Capture_decran_2012-10-06_a_15.27.04
Atanas Tchobanov (left) and Assen Yordanov Photo: Andy Greenberg

The WikiLeaks Copycat That Worked

The following is the first of three articles adapted from Andy Greenberg’s This Machine Kills Secrets: How WikiLeakers, Cypherpunks, and Hacktivists Aim To Free the World’s Information,out now from Dutton.

Atanas Tchobanov doesn’t look much like Julian Assange. The smallish Bulgarian man has a shaved head, elfin ears, and a perpetual few days’ growth of salt-and-pepper stubble. When we meet in front of the roaring Fontaine St. Michel in Paris in the summer of 2011, he wears a T-shirt promoting Bivol, the tiny news site that he co-founded, with its logo of a Bulgarian buffalo and its slogan in Cyrillic: “Horns ahead!”

But when we sit down at a café outside the Sorbonne University nearby, he flashes an Assange-like impish smile, and for an Assange-like reason: Apart from his day job at Bivol, Tchobanov is the co-founder of BalkanLeaks, the closest thing Eastern Europe has to its very own WikiLeaks. And BalkanLeaks is on a roll.

“We just got two new leaks,” he says in an accent that has layers of French and Bulgarian. “And they’re good ones.”

In the months leading up to our meeting, WikiLeaks’s slow release of a quarter million secret State Department memos from around the world had inspired a sudden flood of copycats. I had set out to find out which ones could actually replicate and systematize WikiLeaks’ work among the crowd of imitators: BaltiLeaks, BritiLeaks, BrusselsLeaks, Corporate Leaks, CrowdLeaks, EnviroLeaks, FrenchLeaks, GlobaLeaks, Indoleaks, IrishLeaks, IsraeliLeaks, Jumbo Leaks, KHLeaks, LeakyMails, Localeaks, MapleLeaks, MurdochLeaks, Office Leaks, Porn WikiLeaks, PinoyLeaks, PirateLeaks, QuebecLeaks, RuLeaks, ScienceLeaks, TradeLeaks, and UniLeaks, to name a few.

Mainstream media outlets like the Wall Street Journal, Al Jazeera, and Sweden’s public radio service had set up their own experimental leak portals. Hackers within Anonymous launched HackerLeaks. The leaking scene had become so crowded that two environmentally focused sites, GreenLeaks.com and GreenLeaks.org, threatened legal action against each other over the rights to the name.

As Nation blogger Greg Mitchell noted, only one thing was missing from this newborn leaking movement: leaks.

Nearly all of the copycat sites were publishing little or nothing. Even WikiLeaks’ own anonymous submission system had been shut down after the mutiny of several of the site’s engineers. The newborn leaking movement had found itself in a drought. With one exception.

In December 2010, BalkanLeaks had come online, with a slogan across its masthead: “The Balkans aren’t keeping secrets anymore.” When I checked out the site, I saw that it used the well-tested anonymity software called Tor for submissions, a rare sign of security smarts among the new crop of copycats. But otherwise it resembled all the other obscure and leakless WikiLeaks wannabes from Brussels to Jakarta.

Later that month, BalkanLeaks posted a Microsoft Word file with a note saying that the document had been submitted to the site’s Tor server. It was an agreement from the Bulgarian Department of Energy outlining the construction of a nuclear power plant as a joint project of Russia and Bulgaria, with no clear evidence of corruption. Hardly the world’s juiciest leak.

Just days later, another document appeared on the site, again obtained through Tor. This one was a letter from one prosecutor to another, including a list of 30 Bulgarian names, all the prosecutors and judges in the highest levels of the country’s courts who were also Freemasons. “It is not illegal [to be a Freemason],” BalkanLeaks’ note in Bulgarian posted with the document read. “But does their oath to protect the public interest take precedence over their oath to the ‘brotherhood’? Perhaps the chairman of the Ethics Commission, Tsoni Tsonev, who is a member of the Masonic lodge, has an answer to this question.”

Bulgaria’s contribution to the leaking movement was warming up.

The next leak came shortly after, and it was a whopper: 100 pages of documents. They represented the full transcript of hours upon hours of wiretaps in a bribery case against Bulgaria’s former minister of defense, a judge, and the former secretary general of the Ministry of Public Finance. They contained frank discussions of how much every level of the judiciary demanded in bribes for various matters, so many hundreds of Bulgarian lev for this crime, so many thousands for this contract. “This is the first publication of the full texts of these recordings, which are a true guide to the methodology of bribery in the judiciary,” BalkanLeaks’ representatives wrote.

The site had its first real scoop, and the lone Bulgarian trickle of leaks kept flowing. A few months later, the site published a Greek criminal complaint against a high-level Bulgarian prosecutor. Then transcribed, suppressed testimony of a witness saying that he had been pressured by a prosecutor to change his opinion in a Sofia real estate case. Then a list of the partial names and identification numbers of 37 previously unexposed ex-members of the Darzhavna Sigurnost, Bulgaria’s brutal secret police during the country’s Communist era. BalkanLeaks had arrived: a lone beacon of success in the leaking diaspora.

All of which is what brought me to a café outside the Sorbonne to meet this shorter, Slavic version of Julian Assange. Of the two leaks that Tchobanov has obtained just before our Paris meeting, one is disappointlingly tame: the budget for the national Bulgarian railways, showing that they’re deeply in debt.

The other is significantly more interesting. It’s the full transcript of the trial of Angel Donchev, a Bulgarian prosecutor who was recently found guilty of blackmailing another prosecutor, threatening him with a corruption investigation and a raid by the dreaded antimafia police known as the “berets.”

“Juicy stuff,” says Tchobanov with a tilt of his head and a giggle.

And how did BalkanLeaks succeed where the rest of the WikiLeak-alikes failed? Partly, perhaps, through Tchobanov’s sterling reputation in Bulgaria, as well as that of his in-country partner, Assen Yordanov. Both BalkanLeakers are seen as incorruptible reporters in a country where most are either “scared or bought,” as Tchobanov puts it. Bulgaria languishes near the bottom of Reporters Without Borders’ press freedom list among EU countries, and has a long tradition of violence against journalists, from the Ricin-tipped umbrella that poisoned Bulgarian dissident Georgi Markov in 1978 to the fatal shooting of mafia-focused reporter Bobi Tsankov in 2010.

But Tchobanov attributes the leak site’s rare success to its religious adherence to strong anonymity—the same faceless online whistleblowing used by WikiLeaks to lend new courage to leakers. No submissions are accepted via e-mail, Facebook messages, or the chat protocol IRC; they are accepted only through its cryptographically anonymous Tor server, which requires leakers to run the Tor anonymity software to upload documents. “Tor is not friendly,” says Tchobanov. “We wrote a detailed explanation of how to install it, how to connect, and so on. But it’s something pedagogical. We have to teach people to use anonymity, force them to use it.”

He admits that the system’s inflexibility has likely turned some leakers away. “In the end, we chose less usability and more anonymity. And it worked. We got submissions. In the long run, it pays to have that confidence. We became trusted because we don’t give away our sources. Because we don’t even know who they are.”

How To Leak a Secret in Bulgaria

The following is the second of three articles adapted from Andy Greenberg’s This Machine Kills Secrets: How WikiLeakers, Cypherpunks, and Hacktivists Aim To Free the World’s Information,out now from Dutton. Read the first part here.

When Assen Yordanov ended his career as a buffalo shepherd and became an investigative reporter, one of his early scoops involved sneaking into to an illegal cigarette factory north of his hometown of Burgas in 1995. Yordanov’s story led to the factory’s shutdown and a two-year police investigation, but no arrests. He did, however, receive his first death threat, a letter warning him to “reserve a place in the cemetery for his tomb.” And he made his first acquaintance with Bulgaria’s most powerful man.

“One of those men involved in this factory that I exposed was Boyko Borisov,” Yordanov told me when we met in a sunny café in the Bulgarian Black Sea resort town of Varvara. Yordanov is a broad-shouldered man in a black T-shirt, with a half-week’s worth of stubble, and he’s taken off his pair of scuffed Oakley knockoffs to show me the serious expression behind them. “Today, he is the prime minister of Bulgaria. And sixteen years ago I showed that he is a criminal.”

In 1995, Yordanov’s accusations against Borisov hadn’t stuck. In 2011, with the help of WikiLeaks’ model of anonymously leaked documents, he would have another shot.

Yordanov and his smaller, techier partner Atanas Tchobanov met in 2008, when Tchobanov, a Bulgarian expatriate in Paris working with Reporters Without Borders, interviewed Yordanov about a knife ambush that had nearly killed Yordanov outside his home in the eastern Bulgarian city of Burgas.

Yordanov believed the attackers were linked with a story about corrupt real estate deals he had written. But he had no intention of backing down. Instead, he wanted Tchobanov to help him go further, to launch their own investigative news website. They called it Bivol, the Bulgarian word for Yordanov’s favorite animal, the buffalo. And despite running it with near-zero budget, the rare independent Bulgarian media outlet had immediate impact. Rumiana Jeleva, Bulgaria’s foreign minister, was set to be confirmed as a representative of the European Commission. Yordanov and Tchobanov helped to uncover financial ties she had failed to disclose, showing that she continued to own a consulting company long after she had claimed to have no interests in it. The story contributed to an investigation of Jeleva that was picked up in foreign media and finally led to her resignation from not only the EU post, but also her ministry position.

But Tchobanov could sense that Yordanov’s traditional breed of muckraking was endangered: In September of 2008, the journalist Ognyan Stefanov had been stopped outside a Sofia restaurant one night and brutally beaten with hammers and steel bars, left for dead with broken arms and legs and a severe concussion that he barely survived. In this case, the attack had a new twist: The victim had attempted—and failed—to remain anonymous.

Stefanov was secretly the editor of the blog Opasnite Novini—“Dangerous News”—that 10 days before had published a story based on a leak that showed officials in the new intelligence agency DANS were involved in a smuggling ring. DANS, whose name translates to “National Security Agency,” had been formed the same year, supposedly to fight organized crime. Somehow it had identified Stefanov.

In a government investigation that followed Stefanov’s beating and through more anonymous leaks to the press, DANS was revealed to be engaged in mass wiretapping of journalists and government officials. (By 2010, the Bulgarian government would perform around 15,000 wiretaps annually, close to 200 times the number per capita reported in the United States that year.) The mass surveillance and intimidation tactics of the Communist-era Darzhavna Sigurnost were alive and thriving.

Tchobanov knew that Bivol needed new ways to protect itself and its sources. So he simply typed “anonymous submissions” into Google. Soon he began to discover the cypherpunks’ many gifts to journalists: the email encryption program PGP, Off-the-Record encrypted instant messaging, the anonymity software Tor. And WikiLeaks.

The Bulgarian technophile was immediately fascinated by the site’s technical methods and utter fearlessness. He began to monitor its leaks closely, and even experimented with uploading an unverified document that a source had sent him, in the hopes that this mysterious group might be able to authenticate it and publish it to a global audience. The document, written in Bulgarian, never surfaced on the site.

It was only after the Cablegate release that Tchobanov began to consider the full power of WikiLeaks’ model—not just to protect journalism, but potentially to advance it. In a Skype chat with a few other journalists and technologists who worked on and off with Bivol, they proposed the idea of a leaking site that would publish locally focused documents that WikiLeaks wouldn’t, a leaking syringe targeted at the Balkans and its neighbors rather than a hose aimed at the world at large: BalkanLeaks. Within days, they had registered the URL and set up an SSL-encryption-protected site and a Tor Hidden Service in an OVH data center in the French city of Roubaix, the same one that briefly housed WikiLeaks’ publications until they migrated to Sweden.

To Tchobanov and Yordanov’s delight, the documents flowed into BalkanLeaks’ submissions portal immediately, from the nuclear power agreement to the judicial bribery tapes: solid, irrefutable primary-source evidence obtained with cryptographic anonymity.

But the Bulgarians, like Julian Assange, weren’t merely seeking to prove the power of cryptography and anonymity to slice through institutional secrecy; like all good journalists, they were on the scent of the biggest possible stories—and they smelled them hidden deep in the still-unpublished majority of the WikiLeaks cables, a trove of documents that, as Bradley Manning had promised in his leaked chat logs, affected every country in the world.

In February of 2011, nearly three months after Cablegate began, only 5,000 of the quarter million cables had actually been leaked. WikiLeaks lacked the necessary manpower to read the endless memos and redact the names of at-risk sources, and had put out a call on its Twitter feed for more media organizations to participate. Tchobanov emailed a plea to a WikiLeaks contact to give the 978 cables from the embassy in Sofia to Bivol. No response.

One released cable in particular had tantalized and galled Tchobanov and Yordanov: It was a 2005 briefing by U.S. Ambassador James Pardew on the state of organized crime in Bulgaria and its extraordinarily cozy ties to government. But after the memo’s redactions by WikiLeaks’ partners at the Guardian, it contained no specific names of Bulgarians. The Guardian had used the cable to construct a story on Russian influence in Bulgaria’s mafia world, but hadn’t been able to confirm any of the allegations against Bulgarians themselves. So the paper simply snipped huge portions of the text, mostly from a section titled “Who’s Who in Bulgarian Organized Crime.” Of the cable’s original 5,226 words, all but 1,406 were missing.

Luckily for Tchobanov and Yordanov, WikiLeaks’ control of the cables was itself beginning to spring leaks. One of the group’s erstwhile partners, a freelance journalist and controversial Holocaust denier named Israel Shamir, had obtained a portion of the unredacted cables and was using them to write stories for the Moscow magazine Russian Reporter. Tchobanov wrote him an email in February asking about the contents of the Bulgarian cable. To his surprise, Shamir soon responded with the full text. A few days after the Guardian’s Bulgaria story, the Norwegian newspaper Aftenposten announced that it had also inexplicably gained access to the full set of cables. So Tchobanov wrote to Aftenposten, asking the papers’ editors to verify the text that Shamir had sent him. They wrote back, confirming that Shamir’s slice of the megaleak was the real deal.

The unredacted cable was an encyclopedia of Bulgarian organized crime, with entries for every major group: gangs with names like Multigroup, Intergroup, TIM, the Union of Former Commandos, and the Amigos. It cataloged their involvement in all flavors of crime from tax fraud to smuggling, extortion to sexual slavery. It followed the flow of money to every major political party, and named government officials who openly consorted with the groups or had made the transition from mafioso to politician. The cable named towns like Svilengrad and Velingrad that were controlled entirely by mafia-cum-government.

Bivol published a story on the report, titled simply “Bulgarian Organized Crime, Uncensored.” Other Bulgarian newspapers picked up on the story. One, the paper Capital, headlined it simply “Black and White”; the cable had confirmed in stark terms all the corruption that had been suspected for years. As usual, no one was indicted, perhaps the strongest evidence of all of the government’s symbiosis with criminals.

For Bivol, the most important reaction came from WikiLeaks itself. The group published the unredacted version of the cable on its site rather than the version of the cable that had been gutted by the Guardian, and accused the newspaper on its Twitter feed of “cable cooking.”

Tchobanov wrote to WikiLeaks again, suggesting that instead of the Guardian, the group hand all of its Bulgarian cables to Bivol. This time WikiLeaks’ staff wrote back, asking for time to look into Bivol’s background and to learn more about Tchobanov and Yordanov.

Three weeks later, they got their response: an invitation to Ellingham Hall in the U.K. for a meeting with Julian Assange.

MondayBalkanLeaks obtains and publishes Bulgaria’s own Watergate—and tests the limits of the media’s power to fight a fundamentally corrupt government.

If Woodward and Bernstein Were Bulgarian

The following is the third of three articles adapted from Andy Greenberg’s This Machine Kills Secrets: How WikiLeakers, Cypherpunks, and Hacktivists Aim To Free the World’s Information,out now from Dutton. Read the first part here and the second part here.

 When Atanas Tchobanov and Assen Yordanov set out to meet Julian Assange, their first hours in England went badly. Yordanov left his laptop in an overhead bin on the airplane and they spent hours trying to retrieve it from the airline. The Bulgarian pair got lost on the drive from London to Norfolk after Tchobanov’s GPS stopped working. And on one of the roundabouts, Tchobanov forgot to drive on the left and caused a minor collision with an oncoming car.

When they finally reached Ellingham, they found the WikiLeaks founder dressed in a gray suit and in a dour mood. He seemed preoccupied, Tchobanov and Yordanov remember, with his legal fate and the financial industry’s ongoing blockade choking donations to WikiLeaks.

Assange also worried that the pair, like WikiLeaks’ rogue partner Israel Shamir, might redistribute the cables willy-nilly, and had prepared a contract that held them responsible for redacting names of sensitive State Department sources before publishing the cables. It also stipulated that they only access the unredacted files from a computer with no Internet connection.

But the Australian WikiLeaks founder also praised BalkanLeaks, Yordanov and Tchobanov told me. He said he had looked over the submission site’s security and approved of its simple rigor. And he seemed to enjoy the homemade rakija that Yordanov had presented him as a gift. “By the time we opened the second bottle, I knew that he would give us the documents,” says Yordanov with a grin. They made arrangements to hand over the Bulgarian embassy files securely, and returned home.

When they accessed the full documents back in Burgas a month later, they found the wealth of scandals they had hoped for. One cable showed that Bulgarian officials in the United States had accumulated parking tickets totaling more than $400,000, so many that the United States had threatened to withhold nearly half a million dollars in aid until they were paid. One cable listed all the Bulgarian banks that engaged in money laundering and corrupt loans.

And then they came upon the greatest prize of all, a cable that dealt with the same subject Yordanov had first tackled 16 years earlier: Boyko Borisov, Bulgaria’s prime minister.

It was a 2006 memo from the U.S. ambassador in Sofia, John Beyrle, on the subject of Borisov, predicting his run for the prime minister post and titled “Bulgaria’s Most Popular Politician: Great Hopes, Murky Ties.”

The cable began by describing Borisov as “implicated in serious criminal activity” and maintaining “close ties to Lukoil and the Russian Embassy.” It then tells Borisov’s entire life story, starting with his youth as a “neighborhood tough” in a gang on the edges of Sofia, how he founded a private security firm “and built it into one of the biggest in the country at a time when ‘private security’ was synonymous with extortion and strong-arm tactics,” as the cable reads. As chief secretary, he reportedly paid cash for positive press coverage and threatened journalists who criticized him.

Then the cable comes to another section labeled “The Dirt.”

Accusations in years past have linked Borisov to oil-siphoning scandals, illegal deals involving LUKoil and major traffic in methamphetamines. … Borisov is alleged to have used his former position as head of Bulgarian law enforcement to arrange cover for criminal deals, and his common-law wife, Tsvetelina Borislavova, manages a large Bulgarian bank that has been accused of laundering money for organized criminal groups, as well as for Borisov’s own illegal trans- actions. Borisov is said to have close social and business ties to influential Mafia figures, including Mladen Mihalev (AKA “Madzho”), and is a former business partner of [organized crime] figure Roumen Nikolov (AKA “the Pasha”).

“We should continue to push him in the right direction,” the cable concludes. “But never forget who we’re dealing with.”

If a single document could ever be Bulgaria’s Watergate, this was it. And two journalists from a news website that no one had ever heard of were about to publish it.

In December 2010, just as the first rounds of WikiLeaks’ State Department Cables were metastasizing around the Internet, I spoke with Evgeny Morozov, a Belarusian academic and writer with a famously pessimistic attitude toward the Internet’s ability to democratize global politics. Instead, he believes digital tools have only tightened governments’ control over their citizens.

I ask him about WikiLeaks, and whether it might be an exception to his rule. He thinks not. “Information can embarrass governments, but you have to look at the nature of governments as well as the nature of information to measure this embarrassment factor,” he answers.

In Russia or China, he specifies, corruption is already an open secret. “Just go and take photos of their villas and the summer houses they buy with their state salaries,” he says. “It’s already in the open, but exposure by itself in these countries doesn’t lead to democratic change.”

And what about BalkanLeaks, the Bulgarian site that at that time was just starting to get its hands on some juicy documents? Bulgaria is a subject Morozov knows well: He studied for several years at the American University in Blagoevgrad.

“I don’t know what information you could publish to embarrass the Balkans. It’s a tough one,” he says. “There’s an environment that’s so suffused with cynicism toward politicians that to me it’s hard to imagine what kind of stuff would need to be leaked.”

In May 2011, BalkanLeaks put that cynicism to the test. It published the words of the U.S. ambassador that labeled Bulgaria’s prime minister a criminal several times over. The news reverberated around the country’s blogs and was written up in several newspapers.

And then, as Morozov predicted, very little happened.

In a display of frantic backpedaling, the U.S. embassy in Sofia released a statement backing Borisov. “While we cannot comment on the content of alleged classified materials which may have been leaked, we would like to underscore that the U.S. and Bulgaria share an excellent relationship and that our high level of bilateral cooperation speaks for itself.”

Borisov himself angrily told one reporter who asked about his ties to Lukoil that “I do not read WikiLeaks,” and “will not comment on yellow press publications.”

Soon the usual politics kicked in. The opposition party demanded a probe into the accusations. Borisov’s own party emphasized that the report’s release was an underhanded move timed to influence local elections. The country’s top prosecutor, Boris Velchev, refused to pursue the case. “If we allow an investigation to be opened on mere allegations, can you imagine what country we would be turning into?” he asked rhetorically.

Borisov, it seemed, had emerged with hardly a scratch.

A few months after that miniscandal, I ask Tchobanov if he’s satisfied with the results of his leaks. “Yes, I am quite satisfied with the impact,” he answers without hesitation. Several judges have been pushed out by various means since BalkanLeaks’ reports on bribery and the Masonic lodge, what he sees as internal housecleaning. And since the cable publication on the country’s prime minister, Borisov hasn’t been invited to meet with any other European leaders one-on-one, he says—they don’t want to be seen shaking hands with an “Armani-clad tough guy,” as the U.S. ambassador once secretly described him in a memo.

The former minister of defense and two other officials exposed in BalkanLeaks’ early wiretapping transcripts have been charged with bribery, and their prosecution is ongoing. Others, like the prosecutor blackmailed by Angel Donchev, and another who pressured a witness to change his testimony in a real estate case, haven’t been charged with crimes.

On a larger scale, the leaks may have also contributed to a decision by the Netherlands and Finland to veto Bulgaria’s accession to the EU’s visa-free Schengen travel zone based on concerns about organized crime—a clear sign from Bulgaria’s neighbors that it must clean up its mafia taint.

But didn’t Tchobanov hope that the cable about Borisov would lead to his resignation? The soft-spoken Bulgarian asks for patience. He says that the full influence of the report still isn’t clear. “It’s a slow process. With the Pentagon Papers, nothing happened at first. But eventually there was Watergate,” he says. “First they ignore it, they fight it, then they finally accept it as evidence.”

I offer the adage attributed to Mahatma Gandhi: “First they ignore you, then they laugh at you, then they fight you, then you win.”

“No,” Tchobanov responds without looking at me. “Sometimes you lose.”

On my last day in Varvara, Tchobanov, Yordanov, and a group of friends invite me to go sailing in the Black Sea on a small boat with “Moby Dick” written on its side in Cyrillic. We drop anchor in a shallow cove with an isolated beach in the distance, populated by only a single tent and a pirate flag planted in the sand.

He points off in the distance to a complex of unfinished four-story buildings on a cliff beside the beach, modern structures with diagonally expanding floors that lean out over the sea, with a round, bare concrete tower at their center.

Yordanov explains that a story he wrote for the newspaper Politika exposed what would have been a luxury apartment development there as illegal construction, part of the series of investigations that eventually led to his being attacked by a group of thugs in Burgas. The news resulted in a government order to halt the construction we’re looking at. If not for that story, he says, the beach below would have been developed as private land.

“I’m very proud my investigations can save this beach,” says Yordanov. “I’m very proud of my work.”

Since Yordanov’s exposé, the apartments’ massive concrete skeleton has been left to rot. No one is allowed to finish building it, but no one has bothered to remove its carcass either. It stands instead as an enormous concrete Acropolis, a monument to a country caught between its impulse to develop and the corruption it can’t escape. As we climb back into the Moby Dick and sail toward Varvara, the newly constructed ruins loom over us from the cliff face and then recede into the distance.

Capture_decran_2012-10-06_a_15.25.20
Moby Dick at Varvara bay, Photo: Andy Greenberg

Print Friendly, PDF & Email