This video is a panel discussion of the Robert Hanssen investigation. Hanssen, a former FBI supervisor, was one of the most prolific spies in US history. However, an important side story—one that is critical from an analytical perspective—is that of CIA operative Brian Kelley, who was the FBI’s initial suspect based on a conclusion drawn from faulty analysis. Here is what happened.
The 1994 arrest of CIA analyst Aldridge Ames for spying did not fully resolve penetrations of the IC, so the FBI and CIA partnered to identify additional suspects. Analysts constructed a fluid matrix of between 58 and 62 compromised cases and operations and proposed two assumptions:
- The suspect worked in the counterintelligence center or Soviet-European division of the CIA, so it was likely an Agency employee.
- The suspect had access to and helped the FBI with the Felix Bloch case, which collapsed after the closely-held investigation of Bloch was disclosed to the Soviets.
Based on placement and access, the first pass identified between 200 and 245 CIA case officers. Members of the trusted group “voted” on the culpability potential of persons on the list, and then examined security and personnel files, psych profiles, and financial and medical records that might disclose vulnerabilities. Their work resulted in a shortened list of 50, then 34, then 17.
Had analysts and investigators included FBI employees on their list, they might have identified Hanssen, whose access mirrored Brian Kelley’s. However, they did not. Based on the matrix and stated assumptions, Mr. Kelley became the primary suspect.
Once the group identified Mr. Kelley, they solidified their case by seeking evidence that confirmed Mr. Kelley’s involvement and dismissed inconsistencies that offered exculpatory evidence. After the investigation concluded with the identification and arrest of Robert Hanssen, the FBI found some of the elements of the matrix were wrong.
Mr. Kelley later taught a class during which he shared his experiences and warned of the “overreliance on conclusions by analysts” in UNSUB investigations. He believed “gut instinct” better served investigators.
Flawed analysis
Mr. Kelley was right in terms of the result, but the problem began sooner. Inadequate and improper application of analytical tradecraft led to a flawed conclusion, which was used to provide the framework for the investigation.
- The initial data set was incomplete. Analysts/investigators focused on placement and access. Mr. Hanssen had identical placement and access as Mr. Kelley, but he was not included in the data set.
- The assumption that the suspect was an Agency employee was not valid and exhibited bias. An Office of the Inspector General (OIG) review of the case found, “The FBI never opened even a preliminary inquiry on any FBI employee in connection with the search for the mole ultimately identified as Hanssen. This was true even though the FBI had access to information suggesting that the mole might be an FBI employee, and believed that the mole had compromised certain FBI assets and operations.”
- Analysts/investigators disregarded inconsistencies that weakened their case. The OIG reported the Justice Department could not properly evaluate the strength of the FBI’s case against Mr. Kelley because the FBI omitted crucial information to the department about “weaknesses in proof and investigative setbacks.”
- Analysts/investigators did not reevaluate their case as new evidence arose. The OIG report cited as an overarching problem in the failure to detect Hanssen sooner was, “the unwillingness of line personnel working on the espionage investigation of the CIA suspect to reconsider initial conclusions and judgments in the face of investigative failures, and senior managers’ failure to insist that they be revisited.”
- There was a lack of involvement at the management level to challenge judgments and conclusions or require alternative analysis. “The FBI managers with supervisory authority over the investigation often deferred to line personnel – even when the managers harbored serious doubts about the progress of the investigation – resulting in a tacit endorsement of erroneous analysis and conclusions.”
- There appeared to be a pattern of external focus that resulted in limited hypothesis generation. According to the OIG report, the FBI conducted two analytical studies between 1987 and 1991 aimed at identifying the infiltrator responsible for a series of asset losses. Neither study led to the investigation of an insider threat. The second of the two studies concluded, “CIA penetration was a more likely explanation for the FBI’s losses.” Likewise, a final report by the CIA-FBI staffed Special Investigations Unit raised the possibility of KGB penetration of the FBI, but no action resulted.
The emphasis on Mr. Kelley as a suspect did not result from the “overreliance on conclusions by analysts,” but instead from poor analytical rigor. The principles of analysis were disregarded on many levels, but at the forefront, the elementary tenet of refuting rather than confirming a hypothesis.
The Intelligence Shop 