The U.S. defense and intelligence communities have a secret-keeping problem. The recent revelation of what appears to be multiple classified documents that touch on a multitude of topics are appearing on a wide variety of social networks. Add to this the obvious doctoring of some of these documents by unknown individuals and the situation becomes quite foggy. The Department of Defense has referred the issue to the Department of Justice. The Central Intelligence Agency is looking into the situation. The government of Ukraine opines we are witnessing a Russian operation. The Russian Federation opines this is a U.S./Ukraine covert disinformation operation. That is a lot of moving parts, complex would be an understatement, as those whose documents have been splayed across the internet scramble to plug the very apparent hole in the classified information handling world.

What secrets are out in the wild?

It is important to note the revealed information came from photographs of classified documents. The documents were purported to be CIA and DoD assessments covering a plethora of topics. Most prominently is the U.S. analysis of Ukraine’s defense capabilities, Ukraine/Russia casualty numbers, sources and methods of clandestine collection, and worldwide briefs.


Wasting no time, and perhaps involved from the get-go, the Russian intelligence apparatus has been rushing out doctored copies of information (see below re Bellingcat analysis). The rush to publish no doubt is responsible for the amateurish nature of their efforts. The old KGB playbook on active measures is clear, always wrap your dubious and false information in kernels of truth.

How did the secret information find its way to the internet?

The investigative team over at Bellingcat has done a masterful job of digging into the provenance of the documents.  While the April 5 reveal on a Russian Telegram channel caught the attention of western media, they may have first appeared on March 4, within a Discord channel, “Minecraft Earth Map” where out of the blue in the midst of a spat about Ukraine, an individual posted, “here, have some leaked documents.” The individual then provided documents, some containing “Top Secret” markings.

Bellingcat goes on to share how their investigation points to documents dating back to January 2023, having been shared within various 4Chan servers, to include “WowMao” and “Thug Shaker Central.” This indicates that the link predates the early April reveal on Telegram.

Interestingly, the photos of the documents provide some ancillary information (whether staged or not is unknown) where the photographs show “hunter’s scope box and some Gorilla Glue visible in the background.”


To this jaded set of eyes, the end goals and intended results by the individual or entity responsible is multi-faceted. Here are some potential goals of the leak:

  • Sow doubt within the U.S. defense and intelligence communities as to the presence of a penetration within their communities.
  • Project to the Russian populace an augmented reality concerning the blood price being paid by the sons of Russia.
  • Chip away at the U.S. influence, diplomatic efforts, and intelligence relationships not only with respect to Ukraine, but elsewhere as well – Middle East, Africa, Far East.
  • Erode continued material and financial support to Ukraine in their defense of their nation.

What next?

This is a bit of a tangled jungle. Speculation is rampant as to the original source of the leaks. The mixed bag of the revealed classified information may indicate: It is a person with access to a wide range of topics; or someone who got their hands on a burn bag of classified information that originated from the office of a senior government official; or a device belonging to someone with access has been compromised. Stay tuned, as DOJ, DoD and the CIA spin up their investigative and forensic capabilities, more will be revealed. For now, there is a lot of undergrowth to cut to get through this jungle.

Related News

Christopher Burgess (@burgessct) is an author and speaker on the topic of security strategy. Christopher, served 30+ years within the Central Intelligence Agency. He lived and worked in South Asia, Southeast Asia, the Middle East, Central Europe, and Latin America. Upon his retirement, the CIA awarded him the Career Distinguished Intelligence Medal, the highest level of career recognition. Christopher co-authored the book, “Secrets Stolen, Fortunes Lost, Preventing Intellectual Property Theft and Economic Espionage in the 21st Century” (Syngress, March 2008). He is the founder of