Just because you are clean doesn't mean the FBI won't take you equipment when it does a raid.
Threat Level Privacy, Crime and Security Online
FBI Defends Disruptive Raids on Texas Data Centers
* By Kim Zetter Email Author
* April 7, 2009 |
* 1:22 pm |
* Categories: Spooks Gone Wild
The FBI on Tuesday defended its raids on at least two data centers in Texas, in which agents carted out equipment and disrupted service to hundreds of businesses.
The raids were part of an investigation prompted by complaints from AT&T and Verizon about unpaid bills allegedly owed by some data center customers, according to court records. One data center owner charges that the telecoms are using the FBI to collect debts that should be resolved in civil court. But on Tuesday, an FBI spokesman disputed that charge.
"We wouldn’t be looking at it if it was a civil matter," says Mark White, spokesman for the FBI’s Dallas office. "And a judge wouldn’t sign a federal search warrant if there wasn’t probable cause to believe that a fraud took place and that the equipment we asked to seize had evidence pertaining to the criminal violation."
In interviews with Threat Level, companies affected by the raids say they’ve lost millions of dollars in equipment and business after the FBI hauled off gear belonging to phone and VoIP providers, a credit card processing company and other businesses that housed equipment at the centers. Nobody has been charged in the FBI’s investigation.
According to the owner of one co-location facility, Crydon Technology, which was raided on March 12, FBI agents seized about 220 servers belonging to him and his customers, as well as routers, switches, cabinets for storing servers and even power strips. Authorities also raided his home, where they seized eight iPods, some belonging to his three children, five XBoxes, a PlayStation3 system and a Wii gaming console, among other equipment. Agents also seized about $200,000 from the owner’s business accounts, $1,000 from his teenage daughter’s account and more than $10,000 in a personal bank account belonging to the elderly mother of his former comptroller.
Mike Faulkner, owner of Crydon, says the seizure has resulted in him losing millions of dollars in revenue. It’s also put many of his customers out of business or at risk of closure.
The raids are the result of complaints filed by AT&T and Verizon about small VoIP service providers whom the telecoms say owe them money for connectivity services. But instead of focusing the raid on those companies, Faulkner and others say the FBI vacuumed up equipment and data belonging to hundreds of unrelated businesses.
In addition to Crydon, the data center of Core IP Networks was raided last week. Customers who went to Core IP to try to retrieve their equipment were threatened with arrest, according to an announcement posted online by the company’s CEO, Matthew Simpson. According to Simpson, the FBI is investigating a company that purchased services from Core IP in the past but had never co-located equipment at Core IP’s address. Simpson reported that 50 businesses lost access to their e-mail and data as a result of the raid. Some of those clients are phone companies, and the loss of their equipment has meant that some of their customers lost emergency 911 access.
"If you run a data center, please be aware that in our great country, the FBI can come into your place of business at any time and take whatever they want, with no reason," Simpson wrote.
Faulkner says the FBI seized about $2.5 million from Simpson’s personal bank account. Simpson did not respond to a request for comment.
Faulkner and others say that the FBI agent who led the raid, Special Agent Allyn Lynd from the Dallas field office, warned them not to discuss the raid with each other or with the press.
But a 39-page affidavit (.pdf) related to the Crydon raid provides a convoluted account of the investigation. It alleges that a number of conspirators, some of who may have connections to Faulkner, conspired to obtain agreements from AT&T and Verizon to purchase connectivity services with the telecoms. Several documents used to provide proof of business ownership and financial stability were forged, according to the affidavit. For example, the affidavit claims that one of the conspirators named Ronald Northern sent AT&T a bill from Verizon to show that he had a history of paying for services on time. The bill was allegedly forged with Verizon’s logo — which the company is claiming is a trademark infringement — and that the corporation number the conspirator used actually belonged to a different Verizon customer.
Northern could not be reached for comment.
The affidavit claims that Faulkner, Northern and others committed mail and wire fraud, criminal e-mail abuse (stemming from separate allegations of spamming), criminal copyright infringement and criminal use of fraudulent documents. The affidavit mentions several companies that Faulkner has been connected to including, Crydon, Premier Voice and Union Datacom.
But mixed in with these allegations is a separate tale that hints at the larger story behind the raid. AT&T and Verizon say they’re owed about $6 million in fees from VoIP service providers who used servers that were co-located at Crydon and the other data centers. The telecoms claim that these VoIP providers used up more than 120 million "physical connectivity minutes" without paying for them, and that attempts by AT&T and Verizon to collect on the debts proved fruitless.
"Based on my investigation and that of AT&T and Verizon," writes Special Agent Lynd in the affidavit, "I believe individuals associated with Lonestar Power and Premier Voice defrauded AT&T and Verizon out of hundreds of millions of minutes of physical connectivity service and significant revenue by means of the submission of false/fraudulent credit information and other false representations."
Faulkner, who was a part owner of Premier Voice before selling it about a year ago, acknowledges that Premier owed money to AT&T at one time — though he says he’s not certain it was for interconnection. He says that debt was assumed by the new owner when he sold the company. Either way, he says, this would be categorized as corporate debt, not fraud.
"There’s a big difference between stealing money and owing money," he says.
He says he often invests in troubled companies that are carrying debt when he buys them.
"Usually you settle the debt," he says. "But AT&T never contacted me about owing money. Verizon never contacted me."
Faulkner says the two telecoms have used the FBI to seize equipment to obtain evidence through a criminal investigation instead of pursuing the companies through civil litigation and the discovery process. And instead of targeting the investigation specifically at the VoIP companies, he says the FBI swept in everyone who had servers in the same place where the VoIP servers were located. As a result, all of Crydon Technology’s equipment was seized, as was the equipment of numerous businesses that had the bad luck to own servers running out of Crydon’s facility.
"They’re destroying more and more customers and it just doesn’t seem to make sense," Faulkner says. "They’ve done a horrible amount of damage and have been so barbaric in the way they’ve shut things down. If they just picked some random guy off the street to do this investigation, he could have done a better job than the FBI did."
Among more than 300 businesses affected by the raid on Crydon were Intelmate, which provides inmate calling services for prisons and jails and had about $100,000 in equipment seized in the raid; a credit card processing company that had just become PCI compliant and was in the process of signing on its first customers; Primary Target, a video game company that makes first-person shooters; a mortgage brokerage; and a number of VoIP companies and international telecoms that provided customers with service to the U.S. through servers belonging to a separate company Faulkner ran called Intelivox. These customers essentially lost connectivity to the U.S. after the raid, Faulkner says.
Faulkner says the FBI appears to have assumed that all the servers located at Crydon’s address belonged to him, and didn’t seem to understand the concept of co-location.
The seized data included transactional records for companies, which means the companies won’t be able to bill customers for services already rendered before the raid.
"All of our clients will have to refund their customers, and we’re in the hole now to refund our customers," says Faulkner. "I could tell the FBI agent had never even considered that. He just said, ‘Well, that’s your problem.’"
The owner of a credit card processing company who had servers at Crydon says he lost about $35,000 in equipment in the seizure, and that the survival of his company is at risk until he secures a new location. He asked that he and his company not be named because the company is in the process of securing business partners to launch its processing service. He fears that news about the disruption to his business operation could lead potential partners to avoid contracting with him. To keep his launch on track, he’s had to purchase about $32,000 in new equipment.
He said when he tried to explain to an FBI agent that some of the servers that were seized belonged to him and not to Faulkner, the FBI agent implied he was lying.
"We were treated like we were criminals," he said. "They assumed there was no legitimate business in there."
In addition to the transaction servers taken from Crydon’s facility, he also lost telephone service for his company after the FBI raided Core IP, which housed a business that was providing his company with VoIP.
FBI spokesman White says the equipment seizures were necessary.
"My understanding is that the way these things are hooked up is that they’re interconnected to each other," he says. "Company A may be involved in some criminal activity and because of the interconnectivity of all these things, the information of what company A is doing may be sitting on company B or C or D’s equipment."
White says the FBI is working with affected companies to provide them with copies of seized data they need to run their businesses.
"It’s not that we’re doing nothing to assist them," White says. "We’ve repeatedly asked the companies to call and provide us with the information we need so we can get the info they need back to them. It is a time-consuming process."
The owner of the card-processing company, however, says the FBI has been "completely unresponsive" to the needs of Crydon customers caught up in the raid. An agent gave him a fax number to send the FBI details about the equipment that belongs to him, but the fax number didn’t work. Then, he says, the agent in charge took a vacation.
"They were all unavailable after they effectively seized all of our equipment," he says.
An agent told the customer that no equipment would be released until agents could determine if it was used in criminal activity. And if it was used for criminal activity, it wouldn’t be released until after a trial.
"Our equipment could be there indefinitely," the customer said. "There’s been no due process…. I consider this to be an issue for anyone owning a data center right now. That they have this much power and can take anyone just because your equipment is inside a facility…. They’re supposed to limit their search and seizure to the owner of the equipment."
Faulkner says he’s managed to replicate mail servers and some functionality for some customers and is building up new business resources elsewhere — this time offshore in Panama, Mexico and Canada, where the FBI would have trouble seizing servers in the future. The Electronic Frontier Foundation has contacted him to investigate the FBI’s possible violation of due process.
Faulkner says when he visited the FBI’s office after the raid, he found numerous cubicles stacked full of servers seized in other raids that were waiting for someone to examine them. The irony, he says, is that in the case of his servers the data was all hardware encrypted.
"It would take a lot of NSA time to crack just one of them," Faulkner says.
Many of the allegations against Faulkner are based on claims from an unidentified informant who told the FBI that he used to work for Faulkner, and witnessed many criminal acts Faulkner committed. The witness told authorities he was "unaware of any legitimate business being run by Faulkner and that as far as he/she knew all of his income was derived from his illegal activities." The informant also claimed Faulkner used crack cocaine and methamphetamine and engaged in commercial spamming.
Faulkner says the unnamed informant is a former employee who was fired after failing to show up to work over an extended period.
"We paid him $70,000 to help us launch a VoIP business, and he never actually did anything," Faulkner says.
Faulkner says he doesn’t do drugs and he’s never conducted spamming nor been associated with spammers. He says when he has discovered spammers using ISP services he provided through companies he owned in the past, he would block their activities.