Twitter Spies, Cash Tornadoes, and Silicon Sanctions

Hello and happy Thursday! 

Can I be honest? I’m hot, tired, and struggling to come up with some super-deep tech and national security insights. I think between things getting frisky in Asia and the killing of Ayman al-Zawahiri, I’ve hit a bit of a “my noodle is baked” wall this week. So instead of an essay or explainer I’ve pulled together some stories that have caught my attention and provided some commentary. But if you have not already, you should stop reading this and immediately listen to Sarah and David’s discussion of the Mar-a-Lago raid and then read Jonah’s G File from yesterday—both are excellent. 

Ok, now that you’ve gotten the good stuff we can run through these other interesting developments. 

Twitter Employee Was a Saudi Spy 

A San Francisco jury has found Ahmad Abouammo guilty of spying for the Saudi government by routinely using his position at Twitter to collect and then share information associated with accounts that criticized the kingdom and its senior leaders, reports the Wall Street Journal. Abouammo was also convicted of money laundering, records falsification, and wire fraud. He was hired by Twitter in 2013 to manage media partnerships with high-profile users in North Africa and the Middle East but began spying for Saudi Arabia soon thereafter. 

In 2014, Abouammo met Bader Binasaker, an aide to then-Saudi Crown Prince Mohammed bin Salman (MBS), during a tour of the social media platform’s headquarters. Within six months of that meeting, the two met in London where Abouammo was given a $40,000 watch. One week later he began accessing the “mujtahidd” Twitter account, an anonymously run account that frequently complains about the Saudi government. Over the next year, he received multiple payments for $100,000 each into an overseas bank account. 

Abouammo also recruited another Twitter employee to assist him in spying, Ali Alzabarah, who performed website maintenance for Twitter. A third individual, Ahmed Almutairi, who controlled a Saudi social media company and who worked for the Saudi royal family, was also involved, according to the U.S. government. 

The three men were able to access and share the personal information of more than 6,000 Twitter accounts in 2015. When confronted by Twitter leadership, Alzabarah—also a Saudi citizen—fled the United States, as did Almutairi, leaving Abouammo on his own. The FBI has issued arrest warrants for both men. 

Here’s what I’m thinking: The assassination of Jamal Khashoggi makes it abundantly clear that MBS is a cold-blooded murderer, a would-be despot, and an overly sensitive crybaby. While realpolitik considerations may have led the United States not to forcefully confront his transgressions, they don’t strip away the truth of the matter. It’s also not surprising that, if MBS is willing to order a dissident’s dismemberment with a bone saw, he probably didn’t think too long about recruiting an American social media employee to steal Twitter user information. But one thing should be very clear, this isn’t just about people’s emails and phone numbers being improperly shared—this data was being collected so that critics of the regime could be spied on, intimidated, or disappeared like Khashoggi. As the trial of Abouammo goes into the sentencing phase, I hope they throw the book at him and that he goes from trading data for watches and money, to trading cigarettes for protection from “Fat Mo” and his squad. 

Treasury Takes on Tornado Cash 

Earlier this week, the U.S. Treasury Department sanctioned a tool used by hackers to launder billions of dollars, according to the Washington Post. The Tornado Cash “cryptocurrency mixer” has been a key part of the digital black market and, according to the U.S. government, has been used to launder more than $7 billion in digital money since 2019.  

A crypto mixer obscures the ownership of a digital asset by combining it with the assets of other users—making it difficult to know what belongs to whom. Among the users of Tornado Cash is North Korea’s Lazarus Group, who is responsible for the largest theft of crypto currency to date ($620 million).  

It is now illegal for Americans to use Tornado Cash for any transaction, and this is getting the attention of the cybersecurity and financial services industries.  

“This is an important step because it demonstrates the government’s willingness to connect the dots and leverage a range of expertise to follow the money, highlights that the problem is not just from Russia-based cybercriminals, and reinforces the point that compliance and programs aimed at making a demonstrable effort at limiting the use of platforms for illicit purposes is a cornerstone of their approach,” Megan Stifel, a co-chair of the Ransomware Task Force and chief strategy officer at the Institute for Security and Technology, told the Washington Post. 

But not everyone is pumped. Jake Chervinsky, policy head at the Blockchain Association, tweeted this: 

Here’s what I’m thinking: Defenders of crypto mixers will say tools like Tornado Cash are about privacy and that developers can’t be held responsible for how bad guys use them. While I think there’s some merit to this idea—I don’t think, for example, that gun manufacturers should be held liable for the crimes criminals commit using their guns—it also has its limits. If a gun manufacturer was producing untraceable firearms and marketing them to drug syndicates, I think they would’ve clearly earned a strong law enforcement response. Similarly, the central role of Tornado Cash in illicit online financing has been known for years and the platform has enabled some of the most prolific and dangerous hackers that are online. This is a serious and powerful action, and the Biden administration deserves credit for making it happen. 

We Need to Cut Moscow’s ‘Silicon Lifeline’ 

Reuters and the Royal United Services Institute (RUSI) have teamed up on an investigation into how Western computer parts are enabling Moscow’s war in Ukraine, despite tough new sanctions. According to RUSI’s new report, Silicon Lifeline: Western Electronics at the Heart of Russia’s War Machine, inspections of 27 different Russian military systems used or found in Ukraine contain “at least 450 different kinds of unique foreign-made components” and that most of them “were manufactured by U.S. companies with a longstanding reputation for designing and building sophisticated microelectronics for the U.S. military.” Even worse, the researchers also learned that “at least 80 different kinds of components were subject to export controls by the US, indicating that Russia’s military–industrial complex has, in recent decades, been able to successfully evade these.”  

In one instance, according to Reuters, an unexploded Russian 9M727 cruise missile included signal processors, microcontrollers, and programmable chips from American companies like Texas Instruments, Altera (owned by Intel Corp), Xilinx (owned by Advanced Micro Devices [AMD]), and Maxim Integrated Products (owned by Analog Devices Inc). “It’s quite simple,” a senior Ukrainian official told Reuters, “Without those U.S. chips, Russian missiles and most Russian weapons would not work.” 

According to RUSI, sophisticated components are being acquired through complicated “transshipments”—where “microelectronic third-party distributors and wholesalers often operate from intermediary jurisdictions such as Hong Kong, meaning that components bound for Russia are sometimes legitimately supplied through trading entities domiciled outside of Russia itself.” The United States and others struggle to disrupt these cutout acquisitions because it requires detailed insight into goods moving from their origin country into a legitimate transit country but then on to an illicit final customer. And the Russians have raised this type of sanctions-busting network into an art form. 

Less sophisticated, yet still very valuable, components are being made available through the cannibalization of low-tech commercial goods like washing machines and communications equipment. Russia is also using so-called “return shipments” to build up its semiconductor supplies. This is when a country that bought and used Russian military equipment, like Algeria, returns surplus or faulty components for payment and then those components are harvested and used by the Russian military. The manufacturers maintain that they adhere to Western export controls and that they are “deeply concerned should [their] products be used for purposes for which they were not designed.” Reuters also explains the following: 

Three of the manufacturers – AMD, Analog Devices and Infineon – said they had launched internal investigations after Reuters provided the customs data showing thousands of recent shipments of their products to Russia by third-party sellers. Infineon and Texas Instruments said products that they had shipped were already in transit at the time of the invasion. Intel said goods it shipped were internal company deliveries before it ceased its Russian operations in early April. 

Here’s what I’m thinking: I’m less worried about playing “gotcha” with these companies and more worried about shutting this down. Pretty quickly after Putin invaded Ukraine the Biden administration issued some very serious sanctions on the flow of semiconductors and other technical components to Russia. These sanctions are among the most biting actions the U.S. has taken to date and they have the potential of severely degrading the Russian military and economy for decades. But to make this happen, RUSI says we must do the following (and I agree): 

• Review and strengthen existing export controls in their own countries and jurisdictions;  

• Cooperate multinationally to identify and close Russian covert procurement networks; 

• Prevent sensitive microelectronics from being manufactured under license in states supporting Russia; and,  

• Discourage third countries and jurisdictions from facilitating re-export or transshipment of controlled goods to Russia. 

I fully support giving Ukraine the weapons systems and ammunition needed to unleash hate on the Russian military and to push them back across their own borders. But it is now clear that these objectives also require us to close the loopholes that are allowing U.S. semiconductors and other technical components to find their way into Russian military equipment. Congress should have Treasury Secretary Janet Yellen and Andrea Gacki, director of the Department’s Office of Foreign Assets Control, testify before the relevant committees on what else can be done to cut off Moscow’s silicon lifeline. 

That’s it for this edition of The Current. Be sure to comment on this post and to share this newsletter with your family, friends, and followers. You can also follow me on Twitter (@KlonKitchen). Thanks for taking the time and I’ll see you next week!