activities were more than a fantasy social media image, if there were any activities performed by Ms. Gorman, or others, in the realm of intelligence operations, Dynetics had no knowledge, did not authorize, and had no involvement in such activities.
Gorman denied the allegations leveled against her. “I have NEVER threatened her and I have NEVER given out classified or sensitive information nor have I EVER asked for it,” she wrote (emphasis hers).19 She added that her superiors were conducting an investigation into the incident and that she had been asked not to respond further.
The U.S. government “gave me a burn notice a week after that came out,” she wrote. That meant, in essence, that she was unemployable. No one would hire someone who had been fired conspicuously. In the closed-off world of covert operations and secret contractors, a burn notice is equivalent to being declared persona non grata. However, within six months, she thought she would be back in a big way. She had been a superstar in the National Clandestine Service, and the intelligence community ignored her burn notice. General David Petraeus, shortly after the start of his (brief) tenure as director of the CIA, wanted to bring her on as a special assistant. That’s where she ran into a different problem associated with disclosure: because her nonclassified posts to Twitter concerning missile defense and Obama administration policy were often critical, she had acquired some new enemies inside the administration, possibly (though we could not confirm this) even on the National Security Council.∗
For months, Gorman languished in sort of a nether land. The CIA suddenly decided that Gorman was still “too hot” to bring on. Gorman couldn’t get a job anywhere else because she had no unclassified resume. She couldn’t provide a reporter with basic information like what CIA class she graduated from or whom she’d been deployed with. She refused to say who paid for her physical therapy and where she went for it. (We learned independently that the government is paying for her rehabilitation and that she travels to a health facility operated by the militar
y in Maryland.) Her tormenters on the web continued to taunt her. Even though she was a U.S. citizen capable of exercising her liberties, finding a job, and searching for meaning in her life—she was a ghost.
To protect American forces in the field and what will invariably find its way to daylight, a philosophical shift will be required. Orange-bordered cover sheets for Top Secret material are no longer enough. Their quantity has diminished their power. Security clearances—no challenge to obtain—should no longer be sufficient grounds for access to computers with classified material. And to a large extent, military and intelligence personnel will need to police themselves. Presently, it is demonstratively easier to find the location of CIA safe houses in the deserts of Iraq than it is to learn the features of the next Apple iPhone.20 The information age is in its early days yet, and as demonstrated by the explosive popularity of social media, the public mindset is (for now, anyway) reoriented away from privacy and toward a sense of openness. Certainly some percentage of the 2.4 million people holding security clearances is part of that new way of thinking.
However, Bradley Manning was not driven by a would-be Primoris Era or a Robin Sage. What he did was intentional and systematic, and could only happen by way of the Internet. As information technology moves faster, packaged in smaller devices, it’s only going to get easier from here to do exactly what Manning did, again and again. The bar for “need to know” must be elevated. Only a few people need to know a great many things.
∗Obama renamed his National Security Council the “National Security Staff,” but the former term is still vernacularly in use and is one we think our readers will be more familiar with.
Notes
1. U.S. Office of Personnel Management, Questionnaire for National Security Positions (Standard Form 86), December 2010.
Deep State Page 4