No easy rest for spies as they ask: Whodunnit?

Is Big Brother watching us? The leaked cables suggest the South African state is fairly benign when it comes to snooping on its own citizens. (Darren Staples/Reuters)

Is Big Brother watching us? The leaked cables suggest the South African state is fairly benign when it comes to snooping on its own citizens. (Darren Staples/Reuters)

Within the South African intelligence community – currently in the middle of a furious mole hunt – there are three leading theories for how a television channel headquartered in the Middle East came to publish intimate secrets of the State Security Agency (SSA) in the past week.

None of them bodes well.

The documents, insiders say, all appear to be real; some individual documents have been verified, and others carry information that is historically accurate or use the correct codes and formatting.

On how these documents came to be in the public domain, however – published by Al Jazeera and the Guardian – there is some dispute and much elaborate speculation.

  • See Who is going to spy on the spy master?

The least baroque theory – and least damaging to national interests in the long term – is a good old-fashioned disgruntled employee, a spy who decided to pursue a personal geopolitical agenda.

“I started off thinking this could be somebody who became disillusioned with a boss and wanted to discredit the whole intelligence complex by stealing documents, or somebody of the Muslim faith, a Sunni, who wants to screw [Shia] Iran,” said one person with intimate knowledge of the local intelligence sector. “Wherever you have a leak, you have an aggrieved or greedy person,” said another.

A second, more complex theory holds that the entire episode is the visible part of a well-disguised operation by a foreign intelligence agency. Say you are a third party with a stake in the nuclear negotiations between Iran and the United States, and have a top-level source in South Africa.
Your source turns up some South African intelligence on Iran – not the kind of stuff that topples regimes, but enough to create a bit of confusion and fluster the Iranians at a critical juncture when concessions are to be had. What do you do?

‘Don’t make it too pointed’
“Once your agent is out or safe, you leak the information,” speculated a high-level intelligence source. “You make sure it is mixed in with a couple of other things; you don’t make it too pointed. It just has to be there so the Americans can sit around a table with the Iranians and say: ‘So there’s this document from the South Africans we found on the internet that we want to talk about …’”

The first theory makes the SSA the victim of a single individual with too little access to information and who is not monitored closely enough; a failure of internal security that is damaging but against which it has proven difficult to guard. The second theory requires an SSA penetrated to an alarming degree by a not-quite-friendly foreign power, which is somewhat more concerning. But the third theory is even more perturbing, and it is this theory that has “the farm” – the Musanda headquarters of the SSA just outside Pretoria – in an uproar.

The counterintelligence section of the SSA has, in recent years, been in the ascendant, intelligence sources say – but it remains insecure. The more hawkish elements of the Protection of State Information Bill, aka the “secrecy Bill” have yet to be enacted; the list of national key points was published against its wishes; and the president apologised for signal jamming in Parliament during his State of the Nation address. For those who by the nature of their jobs see threats everywhere, all of this points to the need for a tighter grip.

Simplistically speaking, intelligence agents gather and analyse information, but counterintelligence agents create information and situations – or turn developing situations in their favour. So if, say, a counterintelligence wing were to detect that a disgruntled employee was gathering an eyebrow-raising number of documents while also googling “How to leak information to Al Jazeera”, it could start looking for the closest pair of handcuffs. Or it could take the long view and consider the damage such a leak would do versus the political benefits that could be derived.

“Now [after the spy cables leak] every South African is going to say: ‘How could this have happened? How do we make sure it doesn’t happen again?’ How you do it is you have tighter counterintelligence, that’s how,” said an insider. “Even you guys [the media] are going to find yourselves arguing for the secrecy Bill now. It’s checkmate.”

In this analysis it does not matter all that much whether the spy cables were the result of a genuine breach of security, a breach detected but allowed to come to fruition or a manufactured event. The result remains the same: more resources and greater reach for South Africa’s counterintelligence operatives.

One of the leaked documents published this week illustrates the kind of counterintelligence frustrations that make such theories possible, if not necessarily plausible. An assessment of security vulnerabilities in the government, it bemoans the gaping holes in information technology systems, functionaries at all levels of government who do not take security seriously, and foreign intelligence agents seeking (and gaining) access to everything from high-security industrial facilities to presidents.

The argument for a manufactured or allowed leak is also bolstered by the nature of the information made public. Although the very fact of the leak itself is disastrous to the local intelligence community, the contents are not.

Secrecy shattered
“The mystique, the imperative of all intelligence agencies, is secrecy, and that is shattered,” says Laurie Nathan, an intelligence scholar who formed part of a ministerial review commission on intelligence between 2006 and 2008. “What defines them is not intelligence; it is secrecy. Secrecy is critical.”

The spy cables leak is catastrophic, Nathan says, and although ordinary South Africans may consider it no big deal, the country’s spies “are not sleeping right now”.

On that point almost everyone concurs. Even those ready to lay the blame for the leak at the door of rogue counterintelligence agents speak of an “unsophisticated element”, people ready to use blunt force and inflict enormous damage on their own in order to get their way.

Yet some point to the content of the cables and the picture it paints of South African intelligence as a reason why it would be possible to condone the leak. “When you are a South African reading these things, what is your reaction?” asked one insider. “It should be: ‘Fuck, we have a sophisticated intelligence service.’”

Intelligence agents have long spoken of their frustration at the lack of recognition for the fact that, despite interest from the likes of al-Shabab, South Africa has never had a major terrorist attack or disruption of an event such as the World Cup. Now, they say, citizens are getting a glimpse of the kind of work behind their success.

“What you see is that we work with everyone, that the CIA and MI6 come and ask for our help and recognise our capability,” says one. “You also see that we are not the lackeys of the Americans or the Israelis or the Brits, or whatever. On every global matter there is a view and there is an action that advances the South African cause. We know that on Palestine we want a two-state system and we work for that, but Mossad [the Israeli intelligence service] still respects us and works with us. We don’t have to be embarrassed about that.”

Government not working towards blanket surveillance
Security operatives also point to the lack of illegal action shown by the spy cables. Unlike the Edward Snowden leaks or the Wikileaks cables, the documents from the SSA do not show a government working towards blanket surveillance of its citizens or killing foreigners on flimsy pretexts. There are, in the words of one, “no lasers, no assassinations, no beautiful women” in the spy cables released by Al Jazeera to date.

Nathan has one caveat in that regard; he believes the cables may point to the tapping of the communication of foreigners in South Africa without judicial authorisation.

“We know for a fact that the intelligence agencies were labouring under the misapprehension that they only needed a judge’s permission for intrusive measures on South African citizens,” Nathan says, while believing that foreign nationals in the country enjoyed no such protection. “That is unequivocally wrong.”

But that in itself is not leading to sleepless nights. “You have a guy saying it is wrong; we have courts that would never prosecute that,” one insider told the Mail & Guardian. “If that’s the best you can do, it just shows you can’t prove criminal activity.”

An important reason to ensure there is never a leak from your intelligence establishment, even if you expect to benefit from it, involves the practice of sharing intelligence between countries. In the immediate aftermath of the spy cables South Africa will receive less of such information, everyone agrees, not least because mid-level functionaries in other countries will not want to be held responsible if the information they supply is exposed in a similar breach. But one insider dismissed the idea that the country’s intelligence capability would be crippled as naive, “civilian” thinking.

“You share information because you are trying to influence events, not because you are charitable,” this insider said. “You don’t stop sharing because of a leak; you just cover your backside a little better before you do.”

Phillip de Wet

Phillip de Wet

Phillip de Wet writes about politics, society, economics, and the areas where these collide. He has never been anything other than a journalist, though he has been involved in starting new newspapers, magazines and websites, a suspiciously large percentage of which are no longer in business. PGP fingerprint: CF74 7B0F F037 ACB9 779C 902B 793C 8781 4548 D165 Read more from Phillip de Wet

Client Media Releases