The inquiry, which was started by Attorney General Eric H. Holder Jr. last June, is examining leaks about a computer virus developed jointly by the United States and Israel that damaged nuclear centrifuges at Iran’s primary uranium enrichment plant. The U.S. code name for the operation was Olympic Games, but the wider world knew the mysterious computer worm as Stuxnet.
The FBI and prosecutors have interviewed several current and former senior government officials in connection with the disclosures, sometimes confronting them with evidence of contact with journalists, according to people familiar with the probe. Investigators, they said, have conducted extensive analysis of the e-mail accounts and phone records of current and former government officials in a search for links to journalists.
The people familiar with the investigation would speak only on the condition of anonymity because of the sensitivity of the matter. The Justice Department declined to comment.
The Obama administration has prosecuted six officials for disclosing classified information, more than all previous administrations combined. But the Stuxnet investigation is arguably the highest-profile probe yet, and it could implicate senior-level officials. Knowledge of the virus was likely to have been highly compartmentalized and limited to a small set of Americans and Israelis.
The proliferation of e-mail and the advent of sophisticated software capable of sifting through huge volumes of it have significantly improved the ability of the FBI to find evidence. A trail of e-mail has eased the FBI’s search for a number of suspects recently, including John Kiriakou, the former CIA officer who was sentenced Friday to 30 months in prison for disclosing to a journalist the identity of a CIA officer who had spent 20 years under cover.
Holder appointed Rod J. Rosenstein, the U.S. attorney for Maryland, to lead the Stuxnet inquiry after a New York Times article about President Obama ordering cyberattacks against Iran using a computer virus developed in conjunction with Israel. Other publications, including The Washington Post, followed with similar reports about Stuxnet and a related virus called Flame.
At the same time, Holder named Ronald C. Machen Jr., the U.S. attorney for the District of Columbia, to head a criminal investigation into leaks concerning thedisruption of a bomb plot by al-Qaeda in the Arabian Peninsula. Holder’s action followed complaints from members of Congress, including the heads of the intelligence
Machen is examining a leak to the Associated Press that a double agent inside al-Qaeda’s affiliate in Yemen allowed the United States and Saudi Arabia to disrupt the plot to bomb an airliner using explosives and a detonation system that could evade airport security checks.
“People are feeling less open to talking to reporters given this uptick,” said a person with knowledge of Machen’s inquiry. “There is a definite chilling effect in government due to these investigations.”
The Justice Department declined to provide statistics on how many leak investigations were launched during Obama’s first term. Between 2005 and 2009, according to an April 2010 Justice Department letter that was sent to a Senate committee, intelligence agencies notified the department 183 times about leaks. The FBI opened 26 investigations and identified 14 suspects.
Lisa Monaco, the head of the Justice Department’s National Security Division who was named Friday as the president’s new counterterrorism adviser, told the Senate in 2011 that there has been “a stepped-up effort, and indeed a priority placed on the prosecution of leak matters.” Monaco said that leaks “do tremendous damage” and that unauthorized disclosures should be “prosecuted and pursued, either by criminal means or the use of administrative sanctions.”
Former prosecutors said these investigations typically begin by compiling a list of people with access to the classified information. When government officials attend classified briefings or examine classified documents in secure facilities, they must sign a log, and these records can provide an initial road map for investigators.
Former prosecutors said investigators run sophisticated software to identify names, key words and phrases embedded in e-mails and other communications, including text messages, which could lead them to suspects.
The FBI also looks at officials’ phone records — who called whom, when, for how long. Once they have evidence of contact between officials and a particular journalist, investigators can seek a warrant to examine private e-mail accounts and phone records, including text messages, former prosecutors said.
Prosecutors and the FBI can examine government e-mail accounts and government-issued devices, including cellphones, without a warrant. They can also look at private e-mail accounts without a warrant if those accounts were accessed on government computers.
The investigation of Kiriakou grew out of an inquiry by the Justice Department into how high-value detainees at Guantanamo Bay came to have photographs of some intelligence officials in their cells. E-mails eventually led the FBI to exchanges between Kiriakou and a journalist that revealed the name of a covert officer. That name was passed to an investigator working for the American Civil Liberties Union and finally made its way into a classified filing by the ACLU.
In the case of Petraeus, the FBI started with five threatening, anonymous e-mails sent to a Florida woman. After several weeks of following the trail, the bureau found itself confronting explicit exchanges between Petraeus and his mistress. They also found what have been described as flirtatious e-mails between Gen. John Allen and the Florida woman. Petraeus was not charged with a crime, and Allen was cleared of wrongdoing last week.