Eric O'Neill's appearance kind of resembles what one might imagine a former FBI surveillance operative would look like: somebody chameleonlike who can easily blend in with the crowd. He is simultaneously nondescript and ruggedly handsome, about average height with olive skin, deep-brown eyes, and a runner's build.
His expression was somewhat guarded, but amiable. He was also extremely easy to talk to. O'Neill's career surveilling Robert Hanssen, a “spy catcher” higher-level counterintelligence officer, is the subject of the film Breach.1 O'Neill poses as Hanssen's assistant. Over the course of several years he gathered intelligence showing that Hanssen had been in bed with the Russians since 1984, had disclosed information to the Russians that had killed US agents, and he leaked a plethora of classified secrets.2
Hanssen was ultimately apprehended in 2001, after making a dead drop under a bridge in Virginia for his Russian handlers to pick up. He copped a plea and was spared the death penalty, but remains in solitary confinement for life in a prison in Colorado.3 O'Neill was only twenty-seven years old at the time, and decided to leave the FBI to become an attorney.
When I met him in the CBS third-floor interview room, he was a national security expert and public speaker with the firm Carbon Black. We sat in two chairs in front of a simple black background to chat. Two cameras were set up around us. I was excited to interview O'Neill because his journey following Hanssen was interesting to me.
First, I was intrigued by how young he was when he'd been pulled from his regular work and unexpectedly was asked to play a role in bringing one of the country's biggest traitors to justice. I wondered what it felt like to be part of taking down a guy like Hanssen.
I could certainly guess why he may have decided to leave the FBI after that experience, but I was curious to know more. He had seen how Russian spies operate and was willing to talk about it. I wanted to know how he viewed the current Russian cyber-espionage threats in the context of spying in a pre-internet world.
My interest gained traction as soon as we started to talk.4
Pegues: Let's talk about the unit you were in, in the FBI.
O'Neill: Right, so one of the misconceptions was that when I was in the FBI I was an agent.
Pegues: You weren't an agent?
O'Neill: I was not a special agent; I was an investigative specialist, otherwise known as [a] ghost. It's little known although no longer classified. You can go on the federal government jobsite and apply for it. It is a group of individuals who are specially trained in undercover operations, counterterrorism, and counterintelligence, who are the primary assets in the FBI who do the surveillance for the FBI and the undercover operations.
Pegues: All right, so it wasn't an agent. It was a…
O'Neill: An investigator.
Pegues: And they called you ghosts?
O'Neill: The idea was [that] you never saw us, and if you saw us we didn't look like a threat. Your eyes would slide right off us, and you might see us three or four times during the course of a day, but we'd look different every time.
I imagined O'Neill wearing the kind of secret disguises I had read about: fake scars, mustaches, reversible clothing, etc. I told him that his old position sounded like something out of a movie. He agreed.
O'Neill: For quite some time it was not a publicized role. It's still quasi-secret, not classified secret, but not a lot of people know about it. The ghosts do most of the field work in counter terror and counterintelligence for the FBI.
We spoke for a while about Russian cyber-espionage techniques, and how good the Russians were at what they do. O'Neill explained the Russian spies’ best skill sets. He explained something called HUMINT.
O'Neill: So, human intelligence, or HUMINT, is recruiting sources, taking people who work in areas where they want access and through either bribery or blackmail or ideology—you think more like me, your politics are more like me, help me out—they recruit people to give them information. We call those trusted insiders; you trust them, but they've sold out to the Russians in this example. That human intelligence is something they've been excellent at collecting.
Pegues: Better than the Americans?
O'Neill: Well, about the same. We're very good at it, too. But there's been this change in the last number of years.
Pegues: In what way?
O'Neill: We stopped putting information in file cabinets; we started putting all our information in computer systems.
Pegues: And that's a problem?
O'Neill: It is a problem if you're trying to protect information. It's great if you're a spy.
Pegues: Storing all of your valuable information in computers is a problem because it opens you up to hackers?
O'Neill: That's right, but I don't like the word “hackers.”
Pegues: Why not?
O'Neill: I don't like the word “hackers” because what's happened. What I like to say is [that] there are no hackers…there are only spies. Hacking is nothing more than the natural evolution of espionage.
Pegues: You think so?
O'Neill: Those people, [for whom] we coined the term “hackers” some time ago, were mostly people who were interested in breaking into systems either for mischief or the challenge, and sometimes because they were criminals. That's not the level of what a spy does. A spy is someone stealing information to further a cause or to gain information that helps the policies of the government, or, as we've seen in recent years, disrupt another government. That's something more than [a] hacker. The hackers—those people have all gone—they work for security companies now. Those who are penetrating systems are spies, and the spies are well funded, and they have a lot of time to manage their attacks.
O'Neill explained how spies fit every piece of information they gather into a puzzle board, and how they work as a unit.
O'Neill: One thing that makes the Russians so good at HUMINT is everyone who works in the embassy works for the master spy there.
Pegues: Everyone?
O'Neill: Everyone. Everybody is part of it; even families can be used. Everybody's working toward a common goal; it's a little less [like] the way we operate. It's one of the distinctions between the Russians and how we operate. So, everybody who's collecting information: it all gets sifted, it all goes through the machine, and there can be facts that can help, even from conversations that might seem to be something different than anything that would help espionage.
Pegues: So, any conversation that you might think is totally innocent, the Russian spy could be looking at that in a different way.
O'Neill: Sure. Remember, spies get their information from everywhere; there are old stories from the old days when I was in the FBI, before the proliferation of information on the internet, where the first thing that the top spies in the Russian embassy would do every morning was read through all of the US papers, cover to cover, to find…information, [and] reporters were some of the best sources because they can uncover things that a spy might not have access to. [I]t's a start, it's all information that helps create this whole, and the whole is information about what we here in the US are going to do or plan to do that informs the policies and the directives and the decisions back in Moscow.
When O'Neill said that, it reminded me of the Russia investigation and the contacts between the Russian ambassador Sergey Kislyak and several members of the Trump campaign. Throughout 2016 and 2017 those contacts had raised concerns for US law enforcement officials.5
Pegues: Do you think as a former…ghost…that's why US law enforcement/intelligence pays such close attention to contacts with Russian contacts, Russian operatives here in the US?
O'Neill: It's important. Everyone in the government who is working with the Russians has to understand that what you say to them is going to go to Russian intelligence, and they do.
We are trained for that, but there has to be that understanding that you're not just talking to a politician or a diplomat; you are talking to someone who will feed intelligence. We do the same thing overseas. We are hiding our spies within [embassies] as well because that's how you get diplomatic immunity.
I asked him how to combat state-sponsored spying that transcended simply gathering intelligence, but instead deliberately leaked information to cause disruption to a society, an election, a candidate. He spoke about the goals of cyber espionage.
O'Neill: A phishing attack is attacking a person, not a computer. You attack the person. You fool the person; you trick the person into doing the work for you, so you're turning the person who mistakenly clicks on something that they trust into a virtual trusted insider. You have just recruited that person as your spy, and they have no idea that it's happened, so it's that old spy tradecraft in a modern system.
We spoke about what distinguished the DNC hacks from others—namely, in the dissemination of information. O'Neill said he believed (in 2016) most people assumed Hillary Clinton would be president, including the Russians. US officials believe that the intelligence the Russians gained was then weaponized through its delivery to WikiLeaks, a company headed by Julian Assange, who made maximum use of it by leaking it slowly.
O'Neill: I think that there is no argument that both Putin and Julian Assange were pretty contrary to Hillary. None of them liked her very much. And I don't think either of them wanted her to win, or if she did, they wanted that new presidency to begin in disgrace.
Both have their problems with her in the past. I think that if Putin was going to give [the stolen DNC data] to some[one] where he was going to provide the maximum damage or really weaponize it, handing it over to Assange was a good way to assure that was going to happen.
So many people believed that there was journalistic integrity to WikiLeaks. I never did. I saw WikiLeaks as just another spy agency. The day it was founded I think I called them the fast food of spying. You can drive by and spy and go through the drive-by window. I was never fond of them, and I think what happened here is Assange has proven that there is no integrity there. If he wanted to claim anything of that sort he would have posted all of those emails at once, but the way that he dribbled them out bit by bit curated them almost.
And remember that he was almost gleefully tweeting and giving [press] conferences and saying a big revelation is coming out, almost like he was doing publicity for his company. I truly think that there was a lot of information there that these things [emails] were coming.
Perhaps the warning signs were there prior to 2016, but too many people missed them. I know I didn't see it coming. Prior to the summer of 2016, my producers and I were focused on police shootings and the threat that ISIS posed to Americans. At that time, I was digging into the backgrounds of people who could be inspired or directed to carry out terrorist attacks on US soil. There had been the Paris attacks in 2015, in which more than 130 people were killed and hundreds injured.6 Then the San Bernardino terrorist attack, during which the attackers killed fourteen people and injured over twenty others.7
There is no doubt that we had plenty to be distracted by in late 2015 and early 2016. This cyber realm we have entered where we are connected to the world wholly and instantaneously is relatively new. Yet, in hindsight, knowing that I was so underinformed about the topic of the Russian attack embarrassed me a bit.
Listening to Linda Power, Adam Meyers, and O'Neill made me wonder, though, how it was possible in the twenty-first century for a superpower to fall behind the curve in recognizing that Putin had perhaps employed an army of hackers who had embedded themselves into our systems. We had been dealing with Russian operatives’ propaganda for years.
Linda's voice ran through my head. “I don't understand why nobody knew.” Did more people know more than they had let on? That prospect made me, quite frankly, angry; the response time in alerting the American public, even after Putin's army was going after the throat of our election, was alarmingly slow.