ales of spying and surprise attacks are two of the staples of intelligence literature in fiction and non-fiction alike. The two new books under consideration here—Michael J. Sulick’s American Spies and Erik J. Dahl’s Intelligence and Surprise Attack—address these issues in the non-fiction mode, but given the inherently secretive nature of the subject matter, the line between fiction and non-fiction is perhaps a bit less sharp than in most other cases.1 It’s easy to spot fiction in spy spoofs like Get Smart and the more recent television series Covert Affairs. It’s not quite as easy to spot non-fiction when it elides into what seems very improbable.
American Spies is a continuation of the history Sulick began with Spying in America (2012), which told the story not of American agents who spied against other countries, but rather of Americans who spied against their own country. The first book covers the period from the American Revolution to the early years of the Cold War, encompassing such controversial figures as the Rosenbergs and Alger Hiss. This second volume picks up the story in the 1950s and carries it through to the past few years. One of the great strengths of Sulick’s approach is that it entails much more than a numbing catalogue of treasonous Americans. There are trends in spying in terms of the types of people who do it, the targets they go after and the countries for whom they work. Sulick enables the reader to comprehend these trends.
The reasons people become spies are well known. Counterintelligence officers describe these motivations with the acronym MICE: Money, Ideology, Coercion or Compromise, and Ego. During the earliest years of the Cold War, described in Sulick’s 2012 book, ideology was a primary motivation for those who spied for the Soviet Union. Most of those spies were either arrested or removed from office, so by the 1950s the KGB had lost much of its access and had to rebuild its networks. Then came a shift from ideology to money as the primary motive for many of the KGB’s American spies from the 1950s on, including several enlisted military personnel and the more notorious spies—the Walker family, Ron Pelton, Aldrich Ames and Robert Hanssen. However, as Sulick points out, KGB spymasters were notoriously cheap. In many of these cases, therefore, the ego motive is not far behind—fueled by an unhappy childhood, an overbearing father and a general sense of grievance at not being seen to be as elite-class as the spy perceived himself to be. (To be sure, there are undoubtedly scores of intelligence officers who had unhappy childhoods and overbearing fathers who never gave a thought to becoming traitors.)
Sulick should know. He was a career CIA officer in the National Clandestine Service (NCS), and later became the Chief of Counterintelligence and then Director of the NCS. Happily, institutional pride does not prevent him from commenting on some of the less positive moments in U.S. counterintelligence history.
His experience also reaches beyond the intelligence community. For example, the CIA and the Justice Department have long had an uneasy relationship, and Sulick doesn’t shy away from airing it out. The FBI has usually been eager to make an arrest once it had identified a spy. Its eagerness stemmed from two motives: to put an end to the spying and to burnish a career. Arresting people is what the FBI does, so FBI agents want to do it. But to the CIA a known spy who is unaware that he is known is also a source of information about what his masters want to know. That can tell you what they do not know, how they operate, who is part of their network, and more. Better yet, a known spy is a conduit back into his master service, hence an invaluable means for passing along false or deceptive intelligence.
Of course, letting a spy remain at large always involves the risk that further information will be compromised or that the spy may escape your grasp. There is no “always correct” choice between these two poles, and the CIA-FBI relationship is far better now than it used to be. But the core conflicts and differing institutional perspectives remain significant—and in some ways they have spread to related dilemmas. Should the United States shut down or hobble jihadi websites that use U.S. servers or that transit U.S. networks, lest they succeed in recruiting dangerous terrorists? Or is it wiser to secretly monitor those sites and trace user networks back to much bigger fish? We now argue over that, too.
ulick’s discussion of James Jesus Angleton, head of CIA Counterintelligence from 1954–75, is particularly worthwhile and also stands as illustration of the foregoing suggestion that the distinctions between fiction and non-fiction can be tricky. Angleton certainly was for real, but some of the things he supposedly did remain for many very hard to believe. Suffice it to say that Angleton remains a highly controversial character; mere mention of his name among older CIA veterans will cause discordant vibrations to fill the room.
Although the chapter on Angleton ends on a somewhat ambivalent note, Sulick is clearly not one of his predecessor’s admirers. He vividly portrays the near-paranoia that marked much of Angleton’s tenure, paranoia driven by the early betrayal of Kim Philby, MI6’s liaison with CIA and a close colleague of Angleton’s, who was unmasked as a Soviet spy. Sulick also notes the many CIA careers blighted by Angleton. But his most interesting critique blames Angleton for causing the CIA to overreact to his excesses. Angelton trusted not enough, which led successors to trust too much, essentially blinding the CIA to the possibility that a mole might penetrate the Directorate of Operations (as the NCS was then called) even as U.S. human sources in the Soviet Union were being lost. In other words, Sulick suggests, Angleton in some way enabled the ongoing perfidy of Aldrich Ames.
This internal disbelief that one of your own people can go bad—a flaw that the FBI also exhibited in the espionage investigation that led to Robert Hanssen—is one of the perennial dilemmas of counterintelligence work. People tend to, and very much want to, trust the people with whom they work. It is a basic human value to do so, but it is especially attractive in a business where trust is by nature scarce and hence becomes all the more valued. To do otherwise is to descend quickly into Angleton-scale paranoia. And yet, to be a competent counterintelligence officer, you must maintain a healthy degree of suspicion, never let down your guard, and anticipate efforts—some liable to be successful—to penetrate your agency. Steering that middle ground, almost akin to Ronald Reagan’s “trust but verify”, is essential but difficult.
This is one of Sulick’s key messages: spying happens, always. In this business the refrain goes, “I spy, you spy, we all spy for some guy.” Some Americans were surprised and hurt that Ames and Hanssen would transfer seamlessly from their Soviet spymasters to their post-Soviet FSB handlers, as if the end of Communist rule would end the Russian desire or need to spy. We have seen much of the same disingenuous reaction in the wake of Edward Snowden’s revelations. Brazilian President Dilma Rousseff cancelled a state visit in a snit after these revelations indicated that Brazil had been a U.S. intelligence target. Several weeks later, Brazil admitted to conducting intelligence collection against U.S., Russian and Iranian diplomats. Now, what was it la Rochefoucauld said about hypocrisy?
Some will argue that there is a difference between spying on potential foes and spying on one’s friends. The U.S. government has always made an exception for its “Five Eyes” partners (Britain, Australia, Canada and New Zealand). Beyond those Commonwealth brethren, all bets have been off—which does not mean that surveillance activities in countries like Germany or Brazil are either unilateral operations or are necessarily directed against the nationals of those countries. But what constitutes a “friend” when it comes to intelligence? To answer that question, Sulick examines the still-controversial Jonathan Pollard case.
Pollard, a U.S. Navy analyst, had always enjoyed a rich fantasy life of derring-do. Although he claimed to have provided intelligence to Israel out of concern for its security, Pollard accepted a series of escalating payments as well. Israeli agents never sought out Pollard; he came to them. But Pollard’s material was deemed too good to turn away, regardless of the likely harm to relations with the United States should Pollard ever get caught. Pollard was caught, of course, and sentenced to life imprisonment. The matter remains an irritant in U.S.-Israeli relations, although these days it’s an irritant that might as well go to the back of a lengthening queue. In retrospect, one has to wonder if the material Pollard provided was really worth the cost to Israel, especially now that the Cold War context in which it was valued no longer exists.
That observation leads Sulick to note that there has been an interesting shift in the espionage threat in the aftermath of the Cold War. As he shows, there are two main groups now. First are the ideological spies, primarily working for Cuba. Ana Montes, a senior Defense Intelligence analyst assigned to Cuba, and Kendall Myers, a State Department employee (along with his wife Gwendolyn) spied for Fidel Castro for ideological reasons. It is safe to assume that any intelligence passed to Havana quickly finds its way to Moscow. The second and arguably more serious threat is Chinese espionage. The Chinese rely on divided loyalties among the Chinese worldwide diaspora, and the many cases in the United States largely fit this pattern. As Sulick notes, the Chinese appear to rely on a mass collection—as opposed to a highly focused—approach to espionage activities.
This approach raises a question of its own: Given the sheer volume of intelligence the Chinese are assumed to be collecting, mainly in cyberspace, is it useful, or are the Chinese instead greedily overwhelming themselves? We have seen similar misbegotten efforts in the past. In East Germany, the Stasi turned most of the country into informers, yet the state still crumbled overnight in 1989. Much the same can be said for the KGB and the Soviet Union. This is not to underplay the serious threat posed by espionage, but these examples do appear to argue for a more focused approach. (Hopefully, America’s enemies will ignore that observation.)
Also, considering the various spies Sulick discusses, one realizes that the very best spies —that is to say, the most damaging—are not those who are recruited but those who “walk in”, who volunteer. Most of the Americans in this sorry catalog fit that description. This, in turn, raises in some people’s minds the question of why, then, the U.S. government exerts effort to recruit spies. Why don’t we just welcome volunteers? There are two reasons. The first is opportunity; you never know when you may recruit an excellent source. The second, as former DCI Richard Helms noted, is that you need the “plumbing” of espionage—ways to communicate, to exfiltrate data, to move people—whether your spies are recruited or volunteers.
Sulick ends with two brief chapters on counterterrorism espionage and cyber espionage. The best way to catch spies is to have spies of your own in hostile intelligence services—double agents, in other words. Sulick’s treatment of cyber espionage is brief and refers only to the Bradley Manning case, the book having been completed before Edward Snowden’s hemorrhage of classified data. But Sulick insightfully observes that there is something very different about the Manning case: It was undertaken neither for a patron nor for money, but simply in thrall to a vague if idealistic ideology that all people everywhere have a right to know what all governments are doing all the time. It is something like Woodrow Wilson’s “open covenants, openly arrived at” on a heretofore unimaginable and unlimited scale, as if maximum feasible transparency in all things governmental is an inherent good, or even a right. In a sense it is an application of a Facebook mentality to domains where it does not belong.
As Sulick notes, current U.S. law is woefully outdated when it comes to those who seek to undermine the confidentiality of U.S. intelligence collection modalities for its own sake. Prosecutors must now rely on the 1917 Espionage Act, which is how Manning was convicted. A new act focused on leaking properly classified information would seem preferable, although politically difficult.
urprise attack, like espionage, is one of those phenomena that intelligence services are supposed to prevent by providing forewarning. And yet they recur. Erik Dahl’s examination of why surprise attacks happen is a more theoretical exercise than Sulick’s, but it engages reality all the same because it uses a case method approach to answer that central question.
After every major surprise attack there is the inevitable investigation into why it happened and how it can be prevented from happening again. Dahl describes three prevalent schools of thought that have arisen from such investigations over the years. Traditionalists argue that some level of intelligence surprise is inevitable and cannot be wholly prevented. Reformers believe they can identify specific mistakes that can be avoided the next time by changing processes and structures. Contrarians argue that the problem lies in intelligence collection rather than analysis. Reformers have clearly dominated the U.S. debate over intelligence since the 9/11 attacks, achieving their apotheosis in the much overrated 9/11 Commission Report and the subsequent creation of the Director of National Intelligence. One of the more fascinating and alarming aspects of 2004 intelligence law (formally, the Intelligence Reform and Terrorism Prevention Act, or IRTPA) was the attempt to legislate better analysis, as if legislative standards—largely written by non-practitioners—could improve intelligence analysis overall.
Dahl takes issue with all three schools of thought. He argues that the key to intelligence success or failure in the face of a surprise attack lies in the policymaker’s receptivity to the intelligence he or she receives. This position will be controversial among readers and among government officials in policy roles because it argues that, barring those cases where there was insufficient intelligence, the policymakers bear the blame for most surprise attacks because they don’t listen to their intelligence officers. Dahl’s stance violates one of Washington’s unwritten rules: There are policy successes and intelligence failures, but never policy failures and intelligence successes.
Underlying Dahl’s brazen assertion is an important point. Very few surprise attacks really come out of the blue. In the case of state-to-state relations, there is invariably a discernible deterioration of relations; in the case of non-state actors, such as terrorists, a series of stated threats precedes an attack. This becomes important when we look once again at cyberspace, amid cries about an impending “cyber Pearl Harbor.” As DNI James Clapper noted in his 2013 Worldwide Threat Assessment, a major cyber attack perpetrated by a state is unlikely in the near future. He was less sanguine about non-state actors or individuals, but also noted that they are also less capable.
Most of the surprise attacks that Dahl analyzes will be familiar: Pearl Harbor, Korea, Tet, and the Yom Kippur War. But not all were failures. Dahl counts Midway as a surprise attack that was foiled, although some will deny that it qualifies as a true surprise. U.S. military leaders prudently assumed that there would be a follow-on Japanese offensive after Pearl Harbor. The key question was where it would occur. Dahl also notes the thwarting of the “Day of Terror” attacks planned by Omar Abdel-Rahman, the so-called Blind Sheikh, in New York City in 1993.
Dahl, like many other authors, distinguishes between strategic warning (the fact of a threat) and tactical warning (specifics on a pending attack). He argues that without tactical warning it becomes very difficult to engage policymakers, and that tactical warning is the key ingredient in foiling attacks, especially by terrorists. This may be true but, as he well knows, tactical warning is extremely difficult to come by.
To take 9/11 as an example, U.S. intelligence would have had to penetrate al-Qaeda and get inside the plot to know which aircraft were at risk that Tuesday morning. In the case of terrorists this is extremely difficult. The possible arrests of known al-Qaeda members Khalid al-Mihdhar and Nawaf al-Hazmi, who entered the United States in January 2000, would not have yielded this information because at that time the plot was still inchoate. But any warning short of that would likely have been insufficient to allow U.S. policymakers to take effective action. No one would seriously have suggested shutting down the entire national air passenger system pending a search for the terrorists that might last weeks or months.
If Dahl is correct, are there ways to increase policymaker receptivity? The obvious answer, given Dahl’s analysis, is to increase the collection of tactical intelligence. Of the five intelligence collection sources, two offer the greatest likelihood of this type of collection: signals intelligence, now under siege in the wake of the Snowden leaks, and human intelligence. This is difficult, especially in the case of terrorist groups, where members are well known to one another and are highly unlikely to welcome strangers into their midst. So, absent a walk-in, we are unlikely to recruit many high-level terrorists as spies.
Another impediment to improving receptivity is the near absence of a lessons-learned capacity within U.S. intelligence, or within the national security apparatus writ large. Instead, officials lurch from problem to problem and crisis to crisis but spend very little time in the aftermath of any given episode asking what worked, what didn’t work, and why. Instead, most rely on what have been called misperceived “lessons” of the past, typically a major event early in their career that then becomes the filter through which most senior decision-makers process new events.2
We seem to be left, then, in a somewhat pessimistic place, having to accept the fact that surprise is inevitable, as Richard Betts noted many years ago.3 This seems to put us back in the traditionalist school, a place Dahl is not wont to go. But he offers us one important last conclusion. He rejects the reformer approach, at least as exhibited recently in the United States, because he thinks these reforms simply misconstrue the reasons that surprises happen. Mechanical or process fixes cannot remedy what is at base an essentially intellectual malfunction. We can make improvements here and there in information sharing and the like, but these must remain marginal to the real challenge. No so-called reform will improve the ability of key leaders to predict with increased accuracy what other human beings intend to do. In Dahl’s taxonomy I therefore remain a traditionalist.
Intelligence analysis and intelligence processes are subject to constant tinkering, driven in large measure by the belief (perhaps misbegotten) that they can be perfected. Dahl’s Intelligence and Surprise Attack offers useful guidelines as to where changes might best be made where it matters most, if they can be brought about at all given the idiosyncratic nature of the objects to be reformed. If Dahl’s proposals ever do work, it will lend credence to the belief that truth can sometimes be stranger than fiction.
1Full disclosure: Both authors are colleagues, and I am mentioned in Sulick’s preface for advice tendered when he was contemplating the project. I read neither manuscript before publication.
2See Ernest May, “Lessons” of the Past: The Use and Misuse of History in American Foreign Policy (Galaxy Books, 1973).
3Betts, “Analysis, War and Decision: Why Intelligence Failures Are Inevitable”, World Politics (October 1978).