The New Threat of 'Leak-Flavored' Propaganda
Last June the Associated Press published details of what appeared to be a scandal: The Wall Street Journal's star national security correspondent, Jay Solomon, had been offered a stake in a startup by one of his sources, an Iranian-born arms dealer named Farhad Azima.
The AP story was not based on anonymous sources, but rather texts and emails between Solomon, Azima and others. In one text, Solomon wrote: "our business opportunities are so promising." The reporter was fired. The case was closed.
Or so it appeared. This month, Solomon (full disclosure, a personal friend) explained the entire affair in the Columbia Journalism Review. By Solomon's account, he was not involved in business dealings, but was collateral damage in an attack aimed at his source, Azima. He concluded that they were the subjects of a sophisticated hack.
This aviation mogul had found himself in a legal battle with the investment authority of Ras al-Khaimah, one of the seven emirates of the United Arab Emirates. For that legal battle, the investment authority hired Bell Pottinger, a public-relations firm that closed last year following a scandal in South Africa. Solomon reports that in August 2016, some of his emails and texts were placed online in files that were accessible only with assistance from the people who uploaded them. Azima's "legal and political opponents," according to Solomon, "started shopping the stolen data to international media."
Feeding such hacked communications to the press is not new. In 2009, reporters feasted on emails stolen from the University of East Anglia that showed scientists and academics cutting corners in how they presented climate change data. More recently there was the 2016 frenzy over former Hillary Clinton campaign chairman John Podesta's hacked emails.
But the Solomon-Azima case does show a new approach: how hacked emails and texts can be used to create a false mosaic.
In this case, the AP report was careful not to directly conclude that Solomon was an arms dealer. But the implication of the coverage was that maybe he was.
He wasn't. "It was a mistake not to protect myself by making it clear when Azima sent a document on this business to me that journalistic ethics forbid me from entering the agreement," Solomon told me. "But the entirety of my communications with him and others would show that no business ever happened."
This was very different from the WikiLeaks headlines of 2010, when an ostensibly civic-minded leaker offered media outlets a huge trove of military dispatches and diplomatic cables, from which reporters drew their own conclusions. It's fair to criticize WikiLeaks and the leaker, Chelsea Manning, for not protecting confidential sources that came to the U.S. government to share sensitive information, but most of the leaks shed light on secret U.S. alliances in the war on terror. That served a public interest even if the disclosure of confidential sources did not.
The hack in the Solomon-Azima case was not intended to right a wrong, but to hurt one side in a private financial dispute. It was not a trove of unfiltered information, but a strategically edited selection.
John Scott-Railton, a senior researcher at the Citizen Lab at the Munk School of Global Affairs at the University of Toronto, calls this new kind of information operation "leak-flavored product," to use cherry-picked items from a hack to create a false narrative.
This approach is nearly irresistible to reporters, because it's built on what would seem to be the ultimate in legitimate source material. But it can clearly be dangerous because of that aura of legitimacy. "It's devilishly hard to verify all the details in a document dump, and it's hard to get a fix on what was excluded," Scott-Railton told me.
A Citizen Lab report from last year covered one variation on this phenomenon in what it called "tainted leaks," in which mass disclosures of hacked emails were altered to impugn targets. The paper focused on the phishing attack of historian and journalist David Satter. (Satter's work has helped expose the role Russian security services played in the 1999 apartment bombings in Moscow, which helped propel Vladimir Putin to the Russian presidency.)
Citizen Lab could not conclusively prove that the Russian state was behind the hack of Satter's emails. But it did show that the real target of the alterations was not Satter, but prominent Russian opposition figures. For example, a report found in Satter's email from the National Endowment for Democracy was altered to make it appear that Russian anti-corruption activist Alexei Navalny was receiving U.S. government funding. The modified document was then posted on the blog of Russian "hacktivist" CyberBerkut. Suddenly the internet contains a lie woven into authentic stolen information.
Although there does not appear to have been alteration of Solomon's messages, the effect of the hackers' biased curation is similar. Before Solomon could really mount much of a defense or even understand the charges against him, the false narrative was published. This "leak-flavored product" was convincing even though it was not true. By the time Solomon was able to correct the record this month, the damage was already done.
To contact the editor responsible for this story:
Philip Gray at email@example.com