This is both a true story and foretelling of what we now see in 2024 with hack after hack in the water utility industry with a lot of the attribution leading to Russia.
In 2015, Digijaks Group was hired to conduct thorough due diligence for a hedge fund interested in acquiring water and water utility companies. The fund was considering the purchase of what appeared to be an American company known for innovating in the water utility industry with a digital switch technology that replaced outdated mechanical switches controlling water flow and chemical composition.
What we found was an American company that had not actually developed a digital switch but were actually using another company’s technology/code and was working very closely with this second company.
Company 1 – American Company
Company 2 – American Company? Or not.
So what now?
We followed all the trails available to us.
A. Code Review and what that told us.
B. Money Trail and what that told us.
C. People Trail and what that told us.
D. Unraveling IP addresses and what that told us.
E. Electronic trail and server location attribution and what that told us.
What we found was all signs pointing back to Russia. To Moscow. To a company that was actively owned by Russian Intelligence connected people and a company that in itself was constantly putting out disinformation about itself. We did not find an American startup with amazing technology. What we found was a run of the mill website company making websites for furniture stores suddenly having a super complicated digital switching technology. Worse? It was widely being sold in the United States Water Utility industry. This is why the hedge fund was interested in the original deal.
The Russian firm left behind a paper trail, unfiled taxes, and even payments from companies uncollected at a P.O. Box in Southern California. We dispatched someone to the site, and since they hadn’t settled their bills for years, the proprietor handed over bags of mail to our investigator. We secured the receipts. They revealed that the Russian company had colluded with associates in an American company to submit US Visa applications for Russians purportedly employed by them.
What does this mean? It means that we uncovered a sophisticated hostile foreign intelligence agency backed company pretending to be a US based company by actually filing US incorporation documents in multiple states, and then letting the filings lapse after a few years. It means we found US citizens actively helping this Russian front company to act as the sponsors for tech visas to bring Russians into America. We found a company that for a few years had only made websites (maybe) to support furniture stores. But one day suddenly they had a super sophisticated digital switch for the water utility industry in the United States. More interesting, they had the depth without any investment to suddenly be able to sell this switch in multiple states.
DIGIJAKS RECOMMENDED that US law enforcement agencies be alerted to the visa immigration problem and the fake companies. We also recommended that the hedge fund not go through with the deal. If they were to do so, they would have to fire all the russians involved, get rid of the involvement of the russian company in every way, and then do a complete rewrite of the code in the US to get rid of any potential russian code backdoors.
WHAT WE DO NOT KNOW NOW, OR THEN IS HOW MANY OF THESE DIGITAL SWITCHES WERE SOLD INTO THE WATER UTILITY INDUSTRY BY THIS RUSSIAN FRONT COMPANY POSING AS AN AMERICAN COMPANY BEFORE WE CAME ALONG AND BLEW UP THE STORY?