As the arrested guardsman awaits trial, let’s talk about what happened, the info he leaked and how the Department of Defense is reacting to the ‘Pentagon Leaks’.
As you already know by now, leaked top secret documents went viral on the web this month, after a young airman has posted them online since the beginning of the year. The documents, which include multiple intelligence briefings about the Ukraine-Russia war, immediately prompted an investigation after the alarm was raised and the Pentagon went in emergency mode.
On Apr. 13, 2023, the Federal Bureau of Investigation arrested Airman First Class Jack Teixeira, a cyber-security specialist in the Massachusetts Air National Guard, as part of the investigation into unauthorized removal, retention and transmission of classified national defense information. The airman had security clearance for one of the highest levels of classification, “top secret/sensitive compartmented information” (TS/SCI), and has now been charged under the Espionage Act.
Teixeira started leaking classified documents on Discord, a popular gaming and messaging platform, as early as January 2023, first as text and later as photos, fearing he would be discovered making transcriptions while at work. Documents were reposted on various Discord groups, before making their way to 4chan, Telegram and Twitter. The Washington Post says over 300 documents might have been leaked.
The disclosure of these classified documents represents “a very serious risk to national security and has the potential to fuel disinformation,” said a Pentagon spokesperson. “We are continuing to investigate how this happened, as well as the extent of the problem. Steps have been taken to further analyze how this type of information was distributed and to whom.”
However, the leak might have been just the beginning of Teixeira plans. In fact, reviewing his social media activity, prosecutors found that Teixeira said in some posts he would “kill a (expletive) ton of people” if he had his way, because it would be “culling the weak minded.” He also had access to an “arsenal” of weapons and accessories – including handguns, bolt-action rifles, shotguns, an AK-style high-capacity weapon, a gas mask, ammunition, tactical pouches, and a “silencer-style accessory” – all of which he kept in his bedroom.
The documents presented to the court to keep Teixeira in custody detailed a troubling history going back to high school, where he was suspended after a classmate overheard him discussing Molotov cocktails and other weapons as well as racial threats. More recently, he used his government computer to research past mass shootings and standoffs with federal agents, with the search queries including “Las Vegas shooting”, “Buffalo tops shooting” and “Uvalde”.
A federal judge delayed the decision on where Teixeira should remain until trial, but remained skeptical of arguments made by Teixeira’s defense team that he should be released. His release, according to the Department of Justice, would present a grave threat to national security, as he may still have access to secret information, and he also remains a flight risk.
“There simply is no condition or combination of conditions that can ensure the Defendant will not further disclose additional information still in his knowledge or possession,” prosecutors wrote. “The damage the Defendant has already caused to the U.S. national security is immense. The damage the Defendant is still capable of causing is extraordinary.”
In the meanwhile, the U.S. Air Force also took steps to control the damages, suspending the commander of Teixeira’s unit, the 102nd Intelligence Support Squadron, and another detachment commander in charge of the support duties. The Department of the Air Force has also revoked their access to classified networks and information.
This case has already been called the most serious U.S. security breach since WikiLeaks in 2010. But what do we know about these documents? A large part of these documents are detailed intelligence briefings about the Russia-Ukraine war, but there are also documents with intelligence about China and Iran, as well as eavesdropping info about allies.
Some of the leaked documents appear to be doctored, but the Pentagon has not verified any of the information contained in them, describing the documents as still classified. “Just because classified information may be posted online or elsewhere does not mean it has been declassified by a classification authority,” said Pentagon press secretary Brigadier General Pat Ryder. “We’re just not going to discuss or confirm classified information due to the potential impact on national security.”
A number of daily intelligence briefings about the war detail losses and positions of the units in combat, exposing the methods used for intelligence gathering. One of the documents mentions the assessments come from a combination of imagery, OPIR (Overhead Persistent InfraRed), SIGINT (SIGnal INTelligence) and Ukrainian and other foreign sources, the latter served up by the U.S. European Command Ukraine Coordination Cell.
While there are still limitations to the usefulness of some of the info in the documents, the detailed description of the intelligence gathering methods, as well as the presence of imagery and OPIR maps, might expose the capabilities of the sensors and equipment used. This, in turn, could even lead to the implementation of countermeasures in order to limit the effectiveness of these intelligence gathering methods.
Anyway, back to the documents, the daily briefings provide snapshots from the main battlefields, detailing the numbers and composition of defending and attacking forces. The documents show that the Russian forces, while in some areas they largely outnumber the Ukrainian forces (up to a 7 to 1 factor), are advancing very slowly, at a pace of less than 3 km a month. As a matter of fact, the intelligence assesses that Russia settled into an attrition campaign, with the Ukrainian defense facing daily artillery fires, airstrikes, and repeated multi-pronged, small-unit ground assaults.
Another daily briefing details the losses of both countries, with up to 43,000 Russians and 17,500 Ukrainians killed in action. Adding the wounded, these numbers rise to 223,000 and 131,000, respectively. Equipment wise, Russia lost about 75% of its deployed artillery systems, while Ukraine lost about 10% of them.
Losses are also described for the aviation components of both countries. One of the documents estimated that Russia has lost 72 aircraft and 82 helicopters, while Ukraine has lost 60 aircraft and 32 helicopters. While the numbers are lower for Ukraine, Ukrainian losses are higher if we consider them relative to their inventory.
Before the war started, Russia had more than 1,500 aircraft and 1,500 helicopters, so their losses would amount to just 4% of the aircraft and 5% of the helicopter fleets. On the other side, Ukraine had, before the war, about 110 aircraft and 110 helicopters, so their losses are more significant, amounting to 53% of the aircraft and 28% of the helicopters.
Some of the daily briefings also detailed sabotage operations. Among those there is the attack against a Russian Beriev A-50U Mainstay airborne early warning & control aircraft at Machulishchy Airbase, Belarus. The aircraft was damaged in a drone attack at the base near Minsk, which was claimed by the Belarusian partisan group, BYPOL.
The same documents also detailed allied Intelligence, Surveillance and Reconnaissance efforts over Poland, Romania and the Black Sea, with the daily flights of the USAF and RAF RC-135 Rivet Joint SIGINT aircraft, the USAF E-8 JSTARS, the US Army ARTEMIS jet, U-2s and MQ-9s. These flights complement the daily 110 missions of NATO fighter jets defending the Eastern flank.
Another file adds further details about the ISR missions, with an unexpected “guest”. The document, in fact, says the US and NATO flown 16 manned and 73 unmanned reconnaissance flights over the Black Sea in a 150-day timeframe since September, including nine flights of the RQ-170 Sentinel. The presence of the stealthy UAV in Europe has never been acknowledged, as the aircraft is still surrounded by secrecy 15 years after its existence was confirmed by officials.
The role of the Sentinel is not known, however its low observability and high altitude make it perfect for missions closer to the contested airspace over Crimea and Ukraine. Since the UAV has a supposed autonomy of 5-6 hours, it is possible that its missions were launched from one of the US UAV bases in Europe, like the ones in Poland, Romania, Greece and possibly Turkey.
The same document also mentions for the first time the use of French Mirage 2000D fighters for reconnaissance missions in the area, possibly with the use of the ASTAC SIGINT pod, which were flown under national authority. A map included in the briefing showed sample routes for the RQ-4 (both USAF and NATO), Mirage 2000, RC-135, but not the ones of the MQ-9 and RQ-170.
An interesting piece of info is the presence of a “SECDEF [Secretary of Defense] directed standoff” distance which separates the ISR routes from Crimea. It is possible that this distance is a consequence of the near-shoot down of a RAF RC-135 in September 2022. One of the documents further detailed this episode, disclosing for the first time that the Rivet Joint was indeed about to be shot down if the missile hadn’t malfunctioned after a Su-27 pilot reportedly misinterpreted a radio message.
From September to February, the briefing reports that Russia reacted to five reconnaissance missions, but without consequences. However, in March Russia reacted to another ISR flight, resulting in the loss of a MQ-9 Reaper after a Su-27 collided with it during an “unsafe and unprofessional” intercept targeting the drone as it was operating in international airspace.