Gamers, terrorists and spies.

For the better part of the last decade analysts have warned about the use of online interactive action games as a recruiting ground for white supremacists and neo-nazis (and to a lesser extent jihadists). The use of Crusader and modern Western military imagery in battles with dark skinned enemies facilitated the recruitment pitch, which given the subject material is mostly targeted at teenaged and young adult men. The policy implication of these warnings is that intelligence agencies, specifically signals and technical intelligence agencies such as those grouped in the Anglophone 5 Eyes network, need to devote resources to monitoring online gaming communities for signs of extremists and their attempts at expanding their ranks via the internet as well as formulating actual online plots to commit acts of violence.

Unfortunately most of these warnings went unheeded and continue to largely be ignored. Government intelligence agencies such as those grouped in the 5 Eyes have myriad threats and many other priorities to address besides online extremists using gaming as a recruitment portal. This has left a gap in their coverage of what is now a full fledged digital community of hate. This community does not just have gaming as a vehicle. It also includes chat and noticeboards like 4Chan and 8Chan, Reddit, Discord and other on-line communities that under the mantle of “free speech” cater to extremist viewpoints. Sadly, that attracts advertising revenue from those seeking to profit from hate and violence, be it via the sale of “hunting” weapons, uniforms, military insignia, survival gear and other para-military outfitters or publications and entities that promote ideological agendas that dovetail with the views of these types of online communities (think Voice for Freedom or Counterspin Media as NZ examples). Equally sadly, in spite of the efforts of the Christchurch Call and various advocacy groups, a majority of technology companies are loathe to self-police when it comes to issues of “free speech,” much less provide client data to security agencies in all but the most dire and pressing of circumstances.

This brings us to the subject of the recent leaks of highly classified US intelligence reports by a Massachusetts Air National Guard service member serving as an enlisted cyber transport system journeyman. In that capacity, 21 year old Airman First Class (E-3) Jack Teixeira of the 102nd Intelligence Wing of the Massachusetts Air National Guard headquartered at Joint Base Cape Cod on the site of Otis Air Field was responsible for maintaining cyber security for the Wing. In order to discharge his duties Airman Teixeira very likely was granted a Top Secret/Sensitive Compartmentalized Information (TS/SCI) security clearance that allowed him untrammelled access to what is known as a “SCIF,” a tightly secured room or building in which both paper and digital records are stored. He also had authority to visit off-station secure sites such as the Special Operations Command and other military intelligence units as part of his official duties. The US government refuses to comment on the matter of his clearances and how he obtained them pending his trial.

Using his access, as early as February 2022 Airman Teixeira began to transcribe and leak information from highly classified documents to a group of about 50 online gaming enthusiasts that were grouped in a Discord channel called “Thug Shaker Central.” He also is reported to have leaked to a larger Discord group and to forums on 4Chan and Reddit. Among these groups were a number of foreign nationals, including Russians. Two common aspects of the channels he leaked to is that they had weapons, uniform and military paraphernalia fetishes and trafficked in white supremacist, anti-Semitic, anti-Muslim, racist and misogynist narratives, with Teixeira himself now being exposed as adhering to those beliefs. The only thing missing from the profile of the gamer guys Teixeira consorted with is the label “Incel,” as in iInvoluntarily celibate. I am not sure about the others but Teixeira certainly seems to fit that bill.

At first his transcribed leaks received a lukewarm response from his (mostly younger) audience because they were pages long and covered a broad range of subjects, from details on the Russian-Ukranian War, Chinese satellite warfare plans, Taiwanese defence preparedness, Egypt’s flirtation with selling arms to the Russians, US eavesdropping on South Korean communications and much, much more. After a while, when he realised that many of the group members he was trying to impress were simply not reading his “nuggets,” he began to photograph and download the documents themselves. The would prove to be his undoing.

Transcribing the documents gave him plausible deniability because the decontextualised words (i.e., no identifying markings) could have been sourced by many people from many SCIFS. But his associates were all young male gamers who are highly visual in their information-processing, so paragraphs of words without pictures soon turned boring for them. Hence, in order to keep their attention spans focused on his “nuggets” and therefore affirm his status as leader of the Thug Shaker Central group, Teixeira needed to go digital. Once he did and the documents appeared on-line with official markings like TS/SCI and NOFORN (“No Foreign” distribution), then the counter-espionage crowd in military intelligence, the FBI and the National Security Agency (NSA) could get to work tracking him down. However, there was a twist to his uncovering. As it turns out it was the New York Times digital investigations team that first saw the documents online. Then the Washington Post was alerted to their presence. After tracing their IP addresses and social media accounts linked to them, these outlets contacted members of the Thug Shaker Command, who confirmed the legitimacy of the documents and how they came to be online. At that point the journalists contacted the US government for comment and the hunt was on. Teixeira was captured within a couple of weeks and is now awaiting trial. He faces a lengthy prison sentence and possibly a death sentence under federal espionage and treason laws. Others might find themselves arrested as well. As it stands, two commanders of the 102nd Intelligence Wing have been stood down over the breach.

Several questions have been raised as to how and why he could have been granted a high level security clearance and given so much access to sensitive information. There are also questions raised about why the chat rooms he was involved with were not being monitored by the relevant authorities and why a seemingly obscure Joint Base at an otherwise relatively quiet tourist destination be a place where deep secrets of all sorts are stored. Allow me to answer at least some of them and draw some comparisons with my own experience.

Because of the nature of his job, Teixeira required high level clearances. He comes from a Portuguese-American military family and was two years out of high school when he joined the Guard. This mitigated in his favour because it appears that he was security vetted by a contractor working for but not by a US government agency. Edward Snowden underwent the same process and we have seen how that turned out. In this case the Discord leaks are far more serious both in terms of the breadth of the subjects covered–there are more than 500 documents in the tranche realised so far- and the depth of the exposure, which includes revelation of “sources and methods.” It is not surprising that the US government has gotten rigorously quiet on the matter. Moreover, Snowden gave his purloined data files to investigative journalists and perhaps the Russian government. Teixeira put them online, where they spread from closed groups to open forums.

His family background growing up in a well-established middle class Portuguese-American community (many of the people in that part of Massachusetts and Rhode Island are descendants of Cape Verdean whalers) and his young age would have suggested to his security vettors that he had no “baggage” that could compromise national security. If they were contractors as I believe they were, he likely wouldn’t have undergone the background checks that I underwent in the 1990s by the Defense Intelligence Agency, which included polygraphs, interviews with family, friends from Argentina all the way to that current moment, work colleagues, undergraduate and graduate student peers, even my ex-wife (not surprisingly, she had little good to say about me). I was asked about my sexual preferences, political beliefs (especially whether I had ever been a member of a Communist Party), vices (gambling, alcohol, drugs, prostitutes), financial situation (especially debt) and numerous other deeply personal matters. The main concern then was two-fold: whether I could be trusted with sensitive material, and whether I could be blackmailed. My ex-wife’s opinion notwithstanding, it turns out I was pretty milquetoast as far as applicants go.

It is unlikely that a contractor would go to such lengths to establish Teixeira’s background given his age and personal life, although the apparent ignorance of his gaming activity and the fraternity of gamers that he associated with was a major lapse on the part of both the vettors as well as US signals and military intelligence agencies. However, even if he had undergone the more rigorous DIA background checks (which still exist), it would have been unlikely that, other than the gaming angle, there would have been anything alarming on his record unless he had been arrested on felony charges. He had not been. From the contractor’s point of view it made sense to go lightly on his background check, using police and FBI records and perhaps some interviews with family and friends. Since neither US intelligence agencies or the military looked into his social media and gaming profiles, there were no red flags to which the vettors could have been alerted, and they clearly did not do that sort of due diligence themselves.

The use of security vetting contractors became common place after 9/11 as the US sought to expand its intelligence networks and analyses against non-State global irregular warfare actors as well as “traditional” adversaries (and friends!). The DIA and smaller intelligence and security vetting units simply could not handle the volume of security checks required by the thousands of new hires in the intelligence-security field. There are now over 1.5 million people in the US with “Top Secret” security clearance and another 3 million with “Secret’ clearances. The solution to the overwhelming demand for background checks was to farm out the vetting to private firms with experience in the field, such as private investigation agencies or firms specifically set up by former security officials to do security vetting as their bread and butter. However, the profit motive often leads to cost-cutting when it comes to the more laborious features of the vetting process, so many firms took the cheaper way and cut corners in that regards. Investigation into the Snowden leaks uncovered that the process by which he was granted high level clearances was flawed and incomplete. It looks like the same may have happened with Airman Teixeira.

Remember that the military is a young person’s business. They do most of the killing and they are the ones who mostly die. Gaining security clearances at a young age is quite common in the US military, especially for specialised units and more so for intelligence units. Teixeira’s age was therefore not a disqualifying factor per se and again, was likely seen as a good justification for quick granting of his clearances.

What about the unit to which he was assigned? Why would it have access to such a broad array of highly classified information? The answer is that the 102nd Intelligence Wing is a renown unit with many important responsibilities. Among them, Teixera’s assigned subordinate unit, the 102nd Intelligence, Surveillance and Reconnaissance Group, processes signals and technical intelligence from U-2 spy planes, RQ-4 Global Hawk and MQ-9 Reaper drones and supports the National Geospatial-Intelligence Agency (from which satellite data is collected). These platforms conduct operations all over the world but specifically over Ukraine in support of the Kiev regime. Some are reported to deploy from Otis Air Field. That means that the SCIF at Joint Base Cape Cod is an integral component of US global intelligence collection activities and the US effort to support Ukraine, which justifies the presence of highly sensitive intelligence in it.

Teixeira also travelled to other SCIF sites and had opportunity to copy classified intelligence from them as well as from his home base. If he did it obviously violates his secrecy oath and sets him up for a number of serious charges. The question is whether he did so just to impress his gamer friends, or for money, or for some ideological reason. The answer is as of yet unclear. The dominant train of thought is that he is an immature young man trying to impress other younger immature men with his “insider” status as one of those who know secrets. He clearly did not do so for money. But his darker comments about race, aspects of US government policy and Russia, much of it in line with the MAGA/QAnon narrative, could point to an ideological motive. Whether that be hatred of the Deep State and Democrats or support for Russia has yet to seen.

I should point out that in my case I was sworn to not only never divulge the TS/SCI material that I handled, but also to not talking or writing without prior authorisation about the classified aspects of my government jobs for twenty years after I left public service. Anything that I did want to write or talk about in my post-government career needed to be cleared by the Defense Department, DIA or intelligence agencies that I worked with, and I was informed that anything that involved ongoing operations or assets still alive or in service would be redacted from any material I wanted to use. There were serious penalties for removing classified material from the SCIFs that I worked in (Unauthorised removal of Classified Material), and much worse, for deliberately removing classified materials in order to hand them to a third party, whomever that may be (Espionage). It will be hard for Airman Teixeira to argue that his actions were unintentional rather than deliberate, and given who were among the groups that he leaked to, it might find him facing espionage charges. The situation does not look good for him.

Whereas what attention has been brought to the online gaming community by the security agencies has focused on rightwing extremism and terrorism, it is clear that the espionage and counter-espionage aspects of interactive digital forums needs to be factored in as well. To that expansion in the scope of cyber-intelligence operations must come a thorough re-appraisal of how security background checks are conducted on people applying for high-level security clearances. This is not just a US problem. There have been enough lapses in NZ security background checks to warrant a review of current SIS procedures and processes for vetting applicants, with or without the help of consultants. Currently non-citizens can get a high level clearance if they pass the SIS checks, but here too at least some of the vetting has been contracted out to private firms (including one that was led by Michelle Boag, of all people). The issue of citizenship aside, there is enough historical evidence to suggest that the SIS (as the lead agency when it comes to security clearance vetting and background checks) might be wise to commission an independent review of its vetting procedures and operations.

Some may remember the case of the Walter Mitty-type fraudster named Stephen Wilce, the guy who claimed to have been a member of the British Olympic bobsledding team and a former SAS trooper who served as Head of the NZ Defence Technology Agency and Chief Defence Scientist from 2005 until he was exposed in 2010. He held very high level security clearances, handled very sensitive defence information and yet was vetted by an outside firm hired by the SIS. One would have thought that they might have looked up the roster of the British bobsledding team in the 1980s when he claimed to be on it, but apparently that was too much to ask. Makes one wonder where Mr. Wilce is now.

I mention this anecdote because the cyber world has opened up a whole new frontier when it comes to security and intelligence. Preventing breaches and leaks has become both easier and more difficult. Easier because the technological means to detect early online threats is greater than in previous decades. Harder because security threats have multiplied along with advancing technologies. What is needed is a proactive strategy of cyber-vigilance in conjunction with tightened requirements for background checks on those handling classified information, including monitoring social media for evidence of online extremism. Although much has been said about how the NZ Police and intelligence community are dedicating significant resources to doing so, it is telling that the Police Commissioner admitted that his agency was caught off-guard by the online planning of the Parliamentary protests last year, and in fact were unaware of the convoys that were organised via various well-known messaging applications to descend on Wellington. By the time the Police realised the size of the protest, the protestors were already setting up camp on the lawns and streets surrounding the Beehive.

Meanwhile, with that note of caution out of the way, can we all say “AI?”

5 Replies to “Gamers, terrorists and spies.”

  1. Yikes!

    “…Currently non-citizens can get a high level clearance if they pass the SIS checks, but here too at least some of the vetting has been contracted out to private firms (including one that was led by Michelle Boag, of all people…”

    That’s a great post, Pablo, and really interesting background to the young man at the centre of it all. I’d been following the whole episode via Twitter and have been gobsmacked at how this could be allowed to happen.

    One of my offspring is a very keen gamer. I asked him if he was aware of the gamer community being surveilled and he was (he’s a Pol Sci graduate). I had not been, but realise it’s naive not to think an eye would not be kept on this global community.

  2. Thanks Di,

    I updated the post with a wee bit more information that I overlooked in the original draft. I hope that you son is not prone to radicalisation and views gaming as a hobby rather than an obsession.

  3. Trying to vet actual millions of people to that standard seems like a massive job, possibly too massive to actually do. There’s been noises made about reducing overclassification (which is apparently a big problem in the US) which might in turn lead to less people needing those security clearances, but that’s a long-term answer at best. Random audits of access to classified material seems likely to pick up people accessing a lot of classified documents like Teixeira and might work – if it gets enough of a budget and if it actually happens.

  4. I’ve been on a learning curve Pablo. Son uses X-Box and Playstation and apparently these have inbuilt apps for communication. He has downloaded Discord but has never used it, however says that other online gamers using Discord have excellent sound/speech quality. He’s a pretty passionate gamer, but careful in his choices.

    He’s never used any of the Dark Web sites ever – big sigh of relief from me!

  5. AVR:

    I do not believe that there is an issue of over classifying per se, but do agree that spot audits and other types of second tier security vetting of personnel with classified access is necessary. A system with regular checks on those with clearances is needed, as this case shows. Having technological means to do random audits of access is a good way to go. That has already been in place in some areas and agencies but needs to be expanded.

    As for the over-classification angle. IMO it is more about vetting than what is considered to be classified information. Having said that, I would get rid of things like “confidential” or other lower level types of classified material and narrow what is very highly classified, leaving a broader swathe of mid-level classified material that covers analyses and opinions but not sources, assets and collection methods or refined intel agency assessments and policy advice to senior decision makers.

Leave a Reply

Your email address will not be published. Required fields are marked *