• United States



Christopher Burgess
Contributing Writer

Reality Winner pleads guilty to revealing NSA secrets

News Analysis
Jun 28, 20184 mins
Data and Information SecurityData BreachSecurity

Reality Winner, who was charged with giving a classified NSA report to the Intercept, pled guilty to sharing National Defense information.

reality winner nsa contractor
Credit: Lincoln County, Georgia, Sheriff's Office/Handout via REUTERS

The saga of the Reality Winner and her revelation of National Security Agency (NSA) classified material to the public through online media outlet the Intercept finally came to a close. Winner pled guilty to the charges on June 26, 2018.

This plea comes some 13 months after she read, printed and then stuffed the documents into her pantyhose to escape detection as she left her classified workspace at Fort Gordon, a U.S. Army post in Augusta, Georgia. Winner, a contractor for Pluribus International, provided support to NSA.

Winner gives NSA document to the Intercept

Monday, June 5, 2017, wasn’t necessarily a banner day in the life of Winner.

The top secret document that she had secreted out of her work place and mailed to the Intercept was published by the Intercept under the headline: “Top-Secret NSA Report Details Russian Hacking Effort Days Before 2016 Election” The five-page document was stored to DocumentCloud by the Intercept with portions redacted. The Intercept noted that they had received the document anonymously, but they had independently authenticated its authenticity.

When fact checking burns your source

We were to learn that the Intercept’s effort to authenticate the document included contacting NSA and the director of National Intelligence. The Intercept was asked by NSA not to publish, and when they declined, they were then asked to redact portions (which they acquiesced).

Unbeknownst to the Intercept, their “fact checking” on June 1 also served to burn their source, Reality Winner.

Basic data forensics

The document the Intercept handed to NSA allowed the NSA to determine that while many had access to the report, and had read the report, only six individuals had also printed the report. With a pool of six trusted insiders to sort through, it was determined in short order via a review of internal email archives that of those six, only one, Winner, had attempted contact with the Intercept. Their work was done.

FBI engages 

On June 3, 2017, the FBI interviewed Winner. During the interview, she initially denied everything, but eventually came around to describing how she had read the document, printed the document, folded the document in half, and shoved it into her pantyhose so as to avoid detection should she be subjected to a random bag inspection on her way out the door. You see, the FBI special agents interviewing Winner were able to describe the physical document that the Intercept had shown the NSA on June 1, 2017. They had a criminal complaint under seal and an arrest warrant at the ready. 

Winner was then arrested. 

On June 5, 2017, Winner, while sitting in a cell, learned that the Intercept had published the document, and the world learned that she had just revealed some of what the NSA knew about the Russian active measures during the 2016 Presidential election.

This revelation, no doubt, allowed the Russians to make an adjustment, and caused the NSA to lose visibility into these efforts — the unintended consequences of one’s breaking trust and unilaterally deciding what should and shouldn’t be classified.  

On June 7, 2017, a grand jury returned an indictment on one count of “Willful Retention and Transmission of National Defense Information.” At her arraignment, Winner pleaded not guilty.

CIPA applies

As is the norm in cases in which classified materials are at the heart of the case, the court process falls under the Classified Information Procedures Act (CIPA), and an entire protocol between the defense and the U.S. Attorney’s office is dictated to include the assignment of a “Classified Information Security Officer” and alternates. This case was no different.

The defense took the “scorched earth tact” in requesting subpoenas to bring multiple states, intelligence organizations, and contracting firms involved in the cybersecurity arena into the court room in defense of Winner’s actions.

Perhaps the logic was that the government would settle rather than have the testimonies of the requested parties be shared. The defense’s request was denied.

Fast forward to June 26, 2018 — Guilty plea day

Winner filed a request to adjust her plea and changed her plea to guilty on the one count of the indictment. Her action effectively closes out the case, and she avoids a trial.

The plea agreement is not available for perusal at this time, most likely due to the constraints of the CIPA aspect of the case.

Winner’s sentencing will come at a future date.

Christopher Burgess
Contributing Writer

Christopher Burgess is a writer, speaker and commentator on security issues. He is a former senior security advisor to Cisco, and has also been a CEO/COO with various startups in the data and security spaces. He served 30+ years within the CIA which awarded him the Distinguished Career Intelligence Medal upon his retirement. Cisco gave him a stetson and a bottle of single-barrel Jack upon his retirement. Christopher co-authored the book, “Secrets Stolen, Fortunes Lost, Preventing Intellectual Property Theft and Economic Espionage in the 21st Century”. He also founded the non-profit, Senior Online Safety.

More from this author