You are using an outdated browser.
Please upgrade your browser
and improve your visit to our site.
Skip Navigation

Has the U.S. Lost Track of the Spies in Our Midst?

In an era of hacks and breaches, the game of spy vs. spy has changed.

Richard Helms, who ran the Central Intelligence Agency under Presidents Johnson and Nixon, and remained the gray eminence of American spies until his death in 2002, offered a pithy piece of advice to his successors: “Never go home at night without wondering where the mole is.” This warning is the heart of counterintelligence, broadly defined as protecting the nation’s secrets and intelligence officers from betrayal, exposing enemy spies and double agents, and guarding against subterfuges aimed at deceiving and damaging the United States. “The business,” wrote Helms’s biographer, Thomas Powers, “is a Dantean hell with ninety-nine circles,” and it demands rare qualities, among them “a prodigious memory, patience, great psychological sensitivity, and the capacity to live with uncertainty forever.” Counterintelligence cases can go on for many years, haunted by unresolved suspicions and false leads. The work is not for the faint of heart.

During the first 25 years of the Cold War, U.S. counterintelligence was in the hands of two men: the FBI’s J. Edgar Hoover and the CIA’s James J. Angleton. Hoover was slow to see that the Kremlin’s spies had run rampant in the United States since the early 1930s. By World War II, they had infiltrated the State Department, the Justice Department, the Treasury Department, the OSS (the CIA’s predecessor), and the Manhattan Project to build the atomic bomb; Representative Samuel Dickstein, who represented the Lower East Side for 22 years, served the Kremlin as a paid agent in Congress from 1937 to 1940, informing on anti-communist and pro-fascist Americans for the Soviet Embassy. After the war, the FBI picked up the scent of Soviet spies in the United States. By 1951, with the Red Scare in full roar after the convictions of the atomic spies and leaders of the Communist Party of the United States, whose underground had supported the Kremlin’s agents, the Soviets laid low. But not for long.

Spyfail: Foreign Spies, Moles, Saboteurs, and the Collapse of America’s Counterintelligence
by James Bamford
Twelve, 496 pp., $32.00

Angleton became the CIA’s counterintelligence chief in 1954. For the next 20 years, he dominated his field throughout the free world. He was secretive and suspicious and, as he grew older, paranoid and alcoholic. An official CIA historian, David Robarge, wrote that Angleton enveloped himself “in an aura of mystery, hinting at knowledge of dark secrets and hidden intrigues too sensitive to share.” He thought the Kremlin commanded a company of moles within the CIA, and that every Soviet defector after 1961 was a double agent. The main purpose of this monstrous, though imaginary, plot was to seduce American presidents into the delusions of détente. Angleton tore the CIA apart in a futile hunt for Soviet moles, ruining loyal men. He missed the fact that the Chinese, Cubans, Czechs, and East Germans either had recruited agents in the CIA or doubled all the spies the agency thought it was running against them.

U.S. counterintelligence depends in great part on cooperation between the CIA and the FBI, though the two are often at loggerheads. Their cultures clash; the bureau’s agents are cops and the agency’s spies are robbers. The trust between Hoover and Angleton glued them together despite this friction. But Hoover died in 1972, Angleton was fired two years later, and counterintelligence fell into chaos. By the 1980s, spies working for the Soviets, the Chinese, and the Israelis had burrowed into the CIA, the FBI, the National Security Agency, and Navy intelligence. Some were caught, but others went undetected: The CIA’s Aldrich Ames and the FBI’s Robert Hanssen were busy selling out almost every Russian agent working for the United States. Ames spied for nine solid years, Hanssen off and on for 22; they were arrested, respectively, in 1994 and 2001.

Then the internet shifted the field of battle into cyberspace. In 2014, China stole the files of more than 22 million Americans, including the security-clearance files of everyone in the intelligence establishment. That same year, Russia started running web-based political warfare aimed at monkey-wrenching the 2016 presidential election, intending to sabotage Hillary Clinton and help elect Donald Trump. They succeeded.

Still, the ancient war of spy vs. spy rages on. The FBI now opens a new counterintelligence case against Chinese spies and agents every 10 hours. In October, the CIA’s assistant director for counterintelligence sent an alert throughout the agency noting that, in recent years, dozens of recruited informants in China, Iran, Pakistan, and other hostile nations have been compromised and turned against the United States as double agents, or arrested, tortured, and killed. And in January, Charles McGonigal, who was in charge of counterintelligence at the FBI’s New York office from 2016 to 2018, was indicted for aiding the Russian oligarch Oleg Deripaska, a close ally of Vladimir Putin, over the course of several years. The case has cataclysmic implications; the charges represent the worst breach at the bureau in the last 20 years.

All this suggests several ground truths. First is the actuarial certainty that, at this moment, the U.S. government is penetrated by spies, foreign and domestic, as has been the case for nearly a century. Second, if counterintelligence officers aren’t finding those spies, they have failed. Third, when they do catch them, the public perception is that they’ve failed again, by not detecting them for years on end. Spy-catchers are thus damned if they do and damned if they don’t, and one may sympathize if they drink too much or doubt if God is just. The awful truth is that no outsider—and no insider, for that matter—can say for sure whether U.S. counterintelligence is better or worse than it was two, four, or eight decades ago, because no one knows if there are two, 20, or 200 moles burrowing into our body politic at this moment.

Despite the rich history of U.S. counterintelligence, precious few great books on the subject exist. Few reporters cover U.S. espionage, and fewer practitioners publish their secrets. I’ve written about spies and counterspies for many years, and I’m still at it, always thrilled to read anything that might illuminate this dark world. So I turned with great anticipation to James Bamford’s Spyfail: Foreign Spies, Moles, Saboteurs, and the Collapse of America’s Counterintelligence. Bamford is eminently qualified to cover this tricky terrain. He’s written a terrific trilogy about the NSA in the past four decades, he was a prescient skeptic of America’s false pretexts for the invasion and occupation of Iraq, and his journalism over the years has been intrepid and thoughtful.

Spyfail, which covers the years since the run-up to the 2016 election, contends on its first page that the nation’s counterintelligence crumbled under the Obama and Trump administrations due to “dangerous incompetence and vast politicization.” Then Bamford explains that he has set much of the book in Hollywood, allowing him “to combine the glitz and glamour of the movie world with the intrigue and mystery of the spy world.” If that sounds to you like a screenwriter’s elevator pitch for a big-budget thriller, you’re on to something.

The ricocheting narrative starts with North Korea’s cyberattack on Sony Pictures, an act of vengeance for the misbegotten 2014 comedy The Interview, in which Seth Rogen and James Franco are recruited by the CIA to assassinate Kim Jong Un. The hack unloosed some pungent emails; we look over the shoulders of bickering Sony executives as they head to a party at the Malibu mansion of the billionaire film mogul Arnon Milchan, a producer of JFK and the unofficial Israeli consul general in Hollywood. We meet Milchan—whose well-publicized backstory includes his work as an Israeli agent who prospered mightily as an arms procurer, pilferer of nuclear weapons technology, and propagandist—as he greets the guest of honor at his star-studded shindig. It’s Benjamin Netanyahu, who has been hard at work building a covert search-and-destroy mission against Americans who support the Boycott, Divestment, and Sanctions movement.

The sordid machinations of this underground network are a major theme of the book. As it develops, Milchan is showering Bibi with an unlimited supply of $60 Cuban cigars and champagne in return for fixing problems with his U.S. visa—problems resulting from his public admissions, made on camera in 2013, of his past as an Israeli arms merchant. His gifts, or bribes, are at the heart of one of the three public-corruption cases for which Netanyahu was indicted in 2019 and is still, interminably, on trial as he serves, once again, as prime minister.

At this point—on page 259 of Spyfail—I paused, wondering how I got here, and how any of what I’d read related to counterintelligence. Bamford argues convincingly that the Bush 43 administration quashed the FBI’s espionage investigation of Milchan because he was Bibi’s boychik, and that the U.S. government in its majesty quails at the wealth and influence of the Israeli lobby, despite the fact that its agents are conducting covert political warfare against Americans. The latter argument would make a good book, albeit a different book. These stories are in great part about political corruption and its effect on foreign policy; they have little to do with Bamford’s intent to reveal the rottenness of U.S. counterintelligence under Obama and Trump.

Searching for a thread, I went back to page one, starting over with the North Koreans. The hermit kingdom is in essence a criminal conspiracy, engaging in drug smuggling, counterfeiting, and cybercrimes to stay afloat. The North Koreans are good at computer hacking; the primary defense against that threat is cybersecurity, which is a different challenge than counterintelligence. Bamford, while cutting in and out of the lives of Hollywood’s panjandrums, takes us to Pyongyang, where Kim’s minions are stealing money and cryptocurrency while wreaking havoc on computer systems around the world. The robberies help finance North Korea’s nuclear weapons program. How did the North Koreans come by their hacking acumen? Was it homegrown or stolen from U.S. spy services? Bamford, with his deep understanding of the NSA’s capabilities, is on to a great story here, albeit an oft-told story that, like so many counterintelligence cases, has no conclusion.

Was a binge-drinking and mentally ill NSA employee and contractor named Hal Martin the culprit? He’d been stealing and hoarding 50 terabytes of secrets, the equivalent of a half-billion pages, stashing the files in his backyard garden shed for many years. From 2012 to 2015, Martin worked at the NSA’s Office of Tailored Access Operations, which plants malware and hacking tools in the computer systems of foreign nations. Though he was sentenced to nine years, the FBI and the NSA never had a shred of evidence that Martin was anything but a compulsive hoarder; he hadn’t acted as a spy or an agent of a hostile power.

Then a dark entity calling itself the Shadow Brokers came onto the scene in August 2016—just as the Russian monkey-wrenching of the presidential election gathered full force. The Shadow Brokers published top-secret NSA codes created by the Tailored Access Operations group, and offered more for sale. These cyberweapons dated to 2013—before the NSA instituted tighter, post–Edward Snowden security measures. Nonetheless, the Shadow Brokers had purloined the capability to penetrate top-secret servers around the world. (Eight months later came the Vault 7 theft, a devastating ransacking of the CIA’s tools for hacking computers, smartphones, tablets, televisions, or anything else connected to the internet. The thief was a young CIA engineer and child-pornography enthusiast named Joshua Schulte; WikiLeaks fenced his stolen goods. Bamford doesn’t mention the case.)

Only one known link connects the Shadow Brokers to the North Koreans, though others may exist: a ransomware virus called WannaCry, propagated by an NSA exploit called EternalBlue, stolen roughly four years before the Shadow Brokers unveiled it in public in April 2017. (WannaCry was the malware used by Kim’s hackers in the Sony attack and ransomware assaults on hundreds of thousands of computers in 150 countries.) Later in 2017, the NSA and CIA began negotiating with Russian intermediaries for the return of some of what the Shadow Brokers stole.

But who or what was the Shadow Brokers? “I don’t know if anybody knows other than the Russians,” veteran NSA computer scientist Dave Aitel told the press. “And we don’t even know if it’s the Russians.” But Bamford has a spectacular hypothesis. He proposes that the Shadow Brokers is not a Russian intelligence front, as some cybersecurity experts suspect, nor a group of hackers, but a nom de guerre for one guy: specifically, an American in his late twenties, who served in the military, was assigned to a cryptologic unit, and joined the NSA’s Tailored Access Operations team, where he served as a white-hat hacker until he quit in 2013—and then became an avid Trump supporter. “In fact,” he writes, “it is highly likely the Shadow Broker was among those who stormed the Capitol” on January 6, 2021. Quite a hunch there. If there’s evidence to support that last conclusion, it’s not in Bamford’s endnotes. He averts the reader’s gaze from the malign influence of Russia intelligence and directs it to the deep fissures in U.S. politics, and not for the last time.

The final section of Spyfail is called “The Fearmongers”; Bamford counts among them Barack Obama’s spy chiefs John Brennan and James Clapper, who as CIA director and national intelligence czar reached the conclusion that the Kremlin helped Trump win the White House, and briefed the president-elect to that effect on January 6, 2017. Once Trump was in office and they were out, he writes, they were “hungry to hype the threat of Russian espionage for six-figure paydays” from MSNBC and CNN. In Bamford’s eyes, much if not all the Russiagate story was a put-up job by spooks, journos, and politicians. He concludes with a glowing profile of Maria Butina, the Russian operative who, to quote the Senate Intelligence Committee, was a key player in “a multi-year influence campaign and intelligence-gathering effort” aimed at “the Republican Party, and conservative U.S. political organizations for the benefit of the Russian government.” Butina pleaded guilty to conspiring to act as a foreign agent, served time, and now sits as an elected member of the Russian legislature. Yet Bamford paints her as angelic, an innocent victim nailed to a cross by political hysteria. Weirdly, he calls as a character witness her ex-paramour, the Trump conspiracy theorist and January 6 rabble-rouser Patrick Byrne. He concludes that her only crime was that “she saw deep into America’s soul.”

Spyfail ends, with a thud, on this off-key note. It hasn’t begun to prove its opening argument. Its themes are jumbled. Its disparate stories are glued together. It hasn’t explained what counterintelligence is, how it works and why it fails, the ways in which the CIA and the FBI cooperate and clash, or how a new national agency created after 9/11 to oversee them does or doesn’t function. It mentions the FBI Director Christopher Wray once in passing and Trump’s CIA directors, Mike Pompeo and Gina Haspel, not at all. And it is, as noted, a tad too sympathetic to the Russians.

Bamford writes well, which can cover a multitude of sins. But not the sin of omission. He has neglected, perhaps willfully, to tell a doozy of a tale about Russian spies and U.S. counterintelligence. It’s no secret, but it is a success story, so it wouldn’t fit his theme.

After the Russian hack of the 2016 presidential election, the CIA and the FBI counterattacked. In the summer of 2017, they convinced the State Department to close the Russian Consulate in San Francisco, a chancery annex in Washington, D.C., and a consular annex in New York City, all of which were dens of spies operating under diplomatic cover. The CIA issued a “call to arms” and redoubled its efforts to identify Russian intelligence officers and operatives at home and abroad.

Then, a year ago, Secretary of State Antony Blinken told a disbelieving world that Putin was about to attack Ukraine. This remarkable warning came straight from CIA Director Bill Burns, a former ambassador to Russia. American spies had penetrated the Kremlin and stolen Putin’s war plans.

Four days after the invasion of Ukraine, the United States kicked out 12 spies from the Russian mission to the United Nations. That was only an opening blow. The CIA then reached out to allied intelligence services across Europe. By early April, at least 400 Russian intelligence officers had been fingered and expelled from Germany, France, Italy, Poland, Bulgaria, Estonia, Latvia, and Lithuania. The persona non grata parade continues apace. If there has been a greater U.S. counterintelligence coup since the Cold War began, it has escaped the attention of history.

We would do well to remember that the United States is relatively new at the game of espionage and counterespionage. The Russians have been at it since the days of Peter the Great, and the Chinese have been honing their skills ever since Sun Tzu wrote The Art of War 26 centuries ago. I’m told that the recruitment of disaffected Russian spies, diplomats, and foreign ministry officials willing to commit treason against their leader is on the rise as his dreadful war grinds on, which bodes poorly for Putin. “The enemy’s spies who have come to spy on us must be sought out, tempted with bribes, led away, and comfortably housed,” Sun Tzu wrote. “Then they will become converted spies and available for our service…. The converted spy not only brings information himself, but makes it possible to use the other kinds of spies to advantage.”

Counterintelligence fails because the thieves greatly outnumber the detectives. Russia and China devote immense energy to stealing U.S. secrets and foiling their pursuers. The CIA and the FBI have spent so much time and money on counterterrorism in the twenty-first century that the disciplines of espionage and counterespionage have suffered. And, tragically, they have hired and promoted a handful of traitors over the years. That shouldn’t stop one from wishing them all the success in the world in their intelligence war against Moscow and Beijing. They’ve lost a lot of battles in the past. Here’s hoping they win this one.