Three Individuals Charged for Alleged Roles in Twitter Hack

Three individuals have been charged today for their alleged roles in the Twitter hack that occurred on July 15, 2020.

Mason Sheppard, aka “Chaewon,” 19, of Bognor Regis, in the United Kingdom, was charged in a criminal complaint in the Northern District of California with conspiracy to commit wire fraud, conspiracy to commit money laundering, and the intentional access of a protected computer.

Nima Fazeli, aka “Rolex,” 22, of Orlando, Florida, was charged in a criminal complaint in the Northern District of California with aiding and abetting the intentional access of a protected computer.

The third defendant is a juvenile.  With exceptions that do not apply to this case, juvenile proceedings in federal court are sealed to protect the identity of the juvenile.  Pursuant to the Federal Juvenile Delinquency Act, the Justice Department has referred the individual to the State Attorney for the 13th Judicial District in Tampa, Florida.

“The hackers allegedly compromised over 100 social media accounts and scammed both the account users and others who sent money based on their fraudulent solicitations,” said Acting Assistant Attorney General Brian C. Rabbitt of the Justice Department’s Criminal Division.  “The rapid investigation of this conduct is a testament to the expertise of our investigators, our commitment to responding quickly to cyber attacks, and the close relationships we have built with law enforcement partners throughout the world.”

 “There is a false belief within the criminal hacker community that attacks like the Twitter hack can be perpetrated anonymously and without consequence,” said U.S. Attorney David L. Anderson for the Northern District of California.  “Today’s charging announcement demonstrates that the elation of nefarious hacking into a secure environment for fun or profit will be short-lived.  Criminal conduct over the Internet may feel stealthy to the people who perpetrate it, but there is nothing stealthy about it.  In particular, I want to say to would-be offenders, break the law, and we will find you.”

“Upon opening an investigation into this attack, our investigators worked quickly to determine who was responsible and to locate those individuals,” said San Francisco FBI Special Agent in Charge John F. Bennett. “While investigations into cyber breaches can sometimes take years, our investigators were able to bring these hackers into custody in a matter of weeks. Regardless of how long it takes us to identify hackers, we will follow the evidence to where it leads us and ultimately hold those responsible for cyber intrusions accountable for their actions. Cyber criminals will not find sanctuary behind their keyboards.”

“Weeks ago, one of the world’s most prolific social media platforms came under attack.  Various political leaders, celebrities, and influencers were virtually held hostage as their accounts were hacked,” said Kelly R. Jackson, IRS-Criminal Investigation (IRS-CI) Special Agent in Charge of the Washington D.C. Field Office.  “The public was confused, and everyone wanted answers.  We can now start answering those questions thanks to the work of IRS-CI cyber-crime experts and our law enforcement partners. Washington DC Field Office Cyber Crimes Unit analyzed the blockchain and de-anonymized bitcoin transactions allowing for the identification of two different hackers. This case serves as a great example of how following the money, international collaboration, and public-private partnerships can work to successfully take down a perceived anonymous criminal enterprise. Regardless of the illicit scheme, and whether the proceeds are virtual or tangible, IRS-CI will continue to follow the money and unravel complex financial transactions.”

“Today’s announcement proves that cybercriminals can no longer hide behind perceived global anonymity,” said Thomas Edwards, Special Agent in Charge, U.S. Secret Service, San Francisco Field Office. “The Secret Service remains committed to pursuing those responsible for cyber-enabled fraud and will continue to hold cyber criminals accountable for their actions.  This investigation is a testament to the strong partnerships between the Secret Service, the U.S. Attorney’s Office, the FBI, the IRS, as well as our state, local and international law enforcement partners.”

“Our identities and reputations are sacred. We will continue to aggressively defend and protect individuals, companies, and other entities from new-age cyber-fraud, especially those who scheme to hack, defraud and wreak havoc on U.S. citizens across the country,” said Caroline O’Brien Buster, Special Agent in Charge, U.S. Secret Service, Orlando Field Office. “The Secret Service believes that building trusted partnerships between the private sector and all levels of law enforcement is the proven model for success. I commend the exceptional work conducted by our law enforcement partners and the U.S. Attorney’s Office who worked diligently to hold these defendants accountable.”

As alleged in the complaints, the Twitter attack consisted of a combination of technical breaches and social engineering.  The result of the Twitter hack was the compromise of approximately 130 Twitter accounts pertaining to politicians, celebrities, and musicians.

The hackers are alleged to have created a scam bitcoin account, to have hacked into Twitter VIP accounts, to have sent solicitations from the Twitter VIP accounts with a false promise to double any bitcoin deposits made to the scam account, and then to have stolen the bitcoin that victims deposited into the scam account.  As alleged in the complaints, the scam bitcoin account received more than 400 transfers worth more than $100,000. 

This case is being investigated by the FBI’s San Francisco Division, with assistance from the IRS-Criminal Investigation Cyber Unit; the U.S. Secret Service, San Francisco and Headquarters; the Santa Clara County Sheriff’s Office and their REACT task force and the Florida Department of Law Enforcement.

The case is being prosecuted by Senior Counsel Adrienne Rose of the Criminal Division’s Computer Crime and Intellectual Property Section and Assistant U.S. Attorneys William Frentzen and Andrew Dawson of the Northern District of California.

Additional assistance has been provided by the U.S. Attorney’s Office for the Middle District of Florida; the State Attorney for the 13th Judicial District in Tampa, Florida; the Criminal Division’s Office of International Affairs and Organized Crime and Gang Section; the United Kingdom’s Central Authority and National Crime Agency; Chainalysis and Excygent.

The allegations of a criminal complaint are merely an allegation.  All defendants are presumed innocent until proven guilty beyond a reasonable doubt in a court of law.

U.S. Attorney Anderson’s video statement can be viewed here.

Register for “Network Forensics: Challenges and Tools.”

This webinar, hosted by the Forensic Technology Center of Excellence (FTCoE) will be held Tuesday, August 12, from 1:00 - 2:00 pm ET. In response to criminal investigations involving digital evidence, law enforcement needs forensically sound tools to acquire, evaluate, process, and present the data to the court. In the case of network forensics, challenges arise when the evidence is buried in large volumes of data. The financial burdens of purchasing and licensing proprietary tools to assist are not sustainable for law enforcement. This webinar reviews a set of open-source tools, including snort, pcap, TcpDump, wireshark, and NetworkMiner. It also highlights a recent open-source toolkit, FileTSAR, developed by Purdue University. This user-friendly toolkit can extract digital evidence from large amounts of network traffic and reconstruct unencrypted files, web pages, emails, and VOIP. FileTSAR achieves great performance by leveraging Spark, ElasticSearch, Kafka, and Kibana. Since existing tools all have their own limitations, the presenters will also discuss the challenges in network forensics. Potential workarounds will be given for law enforcement and future work is identified for researchers in the field. REGISTER

Nominees for Northcom, Spacecom Posts Testify at Confirmation Hearing

July 28, 2020 | BY JIM GARAMONE , DOD News

Air Force Lt. Gen. Glen D. VanHerck and Army Lt. Gen. James H. Dickinson testified before the Senate Armed Services Committee as part of the confirmation process to be U.S. Northern Command commander and commander of the U.S. Space Command, respectively.

VanHerck is currently the director of the Joint Staff in the Pentagon, and Dickinson serves as Spacecom's deputy commander.

If confirmed, VanHerck will also command the North American Aerospace Defense Command. He would also be the third Air Force officer in a row to hold the position. He would succeed Air Force Gen. Terrence J. O'Shaughnessy.

Dickinson would replace Space Force Gen. John W. "Jay" Raymond. Raymond currently serves as chief of space operations and Spacecom commander.

While Space Command is DOD's newest combatant command, established just last year, Northcom is not that much older, standing up in October 2002 in response to the attacks of 9/11.

The command is responsible for the defense of the homeland, and at today's hearing, VanHerck said "no mission is more sacred."

The command is also the military lead for support to civilian agencies and has provided aid during Hurricane Katrina, fires in the western U.S. and the current response to the COVID-19 pandemic.

The global situation is much more complicated than when the command was formed with very real threats from actors across all domains, VanHerck said. "We must remain prepared to meet the threats head on defend our homeland from an increasingly assertive set of peer competitors, rogue nations and nonstate actors, who are committed to creating a new world order and influencing our freedoms and our way of life," he told the Senate panel.

With his NORAD hat, VanHerck will command a binational agency that has defended North America for 62 years. If confirmed, he will work closely with Canadian defense officials to strengthen the already strong bonds between the two countries. He also pledged to continue outreach to Mexican defense officials.

"If confirmed, I commit … that I will provide my best military advice and candid views on the issues and challenges we face, and I will ensure that Northcom remains postured to defend the homeland and ready to provide timely support to civil authorities in order to eliminate suffering and ensure the safety of the American people," he said.

Dickinson has been intimately involved with the setup of Spacecom since it was a proposal. The command is less than a year old, but it had to hit the ground running, he noted. "I know well the tremendous responsibilities levied upon this command and it's incredible joint warfighters as I reflect on the responsibilities of the new position for which I've been nominated," he told the senators. 

It is not that long ago that the idea of space as a warfighting domain would have been denigrated, he said. "Frankly, I'm amazed at where we are today," the general said. "Just over a year ago, during General Raymond's nomination hearing, he testified of the great alignment in our nation with acknowledging space as a warfighting domain, just like land, air, sea and cyber. Based on that alignment. We as a nation took bold steps towards protecting and defending our critical space capabilities by establishing U.S. Space Command and subsequently standing up the U.S. Space Force to better organize, train and equip our space warfighters."

Dickinson said the new domain is facing "the most significant transformation in the history of U.S. national security space programs. The scope, scale and complexity of the threats to our space capabilities are real and concerning."

Space is not a benign environment, he said, with near-peers and others threatening the foundational domain. "We no longer have the luxury of assuming our access to an ability to leverage the space domain is a given," he said. 

The goal for the new command is deterrence – Dickinson said he wants to ensure conflict does not extend into space. "The best way I know how to prevent that from happening is be prepared to fight and win if deterrence were to fail," he said.

U.S. Space Effort's Future Hinges on Private Industry

July 28, 2020 | BY C. Todd Lopez , DOD News

When the United States sent men to the moon in the 1960s, the effort was largely driven by the government. But the future of the U.S. space effort will be agile innovators in the private sector who partner with the government, the Space Force's chief scientist said.

"We're very much at a precipice where private investment in space is driving the technology, not necessarily government investment as it has been in the past," Dr. Joel B. Mozer said today during a virtual panel discussion at the Center for Strategic and International Studies in Washington.

The U.S. government, in its pursuit of advancements and participation in the space domain, can contribute through investments in science, technology, infrastructure and science, technology, engineering and math — or STEM — education, Mozer said, as well as through development of policies and regulations that strengthen space efforts.

Defense Department officials must have a unique perspective on space, how it can be used, and what must be done to achieve national security objectives, Mozer said.

"Firstly, it's going to shape the environment that we operate in and will evolve our mission to protect U.S. interests both here on Earth and beyond in the future," he explained. "Second, many of the technological innovations that are now coming and will continue to come from entrepreneurs and industrialists in the space business are from those entrepreneurs. We must harness those innovations for our mission to support the joint fight when we're called upon to do so."

Finally, Mozer said, those involved in the military's pursuit of space must overmatch America's strategic competitors.

"Space is now a warfighting domain," he said. "We must work with industry, as well as our allies, to protect our ability to operate in that domain and to defend our capabilities and ensure that they're there when needed as well as to ensure that the technological advantage in space goes to freedom-loving states who desire to keep space lines of commerce open for all."

In May, NewSpace New Mexico sponsored a four-day conference to discuss civil, commercial and national security space strategy. That conference produced the nearly 90-page report "State of the Space Industrial Base Report 2020."

Mozer, one of the report's authors, said 10 recommendations regarding the future of space — six for the U.S government and four for industry — were the key takeaways.

The No. 1 recommendation, Mozer said, is that the U.S. government develop and endorse a whole-of-government "North Star" vision and strategy for the industrial development of space and that a presidential task force be established to execute that strategy.

"This recommendation is particularly important, and I believe that we're getting there," Mozer said. "In recent years and months, we've seen a lot of action and direction in this direction."

As examples of progress, he cited NASA's Artemis mission, which plans to put the first woman and the next man on the moon by 2024. The establishment of the Space Force is also an example of progress.

"There's a lot of thought being put into this 'North Star' vision, and we're laying some groundwork for it," he said. "However, it is still significant that this recommendation came out on top from the workshop. It tells me that we still have some work to do to describe this future vision, a vision that the nation could get behind and adopt."

The "North Star" vision must be specific about what the United States wants its future in space to look like, and U.S. officials must make sure the decisions they make now move the nation toward a future in space that Americans can aspire to and be proud of, Mozer said.

Other nations, specifically China, already have a long-term vision of the future of space and are making investments toward their own visions, he noted.

"The importance of such a vision is that it has the potential to derive national pride and to instill a culture of progress, and it highlights the value of STEM education for aspiring youth," he said. "There's lots of benefits of such a vision. The value is immense of a 'North Star' vision, and the consequences of a lack of such visual are potentially disastrous."

Maryland Man Sentenced to Four Years in Federal Prison for Ruthless Cyberstalking Campaign Against Former Girlfriend

Ahmed Kazzelbach Engineered Elaborate Scheme that Resulted in his Former Girlfriend Being Falsely Arrested by the Police and Disqualified from her Health Insurance Plan

Baltimore, Maryland – Chief U.S. District Judge James K. Bredar today sentenced Ahmad Kazzelbach, age 26, of Pasadena, Maryland, to four years in federal prison, followed by three years of supervised release, on the federal charges of cyberstalking and intentional damage to a protected computer. 

The sentence was announced by United States Attorney for the District of Maryland Robert K. Hur; Special Agent in Charge Jennifer C. Boone of the Federal Bureau of Investigation, Baltimore Field Office; Chief Melissa R. Hyatt of the Baltimore County Police Department, and Anne Arundel County State’s Attorney Anne Colt Leitess.

According to Kazzelbach’s plea agreement, beginning in June 2015, Kazzelbach and the victim both worked at Company A, an insurance broker located in Glen Burnie, Maryland, and in December 2015 began a romantic relationship, moving into a shared apartment.  In late May 2016, the victim ended her relationship with Kazzelbach.  Although Kazzelbach moved out of their shared apartment, he subsequently began a year-long scheme to harass the victim by compromising her personal online accounts, forging policy cancellation letters on behalf of her clients, and filing false reports with law enforcement that ultimately resulted in the victim being wrongfully arrested and incarcerated on multiple occasions.

Specifically, on July 25, 2016, Kazzelbach created an e-mail account that mimicked the victim’s real e-mail address and within 10 minutes, changed the name on the victim’s Apple account to the fake e-mail address he had created.  Two days later, Kazzelbach initiated a password reset, locking the victim out of the account which controlled certain settings on her iPhone, as well as access to the photos, music, and videos associated with her account.  Kazzelbach also accessed the victim’s Instagram account and changed a portion of her user name to “whore,” and accessed the victim’s online student loan account and changed the account e-mail address to the fake address he had created.

Kazzelbach also admitted that in late August 2016, he used a fax machine at Company A to send two letters purporting to cancel supplemental health insurance policies belonging to two of the victim’s clients, whose information Kazzelbach had accessed through his position at Company A.  On August 28, 2016, Kazzelbach accessed the victim’s own online health insurance account, to which she had previously given Kazzelbach limited access for initiation purposes, and made unauthorized changes to the victim’s race, pregnancy status, and income.  The change in income resulted in the victim being disqualified from the plan in which she had enrolled, potentially modifying or impairing her medical care.

On September 1 and October 1, 2016, Kazzelbach attempted to access the victim’s bank account and tax-filing account, respectively, using a proxy server, which can be used to hide an electronic device’s true location or identity.  However, investigators were able to identify the true Internet Protocol (IP) address from which the attempts were made and determined that the account was subscribed to by Kazzelbach’s father at a residence where Kazzelbach was then residing.

On September 30, 2016, Kazzelbach sent a text message to the victim in which he disguised his real identity by using a “spoofing” program, which used computer software to make it appear as though the message originated from a Florida-based cell phone number that did not belong to Kazzelbach.  In the message, Kazzelbach wrote, “Prepare yourself for what’s coming…the last 3 months were just the beginning.  I have bigger plans for you…I love how easily manipulated you can be.”

As detailed in his plea agreement, Kazzelbach filed a petition for a protective order against the victim on December 10, 2016, in the District Court of Maryland for Anne Arundel County, falsely alleging that the victim had physically abused him and made violent threats in text messages and on social media.  A temporary protective order was granted on December 13 and a hearing on a final protective order was scheduled for December 29, 2016.  Between December 13 and December 29, Kazzelbach contacted Anne Arundel County on four occasions to falsely report that the victim was continuing to harass and threaten him in violation of the temporary protective order.  Based on Kazzelbach’s sworn statement, and on text messages, and phone calls on Kazzelbach’s phone that he had spoofed to make it appear that the victim had contacted him, when in fact, she had not, the court issued four arrest warrants for the victim.  On December 29, 2016, the final protective order against the victim was granted, effective for a period of one year.  Then, between December 29, 2016 and June 2017, Kazzelbach made 14 additional false reports to law enforcement, causing seven more criminal actions to be filed against the victim in Anne Arundel and Baltimore Counties, and resulting in her false imprisonment for four nights.

In March 2017, the Anne Arundel County prosecutor handling Kazzelbach’s case asked for Kazzelbach’s consent to download the contents of his iPhone, but Kazzelbach refused.  The prosecutor told Kazzelbach that if he did not permit a full search of his phone, the Anne Arundel charges against the victim would be dismissed.  In response, Kazzelbach began making false reports to Baltimore County instead.  In May 2017, the Anne Arundel charges against the victim were dismissed.  Baltimore County Police officers subsequently began their own investigation and determined that no attempted or completed text messages were sent from any of the victim’s accounts on the dates and times alleged by Kazzelbach.

United States Attorney Robert K. Hur commended the FBI Baltimore Cyber Task Force (CTF), the Baltimore County Police Department, and the Anne Arundel County State’s Attorney’s Office for their work in the investigation.  Mr. Hur thanked Assistant U.S. Attorneys Jeffrey J. Izant and P. Michael Cunningham, who prosecuted the case and thanked Assistant U.S. Attorney Zachary Myers for his assistance.

DOD Seeing Enormous Jump in Telework, Remote Collaboration

July 27, 2020 | BY David Vergun , DOD News

The Defense Department has three priorities for dealing with COVID-19: protecting the entire force and their families, maintaining mission readiness and supporting the whole-of-government effort to mitigate and end the pandemic, said the DOD chief information officer.

In keeping with those efforts, "the department has moved to a telework posture at an unprecedented rate and at a scale never before seen, which has mitigated disruption to our national defense," said Dana Deasy.

According to a statement from Deasy's office, as of June 16, more than a million DOD personnel telework. Prior to the pandemic only about 95,000 DOD personnel teleworked. 

Also during that time frame, the department-wide Virtual Private Network usage increased from 49,600 to 440,000 connections on average per day, the statement said, noting that pre-COVID-19 DOD-wide network capacity was 200 gigabytes and that has increased by 10% to 220 GB.

On March 27, the department launched its Commercial Virtual Remote environment, which facilitates collaboration from any location. Since that time, more than 3.2 million CVR accounts have been created. As of June 5, there have been 44.3 million chat messages; 16.8 million phone calls; 847,000 meetings; 339,000 group team calls; and 134,000 unique teams in CVR.

The COVID-19 Telework Readiness Task Force has been critical in ensuring the networks remain telework ready and cyber-secure to support the full range of DOD missions, Deasy said, adding "We had challenges, given the scope and scale of remote work, but have consistently exposed the issues and acted upon them, ensuring no impact on mission."

That task force continues to meet several times per week, he noted.

The department will continue to reevaluate telework requirements in light of the pandemic response and the future enduring environment, Deasy said. "We expect there to be a demand for more telework options across the department. We will leverage a combination of new and existing contracts to satisfy new demands."

Deasy mentioned that his office will host the second annual DOD CIO Global Virtual Town Hall meeting for DOD personnel, Aug. 12, to provide an opportunity for the department's information technology and cyber workforce to learn more about the successes and lessons learned and the work that the task force is doing.

Space Force Rockets Toward Milestones

July 24, 2020 | BY David Vergun , DOD News

Although the Space Force, the military's newest service, is just seven months old, it has sprinted toward its goal of preserving dominance in the space domain, its leader said.

Gen. John W. Raymond, chief of space operations of the Space Force and commander of U.S. Space Command, held a video briefing today at the Pentagon, hosted by the Center for a New American Security.

Although U.S. Space Command was stood up on Aug. 29 and the Space Force stood up Dec. 20, significant advances have already been made, he said.

The Space Force was involved in launching the X-37 Orbital Test Vehicle, the Advanced Extremely High Frequency communications satellite, GPS satellites, and other launches out of Cape Canaveral, Florida, he said. The newest service also supports the first human space flight since the end of the space shuttle era.

Also in the works is a draft of the first ever capstone warfighting doctrine for space, which will be rolled out in a week or two. He said it’s a foundational document that will inform Americans and allies about the value of the Space Force in protecting national security.

Just last week, the Space Force graduated its first classes in space electronic warfare, orbital warfare and space battle management, he noted.

Raymond said his organization will integrate closely with all of the combatant commands to ensure they have the support they need in the space domain. To do that, teams are being formed that will be a part of that integration effort.

One of the notable values the Space Force will bring to the American people is unity of effort and cost savings, he said, noting that there are many organizations, allies and partners doing work involved in the space domain.

The Space Force is looking to avoid duplication of effort. As an example, the Defense Department needed to have two satellites in polar orbit. Raymond said his organization found that Norway was already involved in doing just that, so the U.S. partnered with its NATO ally to put payloads on their rockets.

Raymond emphasized that he wants to ensure that the Space Force stays lean and agile, and he said the organization will be flattened, thus avoiding layers of bureaucracy. 

The requirements, acquisition and personnel processes will likewise be streamlined and efficient, he added.

That small force will also be digitally savvy, he said, noting that only the best and brightest will be accepted.

Raymond said he wants the new workforce to be up to date, both technically and proficiently. In an effort to do that, he said he expects Space Force personnel will be allowed to work for certain periods of time within agencies like NASA and the National Reconnaissance Office as well as industry.

Like other organizations, the Space Force has been impacted by COVID-19, he said. As a result, the Space Force has embraced virtual events, such as hosting a combined space operations principles meeting with close partners in space: Australia, Canada, New Zealand, United Kingdom, France and Germany. 

Finally, Raymond noted that an airman in Germany sent him a note recently suggesting a new Space Force motto, Semper Supra, which is Latin for "Always Above." Raymond said he approved it.

DOD on 'Aggressive' Track with Hypersonic Weapons Development

July 23, 2020 | BY David Vergun , DOD News

One of the Defense Department's top priorities is developing hypersonic weapons capability, a particularly important goal, considering recent developments in this area by near-peer competitors China and Russia, the assistant director for hypersonics from the office of the undersecretary for research and engineering said.

Mike White, who spoke at the Institute for Defense and Government Advancement Counter Hypersonic Weapons Summit today, said the department has taken a fast-track, four-phase approach. 

The first phase consisted of concept demonstrations, test and evaluation and weapons system prototype, he said. The next phase was in transitioning promising technology development to concept demonstration.

Phase three will be in accelerated fielding of capability and weapons system prototypes to warfighters, White said, and phase four, starting with the fiscal year 2022 budget cycle, will be buying hypersonic weapons in numbers and delivering prototypes to the warfighter for future production buys in programs of record. 

It's an all-hands on deck effort, he said, with NASA, the Defense Advanced Research Projects Agency, the Space Development Agency, the Missile Defense Agency and national laboratories partnering in the effort to move this along expediently and effectively.

The Defense Department also recently stood up the Joint Hypersonic Transition Office to focus on creating a university consortium to aid in key science and technology aspects and to train the best and brightest for the next generation workforce. In addition to academia, industry partners will play the key role in delivering these weapons to the warfighters, White noted.

Much of the current focus is on offensive hypersonic weapons systems. The bulk of the investment is going to provide theater commanders with lethal, medium- and intermediate-range systems that will counter adversary efforts to deny access to U.S. forces in the air, land, sea and space domains, he said.

White said that the defensive side is much more difficult to predict and prepare for because hypersonic vehicles travel with unpredictable maneuverability at over five times the speed of sound at near space levels.

White said that the challenge is tracking and targeting those systems in the upper reaches of the atmosphere — 100,000 to 150,000 feet above the earth because new sensors and intercept vehicles and the associated architecture will need to be developed. 

Researchers Charged with Visa Fraud After Lying About Their Work for China’s People’s Liberation Army

China’s San Francisco Consulate Harboring Known Fugitive from Justice

Four individuals have recently been charged with visa fraud in connection with a scheme to lie about their status as members of the People’s Republic of China’s military forces, the People’s Liberation Army (PLA), while in the United States conducting research.  Three of these individuals have been arrested and the Federal Bureau of Investigation (FBI) is seeking the fourth who is a fugitive from justice currently being harbored at the Chinese Consulate in San Francisco.

In addition to these arrests, the FBI has recently conducted additional interviews of visa holders suspected of having undeclared affiliation with the Chinese military in more than 25 American cities.

“These members of China’s People Liberation Army applied for research visas while hiding their true affiliation with the PLA,” said Assistant Attorney General for National Security John C. Demers.  “This is another part of the Chinese Communist Party’s plan to take advantage of our open society and exploit academic institutions.  We will continue to conduct this investigation together with the FBI.”

“The United States welcomes students, academics, and researchers from across the globe. Today’s announcement shows the extreme lengths to which the Chinese government has gone to infiltrate and exploit America’s benevolence," said John Brown, Executive Assistant Director of the FBI's National Security Branch. “In interviews with members of the Chinese People’s Liberation Army in over 25 cities across the U.S., the FBI uncovered a concerted effort to hide their true affiliation to take advantage of the United States and the American people.” 

Each defendant has been charged with visa fraud, in violation of 18 U.S.C. § 1546(a).  If convicted, each faces a maximum statutory penalty of 10 years in prison and a fine of $250,000.  The allegations against each are as follows:

Xin WANG

According to a complaint that was unsealed in the Northern District of California, on June 8, 2020 and court documents filed June 11, Wang entered the United States on March 26, 2019, after receiving a J1 non-immigrant visa in December of 2018.  Wang’s visa application stated that the purpose of his visit was to conduct scientific research at the University of California, San Francisco (UCSF).  Wang is alleged to have made fraudulent statements on this visa application.  Specifically, Wang stated that he had served as an Associate Professor in Medicine in the People’s Liberation Army (PLA), from September 1, 2002 through September 1, 2016.

In reality, when interviewed by officers of Customs and Border Protection (CBP) at LAX on June 7, Wang provided information that he was, in fact, still currently a “Level 9” technician in the PLA, employed by a military university lab.  CBP officers also obtained information that this roughly corresponded with the rank of Major.  According to court documents, Wang was still employed by the PLA while he was studying in the United States, and he made false statements about his military service in his visa application in order to increase the likelihood that he would receive his J1 visa. 

Also according to court documents, Wang provided information to CBP that he had been instructed by his supervisor, the director of his military university lab in the PRC, to observe the layout of the UCSF lab and bring back information on how to replicate it in China.  Wang similarly told his supervising UCSF professor that he had duplicated some of the work of that professor at the lab in China.  Some of the work of the UCSF lab was funded by grants from the United States Department of Health and Human Services, National Institutes of Health (NIH). 

Wang was arrested on June 7, and had his initial appearance on June 8.  A grand jury in the Northern District of California returned an indictment on June 22.

Juan TANG

According to court documents unsealed in the Eastern District of California on July 20, Tang, a researcher at the University of California at Davis, applied for a non-immigrant J1 visa on or about Oct. 28, 2019.  The visa was issued in November 2019, and Tang entered the United States on or about Dec. 27, 2019.  Tang is alleged to have made fraudulent statements on her visa application.  Specifically, to the question, “Have you ever served in the military,” Tang responded “No.”

In fact, Tang is a uniformed officer of the PLA Air Force (PLAAF).  As set forth in the Complaint, the FBI found a photograph of Tang in a military uniform and references to Tang’s employment at the Air Force Military Medical University, which has also been known as the Fourth Military Medical University.  The FBI interviewed Tang on June 20.  Although Tang denied having been a member of the military, an additional photograph of Tang in a different PLA military uniform was found on electronic media seized pursuant to a search warrant.

The FBI is seeking to arrest Tang pursuant to an Arrest Warrant and Complaint that were filed on June 26, and unsealed on July 20.  Tang has sought refuge at the Chinese consulate in San Francisco, where she remains.

Chen SONG

The allegations describing the crime appear in an affidavit supporting the complaint filed on July 17 and unsealed in the Northern District of California on July 20.  According to the affidavit, Song, 38, a Chinese national, applied for a J1 nonimmigrant visa in November 2018.  She entered the United States on Dec. 23, 2018.  In her visa application, in response to the question, “Have you ever served in the military,” Song stated that she had served in the Chinese military only from Sept. 1, through June 30, 2011.  She further stated that her employer was “Xi Diaoyutai Hospital.” Song described herself in her visa application as a neurologist who was coming to the U.S. to conduct research at Stanford University related to brain disease.

The affidavit alleges that these were lies, that Song was a member of the PLA when she entered and while she was in the United States, and that the hospital she listed on her visa as her employer was a cover for her true employer, the PLA.  The affidavit identifies four research articles that she co-authored, which described her as affiliated with institutions subordinate to the PLA Air Force.  Specifically, the articles list Song as affiliated with the Air Force General Hospital in Beijing and the Fourth Military Medical University.  In addition, as of July 13, a Chinese health care website listed Song as an attending physician of the Department of Neurology of the PLA Air Force General Hospital, and included a photograph of Song wearing what appears to be a military uniform.  Further, an article published in 2015 identifies Song as the doctor at the PLA Air Force hospital who performed the autopsy on the former chief physician of the MRI Department at the hospital. 

Finally, according to the affidavit, a search of Song’s external hard drive, recovered pursuant to a court-authorized search warrant, found that, on June 21, Song had deleted a folder titled, in Chinese, “2018 Visiting School Important Information.”  The search recovered deleted documents from this folder.  The affidavit alleges that one of the recovered documents was a letter from Song to the Chinese Consulate in New York, explaining that she was extending her time in the United States for another year, and wrote that her stated employer, Beijing Xi Diaoyutai Hospital, is a false front, which is why she had obtained approval for her extension from the PLA Air Force and FMMU.  The letter further allegedly explained that, as these Chinese military approval documents were classified, she could not transmit them online.

Song was arrested on July 18.  

Kaikai ZHAO 

According to a complaint filed in the Southern District of Indiana on July 17 and unsealed today, Zhao, a graduate student studying machine learning and artificial intelligence at Indiana University, applied for an F1 nonimmigrant visa in June 2018.  In response to the question on the visa application, “Have you ever served in the military,” Zhao answered, “No.”  As set forth in the Complaint, Zhao served in the National University of Defense Technology, the PLA’s premier institution for scientific research and education, which is directly subordinate to the PRC’s Central Military Commission.  Zhao also attended the Aviation University of Air Force (AUAF), which is a Chinese military academy analogous to the U.S. Air Force Academy.  AUAF students are active military service members who receive military training.  In addition, the FBI located an online photograph of Zhao wearing a PLAAF uniform.

Zhao was arrested on July 18.

Artificial Intelligence Deployment Requires Diverse Image Data

July 20, 2020 | BY C. Todd Lopez , DOD News

Ensuring that technology powered by artificial intelligence will work anywhere requires that AI is "trained" on a diverse data set that readies it for deployment anywhere in the world. 

That's something the Joint Artificial Intelligence Center is well aware of as it pushes forward with the Defense Department's AI strategy, the center's director said.

Diversity in training models is a challenge, Nand Mulchandani said during the VentureBeat Transform 2020 virtual conference on artificial intelligence July 17.

"When you think of sort of an oxymoron like mass customization, think of a single system that's deployed worldwide, globally," he said. "We've trained the model on a particular training data set. But that data set is not representative of say, global terrain, or global information, or even things like faces. So when you think of the diversity of ... humankind out there, ... if you're doing something like facial recognition or something, the training data set from a testing and representative perspective is so important."

From the testing and evaluation side, Mulchandani said, it's important for the JAIC to be able to ensure an AI system is trained in a diverse enough way that it can be deployed globally and work anywhere.

"What we're finding is ... we're still in the early days of AI where the ability for a single dataset to perform in multiple different environments and applications is incredibly important," he said.

Mulchandani also addressed concerns that DOD might be difficult to work with for smaller companies involved in artificial intelligence research and development.

"From the outside, there seems to be this idea that the DOD, the Pentagon, has a very hard time liaising and working with tech startups and even large tech companies," he said. However, he added, there's a lot of change going on at DOD as the department partners and works directly with large and small tech companies.

The JAIC now has projects going on with startup companies that have as few as seven employees, he noted.

"The ability for us to have those direct conversations, direct work with them — the environment has never been better," he said. "And there's huge changes going on in terms of how acquisition gets done, how we actually acquire, procure and deliver software inside the DOD from a cloud perspective, and other things."