The Intelligence Community Assessment on Russian Hacking

I’ve worked through the Steele dossier. Now I’ll look at the Intelligence Community Assessment (ICA), “Assessing Russian Activities and Intentions In Recent US Elections.” In the continuing and ever-changing story of the Donald Trump administration’s relations with Russia, I want to work through, carefully, what we know and don’t know. Far too much remains in the latter category to connect the dots.

The ICA covers similar territory to the Steele dossier. The question of Russian hacking of the election is of concern both to the funders of the Steele dossier and to American citizens generally. In addition, the Steele dossier was available to the authors of the ICA. Since the publication of the ICA, we have learned that the FBI wanted to pay Steele to continue his investigation for them.

An unclassified version of the ICA was released to the public on January 6, 2017, in response to direction by President Barack Obama on December 9, 2016. The cover letter is here, with a link to the report at the bottom.

The report begins with a caution that it contains much less than does the classified version. Next comes a discussion of how the intelligence community does analysis. This is important to read if you are not acquainted with intelligence analysis. That analysis combines and cross-checks sources of information of varying degrees of reliability. The information the intelligence community deals with is almost always uncertain; the community has devised standards for deciding how uncertain. Information on cyber activities can be even more uncertain than that from human sources, but the combination of several sources can be more powerful.

The report does not assess the effect of Russian hacking on the election.

The section on sourcing mentions sources that can be found publicly, like RT and other Russian media, but is silent on the other types of sources involved. It’s not a stretch to guess that they include human informants and interception of various types of electronic signals.



  • Putin ordered the campaign. (high confidence)
  • The goals were to undermine public faith in the US democratic process, denigrate Hillary Clinton, and harm her electability and potential presidency. (high confidence)
  • This campaign significantly escalated directness, level of activity, and scope of effort over earlier disinformation campaigns. (high confidence)
  • Putin and the Russian government developed a clear preference for Donald Trump. (high confidence)
  • Putin and the Russian government aspired to help Trump’s election chances when possible (CIA and FBI: high confidence; NSA: moderate confidence)
  • Moscow’s approach evolved over the course of the campaign; when Clinton’s chances seemed to improve, the Russian campaign focused more on undermining her.
  • Moscow used covert and overt activities in the campaign, including cyber activity, and efforts by Russian Government agencies, state-funded media, third-party intermediaries, and paid trolls.
  • Russia’s intelligence services conducted cyber operations against targets associated with the 2016 US presidential election, including targets associated with both major US political parties.
  • Russian military intelligence (General Staff Main Intelligence Directorate or GRU) used the Guccifer 2.0 persona and to release DNC emails obtained in cyber operations publicly and in exclusives to media outlets and relayed material to WikiLeaks. (high confidence)
  • Russian intelligence obtained and maintained access to elements of multiple US state or local electoral boards, although not to those involved in vote tallying.
  • Russia’s state-run propaganda machine contributed to the influence campaign by serving as a platform for Kremlin messaging to Russian and international audiences.
  • Moscow will apply lessons learned from this campaign aimed to future influence efforts worldwide, including against US allies and their election processes.
  • Confidence in judgments has increased since early November 2016.

The body of the report (pages 1-5) includes open-source information on which the conclusions seem to be based, although reasoning is not explicitly laid out. The information is woefully inadequate to the conclusions, as a number of commentators have pointed out.

Appendix A, which is two pages longer than the body of the report, goes into detail on the activities of the Russian state-run RT network that may have contributed to the Russian campaign. Annex B explains confidence levels. For high confidence, which several of the conclusions are labeled, “high-quality information from multiple sources” must support them. That implies much more supporting information than is presented in the report.


The Difficulty In Disclosure

The content of this assessment overlaps with the content of the Steele dossier. Since the FBI has had the Steele dossier in its possesssion since last summer, this is not surprising. However, since a number of points in the assessment are listed as being of high confidence, they must have been confirmed by other sources beyond those in the dossier.

Unfortunately, those sources are not included in the assessment. The reasons given are the usual ones of protecting the sources and methods involved in obtaining the information. Since the NSA was involved, we may assume that some of the confirming evidence was collected via electronic signals, but we don’t know whether that was from landline telephones, cell-phone towers, bugged rooms, emails, or some other means. There are likely additional human informants as well, and the FBI or CIA could have talked to the sources for the Steele dossier.

Judgments on removing material to declassify this report are difficult. I’ve often felt that too much is withheld, and the credibility of this report as it stands is thin. In this case, however, it appears that too much may have become available through the Steele dossier and the report. The sources in the Steele dossier can only be a limited number of people. The Russians also have information that may point to their identities that we aren’t aware of. Putting the two together can identify the informants. Numerous Russians have recently been arrested or have mysteriously died. We don’t know the reasons, but one possibility is that they were identified as informants or otherwise contributed to the operation and are being silenced.


Comey Meets With Congress

In conjunction with the rollout of the report, FBI Director James Comey met with members of Congress to discuss the full, classified report. That meeting went badly. Apparently Democratic members felt that Comey had applied a different standard in disclosing the possibility of new Clinton emails before the election and keeping information included in the report on Russian hacking and potential connections with the Trump campaign. At least two members of Congress, Ted Lieu and John Lewis, questioned Trump’s legitimacy as president.

Nothing has been disclosed about the classified part of the meeting, so it is impossible to assess whether the uproar and statements of no confidence are based on material we have not seen or is primarily partisan. Comey has had additional meetings with the Senate Intelligence Committee on the investigations since then and implications that he is withholding information have come out of those meetings. Another possibility is that Comey felt he was limited by investigations in progress.

In both Comey’s interactions with Congress and the reception of the assessment by the public, the extent of disclosure is an issue. Credibility demands disclosure, but continuing investigations and safety of sources argue against disclosure. Unusually for Congress, there have been no significant leaks from the meetings with Comey.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s