Sam Cabral at the BBC explains that the FBI searched not only a storeroom where government documents were kept illegally, but also Trump’s office, where there were also classified and top secret documents, mingled with Trump’s private effects.

About 1,500 documents were taken away from Trump’s private office. Seven out of 18 top secret documents that were seized had been in Trump’s office, along with 17 of 54 secret documents. Trump clearly wanted some of these government secrets at his fingertips. But why?

All together, 100 of the documents seized by the FBI in August had some sort of classification markings.

The FBI released a photograph of some of its haul from Trump’s office this week, which showed the marking on some files of “HCS-P.” Chappell at NPR explains that HCS-P means

“HUMINT Control System Product, using the acronym for human intelligence. According to the office of the Director of National Intelligence’s classification manual, “HCS protects the most sensitive HUMINT operations and information acquired from clandestine and/or uniquely sensitive HUMINT sources, methods, and certain technical collection capabilities, technologies, and methods linked to or supportive of HUMINT.”

HUMINT means “human intelligence,” as opposed to, say, satellite surveillance. So those HCS-P files Trump had at Mar-a-Lago could have contained information about agents recruited abroad to spy on their countries, including the real identities of these agents.

The bombshell revelation that came out of the inventory, however, is that the FBI field agents recovered from Trump’s office “43 empty folders with classified banners” and “28 empty folders labelled ‘Return to staff secretary/military aide.'”

That Trump still had some 11,000 government documents that should never have left the White House is cause for alarm enough. But the internet went wild with the admission that there were empty folders, which raised the question of where the 43 sets of top secret documents are now. MSNBC commentator Glen Kirschner tweeted that Trump did not take the folders empty to Mar-a-Lago, i.e., the documents must have been somehow disposed of once they were out of government hands.

Other observers Tweeted that it was awfully suspicious that in January, 2021, Trump took thousands of government documents, some of them top secret and some of which revealed the identities of foreign agents working for the Central Intelligence Agency, and then in October, 2021, the CIA admitted to losing dozens of spies and informants abroad, who suddenly went dark. It was as though the foreign adversaries of the U.S. had suddenly discovered the identities of US intelligence assets.

Trump had in his possession sensitive papers revealing information about agents’ names, and then the agents stopped being heard from.

We have to be careful about jumping to the conclusion that Trump intentionally or inadvertently revealed US intelligence sources and methods. But someone sure as hell did.

There is a logical fallacy that goes “post hoc ergo propter hoc,” — something happens before something else, and is declared the cause for whatever happens subsequently.

There is no evidence that Trump sold these secrets to e.g. Russia, and we shouldn’t jump to the conclusion that Trump caused all those intel assets to go blank.

There could have been a double agent working at CIA headquarters who spilled the beans to, e.g., Russia and China. It wouldn’t be the first time — consider Aldrich “Rick” James.

Still, the sad thing is that we can’t dismiss out of hand the possibility that Trump was selling government secrets to the highest bidder, however unlikely that is to be true, given all the other underhanded things we know Trump has done.

The BBC points out that Apple takes pride in the privacy it provides to users, and alleges that it has been in a constant race with NSO to close off vulnerabilities, as the Israeli hackers constantly developed new exploits. NSO spyware can vacuum up all the data on a person’s phone, turn on the microphone and camera and, well, spy on them.

The Biden administration in early November banned NSO from the U.S. for “malicious cyber-activities.” Israeli government attempts to intervene with Biden to reverse the decision have been rebuffed.

NSO is an example of the way the Israeli occupation of the stateless Palestinians generates tools and techniques that then are sold or adopted abroad for use on human rights activists around the world, including on American citizens.

In its lawsuit, filed in US District Court for the Northern District of California, Apple alleged of the Israeli-backed NSO:

“Defendants are notorious hackers—amoral 21st century mercenaries who have created highly sophisticated cyber-surveillance machinery that invites routine and flagrant abuse. They design, develop, sell, deliver, deploy, operate, and maintain offensive and destructive malware and spyware products and services that have been used to target, attack, and harm Apple users, Apple products, and Apple. For their own commercial gain, they enable their customers to abuse those products and services to target individuals including government officials, journalists, businesspeople, activists, academics, and even U.S. citizens.”

The US Commerce Department seems to agree with this characterization, saying of NSO that it

“developed and supplied spyware to foreign governments that used these tools to maliciously target government officials, journalists, businesspeople, activists, academics, and embassy workers. These tools have also enabled foreign governments to conduct transnational repression, which is the practice of authoritarian governments targeting dissidents, journalists and activists outside of their sovereign borders to silence dissent. Such practices threaten the rules-based international order.”

There appears to have been an uptick in NSO-backed hacking in 2021. Apple alleged in its complaint,

“Because of Apple’s investment in, and longstanding commitment to, product security and privacy, there is critical need for the company’s products around the world. There are 1.65 billion active Apple devices worldwide, consisting of over a billion iPhones and hundreds of millions of other active Apple devices such as Mac, iPad, and Apple Watch. 5. This action seeks redress for Defendants’ multiple violations of federal and state law arising out of their egregious, deliberate, and concerted efforts in 2021 to target and attack Apple customers, Apple products and servers and Apple through dangerous malware and spyware that Defendants develop, distribute to third parties, and use (or assist others in using) to cause serious harm to Apple’s users and Apple.”

The consequences for human rights workers of NSO’s malware have often been fatal.

An investigation by The Guardian demonstrated that the Saudi government used NSO spyware to hack into the phones of dissident Washington Post columnist Jamal Khashoggi and his friends and family. On the basis of what the Saudi secret police learned about his activities, they lured him to the Istanbul consulate where they strangled him to death on October 3, 2018, and then cut up his corpse with a bone saw to smuggle it in pieces out of the consulate.

Citizen Lab in Toronto found that the 6 Palestinian human rights organizations recently branded “terrorists” by the Israeli state were under NSO surveillance. European governments have slammed the Israeli charges against these organizations as false. Some observers believe that the surveillance was about to be revealed, leading the Israelis to attempt to distract the world with its outrageous charges against human rights workers.

In 2017, NSO hacking tools were used to break into 1,400 American Whatsapp accounts, provoking a complaint from Facebook (now Meta) that led to an FBI investigation of the firm. It is likely this very FBI investigation began the scrutiny that led to the software being banned in the United States. NSO has engaged in widespread influence peddling among former Bush, Biden and Trump administration security officials by putting them on payroll.

There is a lot of talk of OSY Technologies, which owns NSO, being forced into bankruptcy as the US ban is causing it to lose contracts, including in Europe.

—–

Bonus Video added by Informed Comment:

NDTV: “Apple Sues Pegasus-Maker Israeli Firm For Targeting Its Users”

Although Iran and Israel have many enemies, few are able to launch large scale, accurate and effective attacks on either country, except for themselves, of course. Although they do not officially recognise it, others have confirmed their responsibility for the attacks. Neither need official confirmation from each other to know who is responsible.

Such attacks have been happening for more than a decade, but in the past two years civilian targets on both sides have been hit. Shortly after the outbreak of the coronavirus pandemic, Iranians attacked the systems at six water and sanitation facilities in Israel. The occupation state determined immediately where the damage was and repaired it.

Its response came within a few weeks when computer facilities at Iran’s largest port, Bandar Abbas, were subjected to an Israeli cyberattack. Three months ago, unknown attackers targeted the Iranian Railways computer system in a way similar to the attack on the petrol network last week, causing thousands of trains to be cancelled.

The Iran response was to target the systems at Hillel Yaffe Hospital in Hadera. This was a more serious attack than those earlier. It forced the hospital staff to work manually, which could have jeopardised Israeli lives. The attack on the petrol supply network is believed to have been a response to the hospital attack; it was sharp, widespread and meaningful. With actions and reactions, this is thought to be just the beginning of a long conflict.

It is true that human lives are generally not lost in cyberwarfare. Israel, in particular uses strong safety measures. However, the Iranian attacks are becoming more sophisticated, like the attack on the electricity network and internet servers, which caused serious damage to the banking sector. Things would be more serious if Israelis have to buy emergency generators, or make backup copies of their computer files for fear of being hacked by Iran.

Israel has warned that it is not ready for cyberattacks that might cause fatalities. As the tit-for-tat attacks grow, though, there are corresponding fears in Israel that it is not ready for an increase in the pace of Iranian attacks against civilian and military sites with the potential for a lot of damage and huge losses.

It is true that Israeli attacks against Iranian targets may be more deadly, but Israel fears that Iranian attacks could paralyse its economy and technical capabilities, whether in the banks, hospitals, commercial institutions or infrastructure. Cyberattacks on various websites and Hillel Yaffe Hospital, expose Israel’s unpreparedness for such attacks. Indeed, as a country, Israel is highly vulnerable to cyberattacks. There is evidence that there have been 245,000 cyberattacks and cyber-enabled crimes since 2019, including defamation, sexual harassment and robbery. Cyberattacks can be deadly if they lead to drinking water being contaminated, or target operations systems in sensitive areas such as missiles or other weapons.

While neither side really wants this cyberwar to escalate to an all-out confrontation, Iran is not going to sit and do nothing in the face of Israeli attacks. It has teams of hackers who respond against Israel frequently, but this is not a video game; the stakes are high, and there could be fatal consequences.

At the moment, Israel has obvious superiority over Iran in this cyberwar. However, as has happened in earlier stages of their confrontations, the Iranians are learning, improving their capabilities, and ready to respond to Israeli attacks.

The views expressed in this article belong to the author and do not necessarily reflect the editorial policy of Middle East Monitor or Informed Comment.

Unless otherwise stated in the article above, this work by Middle East Monitor is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

——–

Bonus Video added by Informed Comment:

TRT World: “Alleged cyberattack interrupted petrol distribution in Iran”