Month: September 2024

Source: United States Department of Justice Criminal Division

The Justice Department and the Federal Trade Commission (FTC) announced today that Verkada Inc. (Verkada), a cloud-based security company headquartered in San Mateo, California, has agreed to a settlement requiring it to pay a $2.95 million civil penalty and implement extensive data security measures. This settlement resolves allegations that Verkada violated the Controlling the Assault of Non-Solicited Pornography and Marketing (CAN-SPAM) Act and engaged in unfair and deceptive practices in violation of the Federal Trade Commission Act.

In a complaint filed in the U.S. District Court for the Northern District of California, the United States alleges that Verkada failed to implement reasonable security measures such as appropriate access management and data protection controls and adequate encryption of customer data. These failures allegedly exposed sensitive information — including security-camera footage of consumers visiting locations like hospitals and schools — to unauthorized access. The complaint additionally alleges that Verkada misrepresented the extent to which it used appropriate data security safeguards and complied with the Health Insurance Portability and Accountability Act of 1996 (HIPAA). The complaint also alleges that Verkada sent numerous promotional emails that failed to clearly and conspicuously notify recipients of their opportunity to opt out of such messages and failed to include a valid physical postal address, and that Verkada did not honor requests to opt out from its promotional emails within ten business days of receiving those requests, all in violation of the CAN-SPAM Act.

To resolve the lawsuit, the parties agreed to a settlement reflected by the stipulated order issued today by the Court. The stipulated order requires Verkada to pay a $2.95 million civil penalty and to comply with the CAN-SPAM Act, including by honoring requests to opt out of its commercial emails. The stipulated order also prohibits Verkada from misrepresenting its data security practices and requires it to establish a comprehensive information security program and undergo regular third-party assessments of its data security practices.

“This settlement underscores the importance of robust data security measures, especially for companies that are themselves in the security industry. Failure to protect sensitive information puts consumers at risk,” said Principal Deputy Assistant Attorney General Brian M. Boynton, head of the Justice Department’s Civil Division. “We will continue to work with the FTC to hold companies accountable for such violations.”

“When customers invite companies into private spaces to monitor consumers by using their security cameras and other products, they expect those companies to provide basic levels of security, which Verkada failed to do,” said Director Samuel Levin of the FTC’s Bureau of Consumer Protection. “Companies that fail to secure and protect consumer data can expect to be held responsible.”

Trial Attorneys Cameron A. Brown and Amanda K. Kelly, Senior Trial Attorney James T. Nelson and Assistant Director Zachary A. Dietert of the Civil Division’s Consumer Protection Branch and Assistant U.S. Attorney Vivian Wang for the Northern District of California are handling the case, in coordination with staff from the FTC’s Division of Privacy and Identity Protection.

For more information about the Consumer Protection Branch and its enforcement efforts, visit www.justice.gov/civil/consumer-protection-branch. For more information about the FTC, visit www.FTC.gov.

Source: United States Department of Justice Criminal Division

Note: View the affidavit here. 

The Justice Department today announced the ongoing seizure of 32 internet domains used in Russian government-directed foreign malign influence campaigns colloquially referred to as “Doppelganger,” in violation of U.S. money laundering and criminal trademark laws. As alleged in an unsealed affidavit, the Russian companies Social Design Agency (SDA), Structura National Technology (Structura), and ANO Dialog, operating under the direction and control of the Russian Presidential Administration, and in particular First Deputy Chief of Staff of the Presidential Executive Office Sergei Vladilenovich Kiriyenko, used these domains, among others, to covertly spread Russian government propaganda with the aim of reducing international support for Ukraine, bolstering pro-Russian policies and interests, and influencing voters in U.S. and foreign elections, including the U.S. 2024 Presidential Election.  

In conjunction with the domain seizures, the U.S. Treasury Department announced the designation of 10 individuals and two entities as part of a coordinated response to Russia’s malign influence efforts targeting the 2024 U.S. presidential election. This announcement follows the designation of actors involved in Doppelganger announced by the Treasury Department in March.

“The Justice Department is seizing 32 internet domains that the Russian government and Russian government-sponsored actors have used to engage in a covert campaign to interfere in and influence the outcome of our country’s elections,” said Attorney General Merrick B. Garland. “As alleged in our court filings, President Vladimir Putin’s inner circle, including Sergei Kiriyenko, directed Russian public relations companies to promote disinformation and state-sponsored narratives as part of a campaign to influence the 2024 U.S. Presidential Election. An internal planning document created by the Kremlin states that a goal of the campaign is to secure Russia’s preferred outcome in the election. The sites we are seizing today were filled with Russian government propaganda that had been created by the Kremlin to reduce international support for Ukraine, bolster pro-Russian policies and interests, and influence voters in the United States and other countries. Our actions today make clear that the Justice Department will be aggressive in countering and disrupting attempts by the Russian government, or any other malign actor, to interfere in our elections and undermine our democracy.”

“The Department’s seizure of 32 internet domains secretly deployed to spread foreign malign influence demonstrates once again that Russia remains a predominant foreign threat to our elections,” said Deputy Attorney General Lisa Monaco. “At Putin’s direction, Russian companies SDA, Structura, and ANO Dialog used cybersquatting, fabricated influencers, and fake profiles to covertly promote AI-generated false narratives on social media. Those narratives targeted specific American demographics and regions in a calculated effort to subvert our election. Our republic depends on elections that are free from foreign interference, and we will not rest in our efforts to expose foreign malign influence operations and protect our democracy, without fear or favor.”

“Today’s announcement exposes the scope of the Russian government’s influence operations and their reliance on cutting-edge AI to sow disinformation,” said FBI Director Christopher Wray. “Companies operating at the direction of the Russian government created websites to trick Americans into unwittingly consuming Russian propaganda.  By seizing these websites, the FBI is making clear to the world what they are, Russian attempts to interfere in our elections and influence our society.  The FBI will continue to work with our partners to expose and shutdown these covert influence campaigns.”

“This seizure illustrates vividly what the U.S. government and private sector partners have warned for months: the Russian government and its proxies are aggressively accelerating the Kremlin’s covert efforts to seed false stories and amplify disinformation directed at the American public,” said Assistant Attorney General Matthew G. Olsen of the Justice Department’s National Security Division. “Today’s announcement reveals Russia is willing to impersonate our free and open press in its egregious schemes. This is our third disruption of Russian foreign malign influence operations in two months, and the Justice Department remains relentless in protecting Americans from such unacceptable conduct. To Russia, and any other government seeking to stoke discord in our society: know that we will spare no effort and use every available tool to disrupt and expose this malign activity and defend our democratic institutions.”

“Protecting our democratic processes from foreign malign influence is paramount to ensure enduring public trust,” said U.S. Attorney Jacqueline C. Romero for the Eastern District of Pennsylvania. “As America’s adversaries continue to spew propaganda and disinformation towards the American electorate, we’ll use every tool at our disposal to expose and dismantle their insidious foreign influence campaigns.”

The propaganda did not identify, and in fact purposefully obfuscated, the Russian government or its agents as the source of the content. The perpetrators extensively utilized “cybersquatted” domains, a method of registering a domain intended to mimic another person or company’s website (e.g., registering washingtonpost.pm to mimic washingtonpost.com), to publish Russian government messaging falsely presented as content from legitimate news media organizations. In other instances, the perpetrators sought to create their own unique media brands to promote Doppelganger content (e.g., Recent Reliable News). Among the methods Doppelganger used to drive viewership to the cybersquatted and unique media domains was the deployment of “influencers” worldwide, paid social media advertisements (in some cases created using artificial intelligence tools), and the creation of social media profiles posing as U.S. (or other non-Russian) citizens to post comments on social media platforms with links to the cybersquatted domains, all of which attempted to trick viewers into believing they were being directed to a legitimate news media outlet’s website.

Overview

The affidavit describes the perpetrators’ own internal strategy meeting notes, project proposals, and other records obtained during the course of the investigation. Several notable propaganda project proposals directed against the United States included:

• Good Old USA Project: Attachments 8A, 8B
• The Guerilla Media Campaign: Attachments 9A, 9B
• U.S. Social Media Influencers Network Project: Attachments 10A, 10B

Doppelganger’s foreign malign influence efforts were not directed solely against audiences in the United States. Other targets of the perpetrators’ propaganda included Germany, Mexico, and Israel, among others. Doppelganger’s influence campaigns sought to influence the citizenry of those countries to support Russian government objectives, including by undermining the United States’ relationship with those countries.

Doppelganger’s use of the U.S.-based domain names at the direction and control of, and for the benefit of, sanctioned persons, including Sergei Vladilenovich Kiriyenko, SDA, and Structura, violates the International Emergency Economic Powers Act (IEEPA). As a result, the accompanying payments for Doppelganger’s online infrastructure violate federal money laundering laws. In addition, Doppelganger’s publication of content on cybersquatted domains with names and content that mimic legitimate media outlets violates federal criminal trademark laws because those domains feature trademarks registered on the Principal Register maintained by the U.S. Patent and Trademark Office.

The FBI Philadelphia Field Office is investigating the case.

The U.S. Attorney’s Office for the Eastern District of Pennsylvania, the National Security Division’s Counterintelligence and Export Control Section and National Security Cyber Section are prosecuting the case, with valuable assistance from the Criminal Division’s Computer Crime and Intellectual Property Section.

Source: United States Department of Justice Criminal Division

Gholam Reza Goodarzi, also known as Ron Goodarzi, 76, a dual U.S. and Iranian citizen who resides in Porter, Texas, made his initial appearance today in the Southern District of Texas following his arrest at the George Bush International Airport on Aug. 30. Goodarzi is charged by criminal complaint with smuggling parts and components used in the production of unmanned aerial vehicles (UAVs), as well as other manned aircraft, from the United States to Iran.

“For years, the defendant allegedly used proxy destinations to try to smuggle UAV components and other controlled technology to Iran, even concealing controlled items in his own luggage,” said Assistant Attorney General Matthew G. Olsen of the Justice Department’s National Security Division. “The Justice Department and our law enforcement partners are committed to vigorously enforcing export controls to protect U.S. national security.”

“Smuggling aircraft parts into Iran endangers U.S. national security by potentially enhancing Iran’s military capabilities, enabling them to advance their aerial combat potential, increase regional power and threaten U.S. allies and interests in the Middle East,” said U.S. Attorney Alamdar S. Hamdani for the Southern District of Texas. “This prosecution represents my office’s core commitment – in partnership with the Justice Department’s National Security Division, FBI and Customs and Border Protection – to disrupt and hold accountable Goodarzi’s alleged efforts to evade sanctions against Iran, a hostile nation.”

“Illegally smuggling sensitive U.S. technology to a foreign nation jeopardizes our national security and undermines the integrity of our trade laws,” said Executive Assistant Director Robert Wells of the FBI’s National Security Branch. “The U.S. does not tolerate illegal smuggling of our advanced tech to our adversaries, and the FBI will work with our partners to vigorously pursue and hold accountable those who violate our laws and put our country at risk.”

According to court documents, from December 1, 2020, through July 5, Goodarzi illegally exported aircraft-related parts, in addition to oil and drilling components, to Iran. As alleged, Goodarzi purchased U.S.-origin aircraft components from U.S.-based suppliers and then exported them to Iran – typically through Dubai, UAE.

He also traveled to and from Iran multiple times per year and concealed aircraft parts and other items in his checked luggage.

Goodarzi exchanged multiple emails with suppliers and customers, acknowledging that parts could not be shipped to Iran because of sanctions.

The complaint alleges that on several occasions, authorities searched Goodarzi’s luggage and found numerous aircraft parts and components hidden within articles of clothing. Some of the items had characteristics consistent with parts for the production of UAVs, as well as parts with electrical motor and generator applications.

Goodarzi does not have the required licenses to export such items to sanctioned countries, including Iran, according to the complaint.

If convicted, he faces a penalty of up to 10 years in prison for the charge of smuggling goods and a possible $250,000 maximum fine. A federal district court judge will determine any sentence after considering the U.S. Sentencing Guidelines and other statutory factors.

The FBI, with assistance from and Customs and Border Protection, is investigating the case. 

Assistant U.S. Attorney Heather Winter for the Southern District of Texas and Trial Attorney Christopher Cook of the National Security Division’s Counterintelligence and Export Control Section are prosecuting the case. 

This prosecution is being coordinated through the Disruptive Technology Strike Force, an interagency law enforcement strike force co-led by the Departments of Justice and Commerce designed to target illicit actors, protect supply chains, and prevent critical technology from being acquired by authoritarian regimes and hostile nation states. Under the leadership of the Assistant Attorney General for National Security and the Assistant Secretary of Commerce for Export Enforcement, the Strike Force leverages tools and authorities across the U.S. Government to enhance the criminal and administrative enforcement of export control laws.  

A criminal complaint is merely an allegation. All defendants are presumed innocent until proven guilty beyond a reasonable doubt in a court of law.

Source: United States Department of Justice Criminal Division

A Nigerian national was sentenced today in the Eastern District of Virginia to five years and three months in prison and ordered to pay nearly $5 million in restitution for participating in a computer hacking and business email compromise scheme that caused over $5 million in losses to multiple victims in the United States and elsewhere. Franklin Ifeanyichukwu Okwonna, 34, pleaded guilty on May 20 to conspiracy to commit wire fraud and aggravated identity theft for his role in the scheme.

Okwonna’s co-defendant, Nigerian national Ebuka Raphael Umeti, 35, was sentenced on Aug. 27 to 10 years in prison and ordered to pay nearly $5 million in restitution. Umeti was convicted by a federal jury on June 13 of conspiracy to commit wire fraud, three counts of wire fraud, conspiracy to cause intentional damage to a protected computer, and intentional damage to a protected computer.

According to court documents and evidence presented at Umeti’s trial, between February 2016 and July 2021, Umeti, Okwonna, and their co-conspirators caused millions of dollars in unauthorized wire transfers by sending victim businesses phishing emails. These emails falsely appeared as though they originated from trusted sources, such as a bank or a vendor. After the victim opened an attachment, their computers would be infected with malicious software, or “malware,” that allowed the defendants and their co-conspirators to gain unauthorized access to the victim’s computer systems and email accounts. The defendants and their co-conspirators then exploited that access to obtain sensitive information, which they used to deceive individuals at the victim companies into executing wire transfers to accounts specified by the co-conspirators. As a result of this scheme, the defendants and their co-conspirators caused or attempted to cause over $5 million in losses to the victim companies.

Principal Deputy Assistant Attorney General Nicole M. Argentieri, head of the Justice Department’s Criminal Division, U.S. Attorney Jessica D. Aber for the Eastern District of Virginia, and Assistant Director in Charge David Sundberg of the FBI Washington Field Office made the announcement.

The FBI Washington Field Office investigated the case.

Senior Counsel Thomas S. Dougherty of the Criminal Division’s Computer Crime and Intellectual Property Section (CCIPS) and Assistant U.S. Attorney Laura D. Withers for the Eastern District of Virginia prosecuted the case. CCIPS Senior Counsel Aarash Haghighat assisted in the investigation and indictment of the case. The Justice Department’s Office of International Affairs worked with the FBI’s Legal Attaché Office in Nairobi, the U.S. Marshals Service, and Kenya’s Office of the Director of Public Prosecutions and Directorate of Criminal Investigation to secure the extradition of Umeti and Okwonna.