It’s hard to imagine that even a master manipulator like Putin would have anticipated the full success of his operation. Not only had he sabotaged Hillary Clinton, but he had also helped install in the Oval Office someone who—by virtue of his fragile ego, disdain for democratic norms, and volatile leadership—compounded the impact of the Russian campaign. In the months that followed Trump’s visit to CIA headquarters, his administration would be tarred by scandals political and personal, a rate of White House dismissals unparalleled in history, and investigations into possibly illegal actions by the president, his family, and his team. Trump’s decisions sometimes seemed as if they were designed to erode American effectiveness or standing, be it in government or on the world stage. Again and again he would belittle America’s closest allies—Britain, Canada, France, Germany, and Australia—all the while praising Russia’s strongman.
In so doing, Trump was extolling an authoritarian with an abysmal record on human rights. A significant number of Putin’s critics have ended up dead, most prominently Boris Nemtsov, an opposition politician who was shot multiple times as he walked near the Kremlin in 2015. Others included Natalya Estemirova, the human rights activist who was kidnapped in Chechnya and found shot in the head; Anna Politkovskaya, the crusading journalist who was shot in her apartment building as she returned home; Sergei Yushenkov, the politician who was shot while investigating a possible government role in the bombing of an apartment building; and Alexander Litvinenko, the former security services officer who died an excruciating death in Britain when his tea was laced with polonium-210, a radioactive substance. Particularly among those who had spent decades in the shadows at secret war with the USSR and then Putin’s regime, Trump’s obsequious manner was horrifying—and mystifying.
After concluding his speech, Trump was whisked out of the building and back to his car for the return trip to Washington. The CIA crowd thinned as crews began stacking chairs and breaking down risers. That week, something occurred that officials had seen only in the aftermath of a CIA tragedy. Flowers began to accumulate at the foot of the Memorial Wall on Monday, as the agency returned to work. By week’s end there was a small mound of bouquets placed by employees who passed by the stars in silence.
THE GEOGRAPHY AND HISTORY OF THE NETHERLANDS— ALWAYS in the shadow of great powers—forced it to become quietly effective at espionage. And while the Dutch intelligence service, known as AIVD (which translates to General Intelligence and Security Service), cannot match the global reach of the CIA or MI6 (Britain’s Secret Intelligence Service), and its officers may never compete for screen time with Jason Bourne or James Bond, it kept its focus on Russia even as the United States was diverting intelligence resources to terrorism after the September 11 attacks.
With one of the largest and fastest internet hubs in the world, the Netherlands had become a pass-through point for cyber criminals, particularly from Eastern Europe. Dutch spies, as a result, became particularly adept at operating in cyberspace, relying on that capability to monitor online crime as well as the resurgent threat posed by Moscow. In 2014, AIVD accomplished a digital feat of David-and-Goliath proportions, the agency’s cyber unit penetrating a hacking syndicate linked to Russia’s foreign intelligence service, the SVR. The Dutch gained access not only to the group’s computer systems but to the surveillance cameras mounted above the entrance to its lair, capturing clear images of the Russian hackers as they filed into what they’d always thought was a secure space in the heart of Moscow. Analysts used the images in some cases to identify individual hackers, gradually compiling a roster with their names, the handles they used online, and grainy photos.
The AIVD had achieved what cyber spies call “exquisite access.” It was in the process of carefully exploiting this penetration a year later that the Dutch began to see a suspicious new stream of data flowing into the SVR system. AIVD spies traced its origin to a Democratic National Committee server in Northern Virginia.
The DNC functions as the war chest and back office of the Democratic Party, raising money and helping to field and fund candidates across the country. In presidential races, it oversees the party’s primaries, its debates, its convention, and the process of selecting its nominee for president. The breach of its systems was at that stage almost imperceptible, intermittent signals between a pair of computers on opposite sides of the Atlantic. In reality each ping was a silent betrayal, an expression of obedience by a DNC server to a distant machine secretly working for the Kremlin.
The Russian hackers’ forays into the DNC network had easily eluded the organization’s security, but U.S. intelligence agencies also failed to see the breach, even though the hackers behind it were already well known, having pulled off a spree of attacks in previous months on high-profile targets including the Pentagon, the State Department, and the White House—operations the Dutch had also detected and warned the Americans about. Certainly the DNC wasn’t as alarming a target as those repositories of U.S. government secrets, but the failure to detect the intrusion would mean that by the time it was first noticed by the DNC, Moscow was already tunneling toward troves of material, including internal DNC emails and research files, that it would use to sow chaos in the U.S. election.
The Dutch relayed what they had learned to the National Security Agency, the massive U.S. spy organization responsible for all forms of electronic espionage. The AIVD turned over images of the hackers, IP addresses (numeric codes that correspond to specific computers on the network), and other information that the NSA was able to corroborate.
From that moment in 2015, the scale of the Russian operation and its consequences for the United States would only expand. But at the time, U.S. officials saw the alert about the penetration of the DNC as falling into the category of conventional espionage, the sort of data gathering that Russia, China, and every other country with enough hacking capability—including the United States—pursues. Such probing of government, institutional, and corporate networks was so persistent and aggressive by state-level hacking enterprises that the adversaries involved acquired distinct reputations. The Russians were seen as the most sophisticated and—ironically, given how the year would play out—adept at hiding their tracks. China was “noisier,” less concerned with getting caught. While improving, Iran and North Korea were second-tier players. Attacks on think tanks and political organizations like the DNC were a problem, but defending against them was not necessarily the job of the U.S. government, which had enough on its hands fending off the equally frequent assaults on higher-stakes targets: classified networks, black budget programs, weapons designs.
Protecting those assets required constant vigilance. In November 2014, less than a year before the DNC attack, the White House experienced a Russian offensive so brazen that American officials saw it as a turning point in Kremlin tactics. The hackers gained entry with a common “spearphishing” ruse—sending bogus emails with disguised links or attachments that, once clicked, led to a malware-infested site set up to gather passwords and other sensitive information. The most striking aspect of the intrusion wasn’t that Russian hackers got into a White House network—in this case an unclassified email system that allowed White House staff to correspond when the issue at hand wasn’t sensitive, such as writing your husband