Following Peter Smith's money

As part of his efforts, Smith reached out to cybersecurity expert and Lawfare contributing editor Matt Tait, who later wrote up an account of his interactions with Smith throughout the summer of 2016. Smith first approached Tait “around the time the DNC emails were dumped by Wikileaks,” Tait wrote, on the premise of discussing the “Clinton emails.” Smith told Tait that he had been contacted on the dark web by an individual “who claimed to have a copy of emails from Secretary Clinton’s private server” and that he now wanted help authenticating the emails. Tait emphasized that during their interactions, Smith had expressed no concern over the possibility that the individual contacting him on the dark web was a front for the Russian government.

Police say Smith committed suicide on 14 May 2017. 

A hotel clerk at the Aspen Suites hotel across the street from the Mayo Clinic in Rochester, Minnesota found Smith’s body with “a bag over his head with a source of helium attached.” Smith left behind a stack of documents, including a suicide note indicating he has been sick since January 2017 and his $5 million life insurance was expiring. The note also read: “NO FOUL PLAY WHATSOEVER.”

Smith had put together a team to hunt for Clinton’s emails and told that team he was in touch with Michael Flynn.

BuzzFeed News:

Intelligence agencies have given the FBI information that Russian hackers talked about passing Clinton’s emails to Flynn through a cutout, according to two law enforcement officials with direct knowledge of the matter. It is not known if that cutout was in any way connected to Smith.

(…)

Smith reached out to various people he thought could help track down or authenticate the emails Clinton had routed through a private server in her home. One of those people was Matt Tait, a former information security specialist in Britain’s spy agency GCHQ, who was writing publicly about a different email hack, that of the Democratic National Committee.

In a phone call in August, Smith told Tait that he believed Clinton’s private server had been hacked by the Russian government and others, and that a person from the dark web had contacted him, claiming to have some of Clinton’s emails. Smith wanted Tait to help verify the emails, something Tait said he refused to do.

… On the Friday before the Labor Day weekend, Smith incorporated a company called KLS Research. In a proposal Smith put together describing the effort to obtain the emails, he named the company as the “preferred vehicle” for the research into Clinton’s email, and Smith would tell Tait that KLS Research would also help “avoid campaign reporting.”

(…)

[On September 8th,] Smith withdrew $9,500 from the KLS Research account and deposited it into his personal bank account, both held at Northern Trust. From there, Smith took out a little more than $4,900 in cash and sent checks to an accountant and an LLC controlled by a private real estate company. Later in September, Smith made withdrawals of $500 and $700 from KLS Research.

These transactions came to light after Northern Trust received a subpoena from the FBI for Smith’s records last December. The subpoena specifically sought information about the $9,500 withdrawal from KLS Research’s account.

After scouring nine accounts that Smith controlled, Northern Trust turned over documents showing 88 suspicious cash withdrawals totaling about $140,000 between January 2016 and April 2017, including a $3,000 withdrawal six days after the election. Northern Trust found these transactions suspicious because officials could not determine the purpose of the withdrawals and because some of them took place over the time Smith was engaged in his project to obtain Clinton’s emails. Many of the cash transactions, the bank noted, were less than $10,000, small enough not to trigger an automatic alert to the government. After receiving the subpoena, the bank sent a report to Treasury’s financial crimes unit, which shared its findings with the FBI, Special Counsel Robert Mueller, and Senate Intelligence Committee investigators.

(…)

Now, according to the three U.S. law enforcement officials, Smith remains an important figure in the government’s investigation. FBI and Senate Intelligence Committee investigators are trying to follow the money to learn whether Smith paid anyone connected with the Russian government. The FBI suspects Smith used some of the cash to fund his operation and paid hackers who provided him emails … 

Separately, investigators working for Special Counsel Mueller have also interviewed people who Smith tried to recruit and others who worked on his operation to obtain Clinton’s emails … Mueller’s team has also tried to determine if Flynn assisted Smith in his operation, according to two FBI agents. They added that Smith’s suspicious financial transactions are key to that effort.

(…)

Smith, in his only press interview before he died, told the Journal that he and his team found five groups of hackers who claimed to have Clinton’s emails, including two groups he said were Russians.

Smith also told the newspaper that he never intended to pay for emails obtained by hackers — a contention the person with direct knowledge of Smith’s plan disputed, saying Smith did pay for what he was told were Clinton’s emails. This source also said that Smith purposely omitted any mention of paying hackers from his written plan for the operation.

Lawfare:

On its own, the Buzzfeed story might not be a groundbreaking development. But the article doesn’t stand alone. It comes in the wake of Mueller’s indictments of Russians involved in the Kremlin’s social media manipulation operation and, more importantly for present purposes, the hacking and leaking of Democratic Party materials during the 2016 campaign. In that context, it is highly significant that Buzzfeed reports that Smith’s efforts are actively being investigated by the special counsel’s team. Not only has Mueller’s team interviewed “people who Smith tried to recruit and others who worked on his operation to obtain Clinton’s emails,” it has also “tried to determine if [former national security adviser Michael] Flynn assisted Smith in his operation”—a question that Smith’s possible payments to hackers are “key” to answering, Buzzfeed writes.

So how do the facts reported in the Peter Smith stories, particularly Buzzfeed’s latest, line up with Mueller’s indictments? Mueller’s allegations describe, in detail, a complex Russian conspiracy to shape the 2016 U.S. elections—a conspiracy that involved an influence operation conducted on social media, the publication of hacked information, and outreach to a person in contact with the Trump campaign, reportedly Roger Stone.

The Peter Smith stories—between the Journal’s reporting, Tait’s Lawfare account and the latest report from Buzzfeed—describe another plot, one that took shape on this side of the Atlantic. Whether this second plot amounts to a conspiracy is a legal question beyond the scope of this post, but it appears to have involved, at a minimum, an agreement among a number of actors to obtain illegally hacked emails, perhaps by buying them. Tait wrote that he specifically warned Smith that the person purporting to have Clinton’s emails was likely part of Russia’s campaign against the United States and that Smith didn’t care about the source, as long as he got the emails. So it’s certainly plausible that the Smith operation also involved a conspiracy of some sort.

The question is whether, and to what extent, these two plots, or conspiracies, intersected: If “collusion” did indeed take place around the hacking and leaking of Clinton campaign emails, was Smith the American, or an American, with whom the Russians were colluding? Or was Smith’s effort an entirely separate operation, interacting with the Russian conspiracy only glancingly? Or, more distant yet, was Smith’s operation entirely separate from Russian operatives and not interacting with them at all, whatever Smith might have thought?

Before diving into the specific potential interactions between the GRU indictment and the Peter Smith story, it is important to stress the many remaining unknowns. It is unclear, for example, whether Smith’s operation was directed at real emails or just materials that Smith believed to be Hillary Clinton’s emails. It is also unclear whether the people he thought he was dealing with were actually Russian operatives or whether they were just fraudsters taking an old man for a ride. Finally, the extent to which Smith’s effort was actually connected to the Trump campaign proper remains unclear too. According to the Journal, several of the people Smith reached out to said that Smith claimed to be working with Michael Flynn, then a senior adviser to candidate Donald Trump. (Flynn has consistently declined to comment on any relationship with Smith.) The Journal referenced emails between Smith and his associates that show they considered Flynn to be their ally. The Journal also reported that the Sept. 7 document Smith prepared to tout his efforts listed several prominent Trump campaign officials as involved—Flynn, Steve Bannon, Kellyanne Conway and Sam Clovis—under the heading “Trump Campaign.” The paper reported, however, that Bannon said he had never met Smith. Conway admitted to knowing Smith but said she had not talked to him in years. Buzzfeed’s report that Mueller is looking into any assistance Flynn provided to Smith suggests that, at the very least, the special counsel takes seriously the possibility that Smith undertook his quest with the blessing of people associated with the Trump campaign. And, of course, Flynn is now a cooperating witness in the Mueller investigation.

The unknowns aside, it is worth considering the Peter Smith story alongside the facts alleged in the GRU indictment last month. After all, if Mueller believes those facts amount to criminal activity, he presumably believes that he might charge anyone who joined that agreement. So how closely related are these stories?

On the whole, Peter Smith’s efforts run in parallel to the GRU hacking and leaking efforts, taking place along the same timeframe. Although both involve attempts to obtain emails, the emails in question are different: The hacking indictment refers primarily to emails stolen from the Democratic National Committee and the personal email account of the Clinton campaign chairman, John Podesta, which were eventually released by Guccifer 2.0 and Wikileaks. According to both Tait and the Journal, Smith was focused, by contrast, on the 33,000 emails deleted from Clinton’s personal email server, which she used during her time as secretary of state. That server was the subject of an FBI investigation during the campaign.

There is one moment in which these parallel lines come close to converging. On July 27, 2016, Trump infamously declared at a campaign rally, “Russia, if you’re listening, I hope you’re able to find the 30,000 [sic] emails that are missing”—that is, the same batch of emails that so captivated Smith. According to the July 13 indictment, later that same day, Russian hackers “attempted … to spearphish for the first time email accounts at a domain hosted by a third-party provider and used by Clinton’s personal office.”

It is unclear at this stage what emails the GRU hackers were seeking—if any in particular—in targeting the server used by Clinton’s personal office. Until July 27, the GRU efforts had focused on the DNC and the Democratic Congressional Campaign Committee, as well as a successful spearphishing campaign against Podesta. But the attack on Clinton’s personal office appears to be the first attempt against a domain not associated with the Democratic Party or the Clinton campaign. If the hackers were looking for those 33,000 emails, a third-party, private domain used by the candidate’s personal office would be a logical place to start.

There is no evidence that Donald Trump knew anything about Smith’s plan or that the GRU hackers were acting with either Trump’s comments or Smith in mind—or that they were looking for the deleted emails at all. But the moment of convergence on July 27 has the makings of a striking coincidence.

It is also possible that Flynn may be another point of convergence. While he is not mentioned in the GRU indictment, the Journal reported last year that U.S. intelligence officials had information that Russian hackers discussed how to transmit Clinton’s emails to Flynn through an unidentified intermediary. The Buzzfeed story noted this as well. The Journal also reported that Smith repeatedly mentioned Flynn; his consulting firm, Flynn Intel Group; and his son, Michael F. Flynn, who was chief of staff at the consulting firm, in his efforts to recruit researchers for the project. Again, the fact that Flynn is now cooperating with the Mueller investigation should give the special counsel an opportunity to assess his role.

Notably, however, the two plots describe very different interactions with Wikileaks. Mueller alleges that the GRU hackers had extensive interaction with Wikileaks (called “Organization 1” in the July indictment) and that they used that website, along with DCLeaks, to publish their trove of stolen emails. The Atlantic has reported that Wikileaks reached out to at least two figures associated with the Trump campaign—Donald Trump Jr. and Roger Stone—about stolen emails. By contrast, Wikileaks did not publish the emails that Smith obtained from the hackers. It is possible that Wikileaks never received those emails. As Smith told the Journal, he asked the hackers to pass the trove of emails along to Wikileaks; he did not do so himself. It is possible then that Wikileaks did not publish those emails because it never had them in the first place. It is also possible that Wikileaks did not publish them because it found them to be fraudulent. 

Many analysts believe that Mueller’s next step, having alleged both the social media conspiracy and the GRU conspiracy, will be to bring these conspiracies home and charge American figures thought to have participated in the wrongdoing he has outlined. The Buzzfeed story raises the question of how central the Peter Smith story will be to this next act—assuming it comes to pass. It is possible this is all just a sideshow, a weird tangent that took place alongside the main storylines of L’Affaire Russe. But it is also possible that it was more than that.

After all, wouldn’t it be odd if a group of Russians had conspired to steal Hillary Clinton’s emails and dump them into the American presidential campaign, while a group of Americans had conspired to get Hillary Clinton emails from Russian hackers to help Donald Trump get elected, and the two groups had never met?