Earlier this month we learned the name of a second person who stole top secret documents from the US National Security Agency (NSA). After Edward Snowden admitted doing so publicly in June 2013, the FBI has now arrested the 51-year old Harold T. Martin III at his home in Maryland.
Martin hoarded lots of classified documents, not only from NSA but also from a number of other military and intelligence agencies. The FBI is still comparing them with those from the recent Shadow Brokers leak and a range of other NSA leaks from the past few years, but given what’s known now, it seems likely that at least one other leaker is still at large.
The house of Harold T. Martin III in Glen Burnie, Maryland
(photo: Jose Luis Magana/The Associated Press)
The New York Times reported that when the FBI raided Martin’s house on August 27, they found paper documents and many terabytes of highly classified information, even going back the 1990s. At least six documents were from 2014. It was reported that Martin first took the classified documents on paper, later on CDs and more recently on thumb drives.
The reason why Harold Martin brought home and stored such large numbers of top secret documents isn’t yet clarified. One suggestion is that he may have used them forresearch for his dissertation about “new methods for remote analysis of heterogeneous & cloud computing architectures”, which he was working on at the University of Maryland.
Documents from multiple agencies
It should be noted that not everything Martin stole comes from NSA. In the official charges there are no names of the agencies where the documents come from, they are only described as highly classified, including ones that are marked as Top Secret and Sensitive Compartmented Information (SCI).
With the documents going back to the 1990s, he may well have started hoarding them from the places where he worked in those days. From 1987 to 2000, Martin served at the US Navy, achieving the rank of lieutenant, but he left active duty in 1992.
As the Washington Post found out, he then took a variety of tech jobs with government contractors, like at Computer Sciences Corp. (CSC) somewhere in the 1990s and later, until 2009, at Tenacity Solutions, for which he worked at the Office of the Director of National Intelligence (ODNI).
In 2009, Harold Martin started to work for Booz Allen Hamilton, for which he was a contractor at NSA from 2012 to 2015, when Booz transferred him to the Pentagon’s Office of Acquisition, Technology and Logistics (AT&L), which is responsible for often highly sensitive and classified procurement programs. There he stayed until the moment of his arrest last August.
Officials have meanwhile said that Martin took classified documents not only from NSA, but also from his other workplaces, including ODNI and AT&L.
It’s interesting as well that in the charges against Martin, a whole paragraph is dedicated to the at least six documents from 2014, which are described as being produced “through sensitive government sources, methods, and capabilities”. As signals intelligence is traditionally seen as the most sensitive capability, maybe just these six documents are from NSA.
The building of the Office of the Director of National Intelligence (ODNI)
where Harold Martin worked as a contractor before 2009
(photo: Microsoft, via Cryptome.org – click to enlarge)
Shadow Brokers investigation
After the “Shadow Brokers” disclosed a large set of secret NSA hacking tools last August, the FBI began investigating this leak. At the same time there was a lot of speculation: was NSA hacked from the outside? Had an NSA hacker been sloppy? Were the tools leaked by an insider? Maybe the same insider responsible for earlier leaks that hadn’t been attributed to Snowden?
On September 22, it was reported that during the FBI investigation, NSA officials had said that a former agency operative had carelessly left the hacking tool files available on a remote computer, where Russian hackers found them. If that’s correct, then it seems likely that the FBI traced Harold Martin when they were looking for that careless NSA hacker. It has not yet been confirmed that Martin was that person though.
Harold Martin was working at NSA’s hacking division TAO around the time when the tools were considered to be left exposed, somewhere after October 18, 2013, but a former TAO hacker told the Washington Post that Martin “worked in the unit’s front office carrying out support roles such as setting up accounts, not conducting actual operations.”
Even if Martin was the man who left the hacking tools exposed, then we still don’t know who found them and published them under the name Shadow Brokers. It’s not very likely that this was done by Martin himself, as Shadow Brokers published additional messages on August 28, October 1 and October 15, when he was already in custody. The actual publication can therefore be the work of for example Russian, Iranian or North Korean hackers or even independent hacktivists.
Could Harold Martin also be the source of earlier leaks, that were not attributed to Edward Snowden? In theory he could have been that “second source” next to Snowden: none of these other leaked documents (like the TAO catalog, XKEYSCORE code, tasking lists and end reports) are newer than 2015, when Martin left NSA. Contrary to this Martin is described as very patriotic, which doesn’t fit the fact that these particular leaks were clearly meant to harm and embarrass the US and NSA.
Also, Martin hasn’t (yet) been charged with espionage or the attempt to provide classified information to a third party or a foreign government – which doesn’t seem something the US government would leave out or keep secret after the recent and unprecedented statement in which the Office of the Director of National Intelligence accused Russia of hacking the Democratic National Committee (DNC) and other political organizations.
Should the FBI investigation confirm that Harold Martin was only responsible for leaking the NSA hacking tools (after which unknown others published them) and that none of his documents were provided to foreign intelligence agencies or showed up in the earlier revelations, then there’s most likely yet another leaker from inside NSA.
The Shadow Brokers leak standing alone and not related to the earlier non-Snowden leaks is of some importance, because only among the stuff published by the Shadow Brokers there are files with a date (October 18, 2013) after the day that Snowden left NSA (May 20, 2013).
This means that when Harold Martin is the initial source of the Shadow Brokers files, we can no longer exclude the possibility that the earlier leaks do come from the Snowden trove. If that would be the case, then someone with access to them went rogue and had them published on his own account. But it should also be noted that both Glenn Greenwald and Bruce Schneier explicitly said that some of these leaked documents did not come from Snowden.
The more likely option is therefore that there’s still another leaker at large, someone with a more evil intent than Harold Martin and Edward Snowden – a conclusion which is not very comforting and which also raises questions about NSA’s internal security…
Some NSA buildings at the Friendship Annex (FANX) complex near Baltimore
(photo: live.com, via Cryptome.org – click to enlarge)
NSA’s internal security measures
The NSA’s hacking division TAO, where Harold Martin worked for some time, isapparently not located in the well-known NSA headquarters building at Fort Meade, but in one or more leased office buildings outside, one of them at an office complex calledFriendship Annex (FANX) near Baltimore. TAO also has units at NSA’s four Cryptologic Centers across the US.
Entrance to the highly secured TAO headquarters building is strictly controlled: one has to go through an imposing steel door, protected by armed guards, and entrance is only possible after entering a six-digit code and passing a retinal scanner to ensure that only specially cleared individuals are allowed in.
Such security measures are more aimed at keeping outsiders out, than at insiders in. And when it comes to finding inside moles of hostile foreign intelligence agencies, the NSA is also said to have a rather bad track record. The Manning and Snowden leaks made NSA painfully aware of this and so preventive insider-threat detection programs were put in place.
It’s not clear whether these new systems failed in the case of Harold Martin, or that they simply weren’t yet implemented at the TAO location where he worked – anti-leak software that was designed by Raytheon to “spot attempts by unauthorized people to access or download data” was also not yet installed at the NSA facility in Hawaii when Snowden was working there.
Tracking what employees are doing inside is one thing, checking what they take out is another. But according to The Washington Post, the NSA (like other agencies) does notimpose universal checks of personnel and their belongings as they enter and leave agency buildings. Security guards only conduct random checks and use their discretion in order to keep en build the trust of the employees.
“If you have a bag full of stuff, you’re probably going to get stopped” said a former TAO operator to the Post, but, in general, “Disneyland has more physical security checks than we had”. Additionally, NSA facilities will have detection gates, but it seems that it was easier for Snowden to walk out with his thousands of documents than many would have thought.
As former NSA general counsel Rajesh De explained, it is unlikely “you’re going to be able to stop every incident of somebody taking documents if they’re determined to do so. But the real question is how quickly can you detect it, how quickly can you mitigate the harm of any such incident.”
An old sign inside the NSA headquarters building
showing what kind of items are not allowed in.
(screenshot from a documentary about NSA)
Harold Martin stole a lot of classified documents from multiple military and intelligence agencies where he worked over the past 20 years, with maybe just a small number from NSA. The still ongoing FBI investigation has to make clear whether Martin was responsible for exposing the TAO hacking tools.
If not, then there has to be yet another careless NSA employee, but then it’s also still possible that the hacking tools came from a source responsible for a range of earlier leaks. So far it seems that Martin isn’t the source of those earlier leaks, which means that the so-called “second source” is still at large.
The case of Harold Martin also made clear that security measures at NSA, and other US agencies, were not as strict and tight as outsiders would have expected: even for someone without a strong ideological or financial drive like Martin it was apparently not that difficult to regularly walk out with top secret documents.
Many things have not yet been confirmed or clarified, but at least the Shadow Brokers leak and the subsquent arrest of Harold Martin created more awareness among the American public of the fact that there have been more leaks than just those from Snowden.
In August 2014, Bruce Schneier was probably one of the first who identified a second and a third leaker besides Snowden. Many more similar leaks followed and a full listof them was compiled on this weblog in December 2015 (still being updated). As an excerpt of this listing, a short overview of the most important non-Snowden leaks was published in The New York Times last week.
Shortly after this blog posting was published, The New York Times came with a new report saying that the volume of classified documents Harold Martin had in his possesion is larger than those stolen by Edward Snowden and even than those of the Panama Papers from 2015.
FBI investigators apparently also found that the TAO hacking tools were among Martin’s documents, but because he is not very cooperative, it is still not clear how they came in the hands of the mysterious Shadow Brokers, who subsequently published them. So far there’s no evidence that Martin was hacked or that he sold information.
He seems to have hoarded all these documents in order to get better at his job, as he is described as someone who imagined himself a top spy and an important player in the world of digital espionage.
On Thursday, October 20, government lawyers said they would prosecute Harold Martin under the Espionage Act because of stealing classified information. The FBI found the huge amount of 50 terabytes of data at his home, but it is not yet clear how much of that is classified. Also foundwere “hard-copy documents that were seized from various locations during the search that comprise six full bankers’ boxes worth of documents” with “Many of the documents marked ‘Secret’ and ‘Top Secret,’ also bear special handling caveats. The information stolen by the Defendant also appears to include the personal information of government employees”.
Links and Sources
– John Schindler: It’s Time to Rename NSA the National INsecurity Agency
– The Washington Post: NSA contractor thought to have taken classified material the old-fashioned way
– Daily Beast: Democrats Say WikiLeaks Is a Russian Front, U.S. Intelligence Isn’t So Sure
– Defense One: Data-Theft Arrest Shows that Insider Threat Remains Despite Post-Snowden Security Improvements
– John Schindler: Has the Russian Mole inside NSA finally been arrested?
– New York Times: N.S.A. Suspect Is a Hoarder. But a Leaker? Investigators Aren’t Sure.
– The Cipher Brief: First on The Cipher Brief: Snowden’s Boss Shares Lessons Learned
Earlier this week, a group or an individual called the Shadow Brokers published a large set of files containing the computer code for hacking tools. They were said to be from the Equation Group, which is considered part of the NSA’s hacking division TAO.
The leak got quite some media attention, but so far it was not related to some earlier leaks of highly sensitive NSA documents. These show interesting similarities with the Shadow Brokers files, which were also not attributed to Edward Snowden, but seem to come from an unknown second source.
Screenshot of some computer code with instructions
from the Shadow Brokers archive
(click to enlarge)
The Shadow Brokers files
One of the encrypted files could be decrypted into a 301 MB archive containing a large number of computer codes for server side utility scripts and exploits for a variety of targets like firewalls from Cisco, Juniper, Fortinet and TOPSEC. The files also include different versions of several implants and instructions on how to use them, so they’re not just the malware that could have been found on the internet, but also files that were only used internally.
A full and detailed list of the exploits in this archive can be found here.
Security experts as well as former NSA employees considered the files to be authentic, and earlier today the website The Intercept came with some unpublished Snowden documents that confirm the Shadow Brokers files are real.
Besides the accessible archive, Shadow Brokers also posted a file that is still encrypted, and for which the key would only be provided to the highest bidder in an auction. Would the auction raise 1 million bitcoins (more than 500 million US dollars), then Shadow Brokers said they would release more files to the public. This auction however is likely just meant to attract attention.
Update: Shadow Brokers, or people posing like them, posted an short announcement on Pastebin on August 28, and a third, long message including a “self-interview” on Medium.com on October 1. On October 15, a fourth message was published on Medium, saying that the auction was cancelled.
From the Snowden documents?
According to security experts Bruce Schneier and Nicholas Weaver the new files aren’t from the Snowden trove. Like most people, they apparently assume that Snowden took mostly powerpoint presentations and internal reports and newsletters, but that’s not the whole picture. The Snowden documents also include various kinds of operational data, but this rarely became public.
Most notable was a large set of raw communications content collected by NSA under FISA and FAA authority, which also included incidentally collected data from Americans, as was reported by The Washington Post on July 5, 2014. The Snowden documents also include technical reports, which are often very difficult to understand and rarely provide a newsworthy story on their own.
Someone reminded me as well that in January 2015, the German magazine Der Spiegel published the full computer code of a keylogger implant codenamed QWERTY, which was a component of the NSA’s WARRIORPRIDE malware framework. So with the Snowden trove containing this one piece of computer code, there’s no reason why it should not contain more.
Contradicting the option that the Shadow Brokers files could come from Snowden is the fact that some of the files have timestamps as late as October 18, 2013, which is five months after Snowden left NSA. Timestamps are easy to modify, but if they are authentic, then these files have to be from another source.
A second source?
This brings us to a number of leaks that occured in recent years and which were also not attributed to Snowden. These leaks involved highly sensitive NSA files and were often more embarrassing than stuff from the Snowden documents – for example the catalog of hacking tools and techniques, the fact that chancellor Merkel was targetedand intelligence reports proving that NSA was actually successful at that.
It is assumed that these and some other documents came from at least one other leaker, a “second source” besides Snowden, which is something that still not many people are aware of. The files that can be attributed to this second source have some interesting similarities with the Shadow Brokers leak. Like the ANT catalog published in December 2013, they are about hacking tools and like the XKEYSCORE rulespublished in 2014 and 2015 they are internal NSA computer code.
This alone doesn’t say much, but it’s the choice of the kind of files that makes these leaks look very similar: no fancy presentations, but plain technical data sets that make it possible to identify specific operations and individual targets – the kind of documents many people are most eager to see, but which were rarely provided through the Snowden reporting.
As mainstream media became more cautious in publishing such files, it is possible that someone who also had access to the Snowden cache went rogue and started leaking documents just for harming NSA and the US – without attributing these leaks to Snowden because he would probably not approve them, and also to suggest that more people followed Snowden’s example.
Of course the Shadow Brokers leak can still be unrelated to the earlier ones. In that case it could have been that an NSA hacker mistakenly uploaded his whole toolkit to a server outside the NSA’s secure networks (also called a “staging server” or “redirector” to mask his true location) and that someone was able to grab the files from there – an option favored by for example Edward Snowden and security researcher the grugq.
Diagram showing the various stages and networks involved
in botnet hacking operations by NSA’s TAO division
(source – click to enlarge)
Meanwhile, several former NSA employees have said that the current Shadow Brokers leak might not be the result of a hack from the outside, but that it’s more likely that the files come from an insider, who stole them like Snowden did earlier.
Of course it’s easier for an insider to grab these files than for a foreign intelligence agency, let alone an ordinary hacker, to steal them from the outside. But if that’s the case, it would mean that this insider would still be able to exfiltrate files from NSA premises (something that shouldn’t be possible anymore after Snowden), and that this insider has the intent to embarrass and harm the NSA (Snowden at least said he just wanted to expose serious wrongdoings).
Here we should keep in mind that such an insider is not necessarily just a frustrated individual, but can also be a mole from a hostile foreign intelligence agency.
On August 21, NSA expert James Bamford also confirmed that TAO’s ANT catalog wasn’t included in the Snowden documents (Snowden didn’t want to talk about it publicly though). Bamford favors the option of a second insider, who may have leaked the documents through Jacob Appelbaum and Julian Assange.
On Twitter, Edward Snowden said that “Circumstantial evidence and conventional wisdom indicates Russian responsibility”, but it’s not clear what that evidence should be. It seems he sees this leak as a kind of warning from the Russians not to take revenge for the hack of the Democratic National Committee (DNC) e-mails, which was attributed to Russian intelligence.
This was also what led Bruce Schneier to think it might be the Russians, because who other than a state actor would steal so much data and wait three years before publishing? Not mentioned by Schneier is that this also applies to the documents that can be attributed to the second source: they also pre-date June 2013.
A related point of speculation is the text that accompanied the Shadow Brokers files, which is in bad English, as if it was written by a Russian or some other non-western individual. This is probably distraction, as it looks much more like a fluent American/English speaker who tried to imitate unexperienced English.
The text also holds accusations against “Elites”, in a style which very much resembles the language used by anarchist hacker groups, but that can also be faked to distract from the real source (it was also noticed that the e-mail address used by Shadow Brokers (email@example.com) seems to refer to the manga Code Geass in which an exiled prince takes revenge against the “Britannian Empire”).
With the authenticity of the Shadow Brokers files being confirmed, the biggest question is: who leaked them? There’s a small chance that it was a stupid accident in which an NSA hacker uploaded his whole toolkit to a non-secure server and someone (Russians?) found it there.
Somewhat more likely seems the option that they came from an insider, and in that case, this leak doesn’t stand alone, but fits into a series of leaks in which, since October 2013, highly sensitive NSA data sets were published.
So almost unnoticed by the mainstream media and the general public, someone was piggybacking on the Snowden-revelations with leaks that were often more embarrassing for NSA than many reportings based upon the documents from Snowden.
Again, obtaining such documents through hacking into highly secured NSA servers seems less likely than the chance that someone from inside the agency took them. If that person was Edward Snowden, then probably someone with access to his documents could have started his own crusade against NSA.
If that person wasn’t Snowden, then it’s either another NSA employee who was disgruntled and frustrated, or a mole for a hostile foreign intelligence agency. But for an individual without the protection of the public opinion like Snowden, it must be much harder and riskier to conduct these leaks than for a foreign state actor.
Former NSA counterintelligence officer John Schindler also thinks there could have been a (Russian) mole, as the agency has a rather bad track record in finding such spies. If this scenario is true, then it would be almost an even bigger scandal than that of the Snowden-leaks.
During an FBI-led investigation of the ShadowBrokers leak, NSA officialsreportedly said that a former agency operative carelessly left the hacking tool files available on a remote computer, where Russian hackers found them. After this was discovered, NSA tuned its sensors to detect use of any of the tools by other parties, like China and Russia. But as that wasn’t the case, NSA did not feel obligated to warn the US manufacturers.
On October 6, 2016, The New York Times reported that on August 27, 2016, the FBI arrested 51-year old Harold T. Martin III, who worked at NSA as a contractor for Booz Allen Hamilton. In his home in Glen Burnie, Maryland, “many terabytes” of highly classified information was found, from the 1990s until 2014. Hal Martin was described as a hoarder, but so far, investigators are not sure he was also responsible for the various leaks that could not be attributed to Snowden.
Links and Sources
– TheWeek.com: How the NSA got hacked
– EmptyWheel.com: Where Are NSA’s Overseers on the Shadow Brokers Release?
– Observer.com: NSA ‘Shadow Brokers’ Hack Shows SpyWar With Kremlin Is Turning Hot
– TechCrunch.com: Everything you need to know about the NSA hack (but were afraid to Google)
– WashingtonPost.com: Powerful NSA hacking tools have been revealed online
– NYTimes.com: ‘Shadow Brokers’ Leak Raises Alarming Question: Was the N.S.A. Hacked?
– LawfareBlog.com: NSA and the No Good, Very Bad Monday
During the Cold War the United States never deployed nuclear weapons in Iceland but a recently declassified State Department record shows that U.S. government officials debated whether they should do so, including through secret deployments. A letter from a U.S. ambassador to Iceland in August 1960, published today by the National Security Archive, rejected such proposals, but the revelation of internal discussions on the subject ties in to the broader issue of the practice of U.S. nuclear deployments overseas during the Cold War.
The author of the recently released letter, U.S. Ambassador Tyler Thompson, was aware that Icelandic authorities wondered whether Washington had ever deployed nuclear weapons there. Recognizing that Iceland’s ties to NATO and the Western security system were fragile, he argued that if Reykjavik learned about a secret deployment, it could leave NATO. Furthermore, a “dramatic row” could “be expected to have an unfortunate effect on our friends and allies, to affect adversely our interests as far as neutrals are concerned, and to provide a propaganda field day for our enemies.”
|U.S. Ambassador to Iceland Tyler Thompson, whose long letter to the State Department raised critical questions about the possibility of secret nuclear deployments in Iceland (National Archives, Still Pictures Branch, RG 59-SO, box 17).|
All references to Iceland were deleted from the archival release of Thompson’s letter but his signature and other evidence confirms that the subject matter was Iceland. Further research indicated that nuclear weapons had been an issue in U.S. relations with Iceland since the Korean War when Icelandic officials asked whether the U.S. had deployment plans. Washington did not, but at the time Thompson wrote the letter U.S. officials were exploring nuclear storage options and secret deployments. Moreover, archival documents discovered by an Icelandic historian and published here today demonstrate that the United States had plans for at least one nuclear weapons storage site in the event World War III broke out.
Included in today’s posting are:
▪ A request for assurance in November 1951 by Foreign Minister Bjarni Benediktsson that the United States was not planning an “atomic base” in Iceland
▪ A State Department telegram from December 1951 authorizing the U.S. minister to assure Benediktsson that the United States “has no (rpt no) intention [of] going beyond letter or spirit of [the] defense agreement” which had been negotiated earlier in the year.
▪ A question posed by Foreign Minister Guðmundur Í. Guðmundsson to ambassador Thompson in June 1960: was the United States keeping atomic bombs at Keflavik air base or carrying them through the base in transit?
▪ A draft reply to Guðmundsson’s question indicating that nuclear weapons had not been deployed in Iceland but noting that CINCLANT [Commander-in-Chief, Atlantic Command] had a “requirement” for a nuclear weapons storage site.
That the United States never deployed nuclear weapons to Iceland is a settled issue. In 1998, Robert S. Norris, William Arkin, and this writer published an article in The Bulletin of Atomic Scientists in which they analyzed a recently declassified Defense Department history of U.S. nuclear deployments from 1945 to 1978. The study included several alphabetically arranged lists of nuclear weapons deployments in various parts of the world, including Western European members of NATO. Because many country and place names were excised the writers made educated guesses about some of them. One guess was Iceland. Certain details, such as Strategic Air Command activities during the 1950s, appeared to support the conclusion. The report in The Bulletin was widely publicized and when the news reached Iceland it created a political furor; the Icelandic government quickly denied the premise and the Clinton administration immediately supported the denial. In a significant departure from the usual “neither confirm nor deny” approach to nuclear weapons locations, the U.S. deputy chief of mission in Reykjavik declared that putting Iceland on the list of Cold War nuclear deployment sites was “incorrect.” Further research led to the identification of Iwo Jima as the deployment site.
The fact that the U.S. government never deployed nuclear weapons in Iceland does not mean, however, that it had no nuclear plans for Iceland. Previous research by Valur Ingimundarson and William Arkin demonstrates that during the Cold War Iceland was considered a potential storage site. As Ingimundarson discovered, at the end of the 1950s the U.S. Navy ordered the construction of a facility for storing nuclear depth bombs, an Advanced Underseas Weapons (AUW) Shop at the outskirts of Keflavik airport. The AUW facility was built by local Icelandic workers who thought its purpose was to store torpedoes. Whether Ambassador Thompson knew about it remains to be learned. During the 1980s Arkin reported that a presidential directive from the Nixon period treated Iceland as one of several “Conditional Deployment” locations, where nuclear weapons could be stored in the event of war. An AUW storage facility would make sense in that context. Nevertheless, all such arrangements were kept deeply secret because of the political sensitivity of the U.S. military presence in Iceland.
The heavily excised release of the Thompson letter suggests that the U.S. national security bureaucracy does not presently acknowledge that Iceland figured in American nuclear weapons planning during the Cold War. This is not surprising because the U.S. government has not acknowledged the names of a number of other countries which directly participated in the NATO nuclear weapons stockpile program during the Cold War (and later): Belgium, Greece, Italy, the Netherlands, and Turkey (only West Germany and the United Kingdom have been officially disclosed). As for Iceland’s status as a “conditional” deployment site, even though the horse left the barn years ago in terms of the previous archival releases, time will tell whether declassifiers take that into account when making future decisions on classified historical documents concerning Iceland and nuclear weapons.
|Pictured here is a MK-101 “Lulu” nuclear depth bomb. which the U.S. Navy could have deployed to a storage site at Kefllavik airport, Iceland, in the event of World War III. Weighing 1,200 pounds, with an explosive yield of between 10 and 15 kilotons, the Lulu was in service from the late 1950s to 1971. An air-dropped weapon designed for use by all Navy aircraft, Lulu would have been available to British, Canadian, and Dutch naval forces under NATO nuclear sharing arrangements. (Source: photograph by Mike Fazarckly at Nuclear Weapons: A Guide to British Nuclear Weapons. Thanks to Stephen Schwartz for pointing out these photos.)|
Document 1: U.S. Legation Reykjavik telegram number 82 to State Department, 18 November 1951, Secret
Source: U.S. National Archives, Record Group 59, Department of State records [RG 59], Central Decimal Files 1950-1954 [CDF], 711.56340B/11-1851
On 5 May 1951, Iceland and the United States secretly signed a defense agreement which became public just two days later. Under the agreement, the United States took over the defense of Iceland, a decision which local elites believed was necessary in light of the Korean War and Iceland’s historically disarmed status. The arrangement was nonetheless contentious for many citizens and by some accounts bordered on illegal; the three major non-Communist parties therefore agreed to keep parliament in recess to minimize controversy (when Iceland joined NATO in 1949, riots had broken out). Two days later, on 7 May, 300 U.S. troops arrived, the first of a contingent which the Icelandic government limited to a tightly sequestered 3,900 troops out of fear of adverse public reaction (to the point that Reykjavik successfully insisted on the exclusion of African-American soldiers).
While the fine print of the defense agreement was still being negotiated, in November 1951 Foreign Minister Benediktsson showed U.S. Chargé d’Affaires Morris N. Hughes a London Times article quoting Senator Edwin Johnson (D-CO) that Iceland, North Africa, and Turkey were better deployment sites for atomic weapons than the United Kingdom. To assuage the foreign minister’s concern that Communist Party members and other critics would exploit Johnson’s statement, Hughes recommended “official reassurance” that the United States had no plans to deploy atomic weapons in Iceland.
Document 2: U.S. Legation Reykjavik telegram number 85 to State Department, 24 November 1951, Secret
Source: RG 59, CDF, 711.56340B/11-2451
A few days after the above exchange, Benediktsonn told Hughes that he had showed him the Times article so he could tell “critics and worried colleagues” that he had immediately sought U.S. reassurances about U.S. atomic plans. When the foreign minister wondered whether an “appropriate quarter” could provide “some reassurance,” Hughes agreed to inform the State Department “of his anxiety.” The reference to McGaw is to General Edward John McGaw, the first commander of the Iceland Defense Force, the U.S. unified command which provided for Iceland’s military security from 1951 to 2006.
Document 3: U.S. Legation Reykjavik Despatch 198 to State Department, ““First Icelandic Reaction to Senator Johnson’s Statement on Atomic Bases,” 27 November 1951, Secret
Source: RG 59, CDF, 711.56340B/11-2751
Chargé Hughes reported that the Communist newspaper, Thjodviljinn [Will of the Nation] had commented on Senator Johnson’s statement, noting that the “Americans feel that it does not matter if Iceland should be subjected to the attack and horrors such bases would bring
upon the nation.”
Document 4: U.S. Legation Reykjavik telegram number 97 to State Department, 20 December 1951, Secret
Source: RG 59, CDF, 711.56340B/12-1951
With no answer to his question about atomic bases, Benediktsonn asked Hughes again about the problem, noting that Communist opponents could “embarrass” him.
Document 5: State Department telegram 98 to U.S. Legation Reykjavik, 21 December 1951, Top Secret
Source: RG 59, CDF, box 3180, 711.56340B/11-2451
Benediktsonn’s second query was the charm. Responding to Hughes’ message, a State Department telegram sent under the name of Secretary of State Dean Acheson warned that any public statements would violate the policy to “not deny or affirm rumors” about the locations of atomic weapons. That was a military necessity to prevent the Soviet Union from determining the “pattern” of U.S. defenses. Nevertheless, the Department authorized Hughes to inform Benediktsonn confidentially that the United States would “make no move without [the] full consultation and agreement” of Iceland’s government.
Document 6: U.S. Legation Reykjavik Despatch 238 to State Department, “Further Reaction to Threatened Use of Iceland as Atomic Base,” 29 December 1951, Secret
Source: RG 59, CDF, box 3180, 711.56340B/12-2951
Hughes provided a fuller account of his meeting with Benediktsonn on 20 December and of his efforts during the holidays to pass on the gist of the State Department message to the permanent undersecretary and then to the foreign minister himself at a dinner. Whether there were any follow-up discussions remains unclear because the records covering the 1952-1954 period in the 711.56340B decimal file series are missing from box 3181.
Document 7: U.S. Department of State Executive Secretariat, “Top Secret Daily Staff Summary,” 22 June 1960, top secret, excerpt
Source: RG 59, Executive Secretariat, Daily Staff Summary, 1944-1971, box 45, Daily Staff Summary, Top Secret, June 1960
According to the State Department summary of telegram 367 from the U.S. Embassy in Iceland, in light of the recent U-2 crisis, Foreign Minister Guðmundur Í. Guðmundsson asked Ambassador Thompson whether the United States had used Keflavik air base for U-2 flights, had stored nuclear weapons there or had moved them through Keflavik. While the Foreign Minister had not asked for assurances about advance agreement, according to the summary Thompson “feels that the storage of atomic warheads in Iceland without the latter’s prior agreement would be a mistake and suggests that, if we have no intention to do this, we so inform the Icelandic Government without awaiting its request to this effect.” This conversation is cited on the bottom of page 2 of the Tyler Thompson letter (Document 8) with the references to Iceland excised.
Documents 8A-B: Answer to Gudmundsson’s Questions
A: Draft telegram to U.S. Embassy Iceland, 24 June 1960, Top Secret
B: Draft telegram to U.S. Embassy Iceland, circa 1 July 1960, Top Secret
Source: RG 59, Bureau of European Affairs, Office of Atlantic Political and Military Affairs, Subject Files, 1953-1962, box 11, Iceland Keflavick [sic] Air Base
In response to Guðmundsson’s questions about U-2 flights and nuclear weapons, State Department officials prepared a response; the finished, delivered version remains classified in State Department decimal files, but drafts of the response are available, of which the one dated 1 July 1960 is probably close to what was sent. The ambassador could assure the foreign minister that the U.S. had not stored nuclear weapons in Iceland or shipped them through Keflavik airbase. But this information was not for public consumption because of the U.S. government’s “neither confirm nor deny” policy. In response to Thompson’s suggestion that the U.S. pledge that it would consult the Icelandic government in advance about nuclear weapons deployments, the State Department believed this would “not [be] desirable.” Before any assurances could be given the subject would need careful study in Washington; if asked for such assurances, Thompson was to tell Guðmundsson that he needed to seek instructions. Thompson’s letter (below) does not indicate that a follow-up conversation with Guðmundsson had occurred, only the possibility that he might ask the question about nuclear deployments again.
The 24 June draft telegram mentions the CINCLANT requirement for a nuclear weapons storage site and its ongoing construction but that item was dropped from the 1 July draft, perhaps because of its sensitivity. The final version of the telegram remains classified but has been requested.
Document 9: Ambassador Tyler Thompson to Ivan White, 5 August 1960, top secret, excised copy
Source: RG 59, DF 1960-1963, 711.5611-8560
Probably to respond to the issues raised by Guðmundsson’s questions, Deputy Assistant Secretary of State for European Affairs Ivan White sent Thompson a letter on 21 July 1960. It was one of those “official informal” communications then used by State Department officials to communicate with its embassies on matters that were too complex and sensitive to handle by telegram. White’s letter has not surfaced and is not indexed in the State Department decimal files. But judging from the tenor of Thompson’s reply, White may have asserted that the U.S. government was free to deploy nuclear weapons in Iceland without securing the agreement of Reykjavik. If that was the case, the Eisenhower administration had departed from the Acheson policy of assuring “full consultation and agreement.” It is possible that the previous ambassador, John Muccio, was the individual whom Thompson described as “recommending against prior consultation” out of fear that information about the deployment would leak to the Soviets.
If war was imminent or had broken out, Thompson believed that a secret emergency deployment would be permissible, but under peacetime circumstances he recommended seeking Iceland’s consent. Given that the Soviets probably suspected that Iceland was already a storage site, Thompson believed that it would be worse if the government of Iceland discovered a secret deployment; that would produce a diplomatic crisis, including Iceland’s possible withdrawal from NATO under protest. Moreover, “from the point of view of respect for the rights and sovereignty of [Iceland], the fact that it might not agree to the storage of nuclear weapons here could be considered as making prior consultations all the more necessary.”
To make deployments technically possible, Thompson suggested the construction of storage areas, but consulting the government if Washington ever wanted to use them. If war was approaching it would be possible to deploy weapons under emergency conditions because the possibility of objections would be “minimized.” If, however, the United States wanted to use the storage areas for actual deployments it should consult the Icelandic government. Thompson may not have been aware of the SACLANT storage site mentioned in the draft telegram cited above.
Thompson’s letter met with some internal criticism, mainly on the first page: a handwritten “no” next to his observation that U.S. nuclear weapons storage in NATO countries depends on the agreement of the country concerned; a question mark next to the comment about Canadian consent for storage of nuclear weapons in Canada; a comment “No! Canada on record,” suggesting that Ottawa would accept clandestine U.S. storage; and another comment which is harder to decipher: “tech … doesn’t get UK OK.”
For the archival release of this letter the State Department and the Defense Department justified the excision on two grounds. The State Department cited Section 3.3 (b) (6) of Executive Order 13526 – that declassification would “reveal information, including foreign government information, that would cause serious harm to relations between the United States and a foreign government, or to ongoing diplomatic activities of the United States.” The Defense Department cited exemption (b) (6), ruling that declassification would “reveal formally named or numbered U.S. military war plans that remain in effect, or reveal operational or tactical elements of prior plans that are contained in such active plans.” Whether the declassification of a document which is well over half a century old could have such impacts on U.S. diplomacy or military planning appears highly doubtful.
. William Arkin, Robert S. Norris, and William Burr, “They Were,” The Bulletin of the Atomic Scientists, November –December 1999, pp. 25-35; Arkin, Norris, and Burr, “How Much Did Japan Know,” The Bulletin of the Atomic Scientists, January-February 2000, pp. 11-13, 78-79.
 . Valur Ingimundarson, The Rebellious Ally: Iceland, the United States, and the Politics of Empire, 1945-2006(Dordrech, The Netherlands, 2011), 86; William Arkin, “Iceland Melts,” The Bulletin of the Atomic Scientists (50) January-February 2000, p. 80.
. One relevant item that could show up in box 3181 was published in the Foreign Relations of the United States: a memorandum to the Deputy Under Secretary of State on “Additional Military Operating Requirements in Iceland,” dated 12 June 1952. It briefly recounts the discussions with the Icelandic foreign minister and mentions a NATO request to the U.S. and the Government of Iceland for a strategic air base in Iceland, but any further discussion of nuclear weapons was excised in the FRUS volume.