How U.S. Spies Tried And Failed To Retrieve Stolen Cyberweapons NPR's Lulu Garcia-Navarro talks to New York Times reporter Matthew Rosenberg about his story on the U.S. government's bungled attempt to reclaim stolen cybersecurity weapons from Russian operatives.

How U.S. Spies Tried And Failed To Retrieve Stolen Cyberweapons

  • Download
  • <iframe src="" width="100%" height="290" frameborder="0" scrolling="no" title="NPR embedded audio player">
  • Transcript


A Russian operative, a suitcase full of cash, a secret meeting in Germany, stolen cyber weapons and alleged dirt on the president. In a New York Times story that broke late last week, reporter Matthew Rosenberg tells this tale of American spies who were rolled by the Russians. He joins us now to explain. Good morning.

MATTHEW ROSENBERG: Morning. How are you?

GARCIA-NAVARRO: Quite a story. And it begins with the NSA losing a set of secret hacking tools. Can you briefly remind us what happened?

ROSENBERG: So over the last two or three years, the NSA has lost - it's not just a set - pretty much their entire toolkit from the last few years of malware and other tools that were developed to break into Chinese and Russian networks. And this was, like, a staggering loss for the agency. In early 2017, they were struggling just to figure out what's missing. They knew this group called The Shadow Brokers was selling off bits and pieces of it. But they didn't even know exactly which tools were out in the wild. And that was the idea. If this guy who's offering to sell us a whole set of them - we can buy back things. Maybe it's not everything. But we'll see things that we didn't know were lost. And we can take protective measures.

GARCIA-NAVARRO: So the Americans didn't know what they'd lost. There was this shadowy Russian, as you describe him, coming with an offer. What exactly was he offering?

ROSENBERG: So the Russian was somebody the American intelligence had dealt with before. He had some connections both to the cyber kind of criminal underworld, into Russian intelligence. He originally was offering a whole set of these hacking tools and other tools that had been stolen from the CIA and ended up in WikiLeaks' hands. Then, you know, the Americans say, OK, we're interested. They start negotiating. And then he says, oh, by the way, I have all this material on President Trump.

GARCIA-NAVARRO: And you mentioned in this that it's information on associates like Carter Page and the billionaire Republican donors Robert and Rebekah Mercer, how did the agents respond to that when they got that information?

ROSENBERG: They didn't want it. You know, the American intelligence takes very seriously this idea that you're not out looking for dirt or spying on Americans. And by all accounts, they said, look. We want these hacking tools. We don't want that.

GARCIA-NAVARRO: All right. And the story sort of goes on to say that earlier this year, basically, the agents paid $100,000 and didn't get anything. So why - what is the thinking now about why this Russian agent was peddling Trump information instead of cyber weapons?

ROSENBERG: Well, when they paid the $100,000, he ended up giving them a bunch of the Trump stuff they said they didn't want. You know, the intelligence committee never took that material. And the thinking now is that this was either an operation by Russian intelligence to try and sow some more disorder - get some more information into the U.S. government, maybe turn Trump against the intelligence agencies, maybe get it public and just kind of deepen our political divide. I think, you know, the Russians looked around. And the interference they did has really set off political issues here. And they're opportunistic. They're looking to kind of create more dissension.

GARCIA-NAVARRO: All right. Where are those documents now? I mean, they actually did hand over something. Who has them?

ROSENBERG: It's supposedly a significant cache. There are bank records in there. It's with an intermediary the Americans use. An American businessman - he's got them in Europe. We don't really know what's in them. And we really won't know unless the intelligence community or Congress gets a hold of it, and they're assessed.

GARCIA-NAVARRO: So we don't know even if it's true, what they have.

ROSENBERG: No. Some of it might be fabricated. But some of it very well may be genuine.

GARCIA-NAVARRO: All right. President Trump tweeted your story yesterday - I'm sure you know that. And he implied that it's proof of a deep state plot against him, which is something that he's talked about. What's your response to that?

ROSENBERG: I think it looks to be the exact opposite. The American spies were like, thank you, no. We prefer not to have that. They kept negotiating because they really wanted these hacking tools back. They really wanted to unravel the mystery of how these tools had gotten out, how - what was missing and maybe who was behind it.

GARCIA-NAVARRO: All right. So what does your story show if it doesn't show that?

ROSENBERG: I think it shows that, you know, look. Russia interfered in the election. They're still at it. The president may deny it. But everyone in the intelligence committee believes it. And there's a lot of evidence that it's going on. And this was another piece of that. That's what it looks like.

GARCIA-NAVARRO: And also that these hacking tools are still out there. I mean, that is an extraordinary thing...

ROSENBERG: Oh, yeah. And they've...


ROSENBERG: They've been using - the last year, they helped shut down British hospitals. They created problems with FedEx. You know, hackers are taking these tools and building new malware with them. They're incredibly powerful, some of them.

GARCIA-NAVARRO: All right, that's Matthew Rosenberg with The New York Times. Thank you so much for joining us.

ROSENBERG: Thank you.

Copyright © 2018 NPR. All rights reserved. Visit our website terms of use and permissions pages at for further information.

NPR transcripts are created on a rush deadline by an NPR contractor. This text may not be in its final form and may be updated or revised in the future. Accuracy and availability may vary. The authoritative record of NPR’s programming is the audio record.