US Department of Treasury Sanctions Commercial Spyware Entities

The U.S. Department of Treasury has sanctioned individuals and entities responsible for commercial spyware.  The Press Release states:

WASHINGTON — Today, the Department of the Treasury’s Office of Foreign Assets Control (OFAC) designated two individuals and five entities associated with the Intellexa Consortium for their role in developing, operating, and distributing commercial spyware technology used to target Americans, including U.S. government officials, journalists, and policy experts. The proliferation of commercial spyware poses distinct and growing security risks to the United States and has been misused by foreign actors to enable human rights abuses and the targeting of dissidents around the world for repression and reprisal. 

“Today’s actions represent a tangible step forward in discouraging the misuse of commercial surveillance tools, which increasingly present a security risk to the United States and our citizens,” said Under Secretary of the Treasury for Terrorism and Financial Intelligence Brian E. Nelson. “The United States remains focused on establishing clear guardrails for the responsible development and use of these technologies while also ensuring the protection of human rights and civil liberties of individuals around the world.”  . . .

PREDATOR SPYWARE SOLD TO CUSTOMERS AROUND THE GLOBE

Since its founding in 2019, the Intellexa Consortium has acted as a marketing label for a variety of offensive cyber companies that offer commercial spyware and surveillance tools to enable targeted and mass surveillance campaigns. These tools are packaged as a suite of tools under the brand-name “Predator” spyware, which can infiltrate a range of electronic devices through zero-click attacks that require no user interaction for the spyware to infect the device. Once a device is infected by the Predator spyware, the spyware can be leveraged for a variety of information stealing and surveillance capabilities—this includes the unauthorized extraction of data, geolocation tracking, and access to a variety of applications and personal information on the compromised device. 

The Intellexa Consortium, which has a global customer base, has enabled the proliferation of commercial spyware and surveillance technologies around the world, including to authoritarian regimes. Furthermore, the Predator spyware has been deployed by foreign actors in an effort to covertly surveil U.S. government officials, journalists, and policy experts. In the event of a successful Predator infection, the spyware’s operators can access and retrieve sensitive information including contacts, call logs, and messaging information, microphone recordings, and media from the device.    

PRESIDENTIAL DIRECTIVE TO PROMOTE ROBUST COMMERCIAL SPYWARE STANDARDS TO PROTECT NATIONAL SECURITY AND UNIVERSAL HUMAN RIGHTS 

As described in E.O. 14093 and the White House Fact Sheet, commercial spyware has proliferated in recent years with few controls and a high risk of abuse.  A growing number of foreign governments around the world, moreover, have deployed this technology to facilitate repression and enable human rights abuses, including to intimidate political opponents and curb dissent, limit freedom of expression, and monitor and target activists and journalists. Misuse of these powerful surveillance tools has not been limited to authoritarian regimes. Democracies also have confronted revelations that actors within their systems have misused commercial spyware to target their citizens without proper legal authorization, safeguards, and oversight. 

This Presidential Directive has identified that the United States has a fundamental national security and foreign policy interest in countering and preventing the proliferation of commercial spyware that has been or risks being misused, in light of the core interests of the United States in protecting U.S. government personnel and U.S. citizens around the world; upholding and advancing democracy; promoting respect for human rights; and defending activists, dissidents, and journalists against threats to their freedom and dignity. 

To advance these interests and promote responsible use of commercial spyware, the United States has established robust protections and procedures to ensure that any U.S. government use of commercial spyware helps safeguard its information systems and intelligence and law enforcement activities against significant counterintelligence or security risks; aligns with its core interests in promoting democracy and democratic values around the world; and ensures that the U.S. government does not contribute, directly or indirectly, to the proliferation of commercial spyware that has been misused by foreign governments or facilitate such misuse.

KEY ENABLERS OF THE INTELLEXA CONSORTIUM

Tal Jonathan Dilian (Dilian) is the founder of the Intellexa Consortium, and is the architect behind its spyware tools. The consortium is a complex international web of decentralized companies controlled either fully or partially by Dilian, including through Sara Aleksandra Fayssal Hamou.   

Sara Aleksandra Fayssal Hamou (Hamou), is a corporate off-shoring specialist who has provided managerial services to the Intellexa Consortium, including renting office space in Greece on behalf of Intellexa S.A. Hamou holds a leadership role at Intellexa S.A., Intellexa Limited, and Thalestris Limited.  

Intellexa S.A. is a Greece-based software development company within the Intellexa Consortium and has exported its surveillance tools to authoritarian regimes. Intellexa S.A. was added to the Department of Commerce Entity List on July 18, 2023, for trafficking in cyber exploits used to gain access to information systems, threatening the privacy and security of individuals and organizations worldwide. 

Intellexa Limited is an Ireland-based company within the Intellexa Consortium and acts as a technology reseller and holds assets on behalf of the consortium. Intellexa Limited was added to the Department of Commerce Entity List on July 18, 2023, for trafficking in cyber exploits used to gain access to information systems, threatening the privacy and security of individuals and organizations worldwide. 

Cytrox AD is a North Macedonia-based company within the Intellexa Consortium and acts as a developer of the consortium’s Predator spyware. Cytrox AD was added to the Department of Commerce Entity List on July 18, 2023, for trafficking in cyber exploits used to gain access to information systems, threatening the privacy and security of individuals and organizations worldwide. 

Cytrox Holdings Zartkoruen Mukodo Reszvenytarsasag (Cytrox Holdings ZRT) is a Hungary-based entity within the Intellexa Consortium. Cytrox Holdings ZRT previously developed the Predator spyware for the group before production moved to Cytrox AD in North Macedonia. Cytrox Holdings ZRT was added to the Department of Commerce Entity List on July 18, 2023, for trafficking in cyber exploits used to gain access to information systems, threatening the privacy and security of individuals and organizations worldwide. 

Thalestris Limited is an Ireland-based entity within the Intellexa Consortium that holds distribution rights to the Predator spyware and acts as a financial holding company for the Consortium.   

Dilian, Hamou, Intellexa S.A., Intellexa Limited, Cytrox AD, Cytrox Holdings ZRT, and Thalestris Limited are being designated pursuant to Executive Order (E.O.) 13694, as amended by E.O. 13757, for being responsible for or complicit in, or having engaged in, directly or indirectly, cyber-enabled activities originating from, or directed by persons located, in whole or in substantial part, outside the United States that are reasonably likely to result in, or have materially contributed to, a significant threat to the national security, foreign policy, or economic health or financial stability of the United States and that have the purpose or effect of causing a significant misappropriation of funds or economic resources, trade secrets, personal identifiers, or financial information for commercial or competitive advantage or private financial gain.

SANCTIONS IMPLICATIONS

As a result of today’s action, all property and interests in property of the designated persons described above that are in the United States or in the possession or control of U.S. persons are blocked and must be reported to OFAC. In addition, any entities that are owned, directly or indirectly, individually or in the aggregate, 50 percent or more by one or more blocked persons are also blocked. Unless authorized by a general or specific license issued by OFAC, or exempt, OFAC’s regulations generally prohibit all transactions by U.S. persons or within (or transiting) the United States that involve any property or interests in property of designated or otherwise blocked persons. 

In addition, financial institutions and other persons that engage in certain transactions or activities with the sanctioned entities and individuals may expose themselves to sanctions or be subject to an enforcement action. Prohibitions include the making of any contribution or provision of funds, goods, or services by, to, or for the benefit of any designated person, or the receipt of any contribution or provision of funds, goods, or services from any such person. 

The power and integrity of OFAC sanctions derive not only from OFAC’s ability to designate and add persons to the Specially Designated Nationals (SDN) List, but also from its willingness to remove persons from the SDN List consistent with the law. The ultimate goal of sanctions is not to punish, but to bring about a positive change in behavior. For information concerning the process for seeking removal from an OFAC list, including the SDN List, please refer to OFAC’s Frequently Asked Question 897 here. For detailed information on the process to submit a request for removal from an OFAC sanctions list, please click here.

Click here for more information on the individuals and entities designated today.

US DOJ Announces Indictment of Former Google Employee and PRC National for AI Trade Secret Theft

US Department of Justice announced the indictment of former Google employee for stealing AI related trade secrets.  The press release states:

A federal grand jury indicted Linwei Ding, aka Leon Ding, charging him with four counts of theft of trade secrets in connection with an alleged plan to steal from Google LLC (Google) proprietary information related to artificial intelligence (AI) technology. . . .

According to the indictment, returned on March 5 and unsealed earlier today, Ding, 38, a national of the People’s Republic of China and resident of Newark, California, transferred sensitive Google trade secrets and other confidential information from Google’s network to his personal account while secretly affiliating himself with PRC-based companies in the AI industry. Ding was arrested earlier this morning in Newark.

“The Justice Department will not tolerate the theft of artificial intelligence and other advanced technologies that could put our national security at risk,” said Attorney General Garland. “In this case, we allege the defendant stole artificial intelligence-related trade secrets from Google while secretly working for two companies based in China. We will fiercely protect sensitive technologies developed in America from falling into the hands of those who should not have them.”  

. . . “In the one year since its inception, the Disruptive Technology Strike Force has been relentless in protecting advanced U.S. technologies, like artificial intelligence, from malign actors,” said Assistant Secretary Matthew S. Axelrod of the Commerce Department’s Office for Export Enforcement. “Let today’s announcement serve as further warning – those who would steal sensitive U.S. technology risk finding themselves on the wrong end of a criminal indictment.”

According to court documents, the technology Ding allegedly stole involves the building blocks of Google’s advanced supercomputing data centers, which are designed to support machine learning workloads used to train and host large AI models. According to the indictment, large AI models are AI applications capable of understanding nuanced language and generating intelligent responses to prompts, tasks, or queries. The indictment describes how Google developed both proprietary hardware and software to facilitate the machine learning process powered by its supercomputing data centers. With respect to hardware, Google uses advanced computer chips with the extraordinary processing power required to facilitate machine learning and run AI applications. With respect to software, Google deploys several layers of software, referred to in the indictment as the “software platform,” to orchestrate machine learning workloads efficiently. For example, one component of the software platform is the Cluster Management System (CMS), which functions as the “brain” of Google’s supercomputing data centers. The CMS organizes, prioritizes, and assigns tasks to the hardware infrastructure, allowing the advanced chips to function efficiently when executing machine learning workloads or hosting AI applications.

According to the indictment, Google hired Ding as a software engineer in 2019. Ding’s responsibilities included developing the software deployed in Google’s supercomputing data centers. In connection with his employment, Ding was granted access to Goggle’s confidential information related to the hardware infrastructure, the software platform, and the AI models and applications they supported. The indictment alleges that on May 21, 2022, Ding began secretly uploading trade secrets that were stored in Google’s network by copying the information into a personal Google Cloud account. According to the indictment, Ding continued periodic uploads until May 2, 2023, by which time Ding allegedly uploaded more than 500 unique files containing confidential information.

In addition, the indictment alleges that Ding secretly affiliated himself with two PRC-based technology companies. According to the indictment, on or about June 13, 2022, Ding received several emails from the CEO of an early-stage technology company based in the PRC indicating Ding had been offered the position of Chief Technology Officer for the company. Ding allegedly traveled to the PRC on Oct. 29, 2022, and remained there until March 25, 2023, during which time he participated in investor meetings to raise capital for the new company. The indictment alleges potential investors were told Ding was the new company’s Chief Technology Officer and that Ding owned 20% of the company’s stock.

According to the indictment, unbeknownst to Google, by no later than May 30, 2023, Ding had founded his own technology company in the AI and machine learning industry and was acting as the company’s CEO. Ding’s company touted the development of a software platform designed to accelerate machine learning workloads, including training large AI models. As alleged in the indictment, Ding applied to a PRC-based startup incubation program and traveled to Beijing, to present his company at an investor conference on Nov. 24, 2023. As set forth in the indictment, a document related to Ding’s startup company stated, “we have experience with Google's ten-thousand-card computational power platform; we just need to replicate and upgrade it - and then further develop a computational power platform suited to China's national conditions.” 

The indictment alleges Ding’s conduct violated his employment agreement as well as a separate code of conduct that Ding signed when he became a Google employee. Further, the indictment describes measures that Ding allegedly took to conceal his theft of the trade secrets. For example, he allegedly copied data from Google source files into the Apple Notes application on his Google-issued MacBook laptop. By then converting the Apple Notes into PDF files and uploading them from the Google network into as separate account, Ding allegedly evaded detection by Google’s data loss prevention systems. Likewise, the indictment describes how in December 2023 Ding allegedly permitted another Google employee to use his Google-issued access badge to scan into the entrance of a Google building – making it appear he was working from his U.S. Google office when, in fact, he was in the PRC.

Ding is charged with four counts of theft of trade secrets. If convicted, Ding faces a maximum penalty of 10 years in prison and up to a $250,000 fine for each count. A federal district court judge will determine any sentence after considering the U.S. Sentencing Guidelines and other statutory factors.

The FBI and Commerce Department are investigating the case.

The U.S. Attorney’s Office for the Northern District of California and Justice Department National Security Division’s Counterintelligence and Export Control Section are prosecuting the case.

Today’s action was coordinated through the Justice and Commerce Departments’ Disruptive Technology Strike Force. The Disruptive Technology Strike Force is an interagency law enforcement strike force co-led by the Departments of Justice and Commerce designed to target illicit actors, protect supply chains, and prevent critical technology from being acquired by authoritarian regimes and hostile nation-states.

An indictment is merely an allegation. All defendants are presumed innocent until proven guilty beyond a reasonable doubt in a court of law.