Category Archives: FBI

Stop Using Zoom, Second Warning

Posted on by

The first warning came last March.

March: As remote work surges amid the coronavirus pandemic, the FBI issued a public bulletin Monday warning Zoom and other video teleconferencing services may not be as private, or as secure, as users may assume.

Use of Zoom and similar services has exploded in recent weeks as companies, schools, governments, and individuals increasingly turn to its teleconferencing as ways to keep businesses and classrooms afloat while sheltering in pace or working from home. However the shift also represents an opportunity for attackers, as white supremacists, hackers and other trolls barge into digital meetings, a phenomenon known as “Zoombombing.”

In Massachusetts, there have been several incidents, including an unintended participant joining a high school’s virtual classroom only to yell profanities and reveal personal information about the teacher, according to the FBI. Another unwelcome participant with swastika tattoos joined a separate Massachusetts school’s Zoom meeting, the FBI reports.

“The FBI has received multiple reports of conferences being disrupted by pornographic and/or hate images and threatening language,” the FBI cautioned. “As individuals continue the transition to online lessons and meetings, the FBI recommends exercising due diligence and caution in your cybersecurity efforts.”

It’s not just private businesses and children whose meetings could be Zoombombed. Privacy and security issues in conferencing software may also pose risks to national security, as world leaders convene Zoom meetings. In some cases, world leaders such as U.K. Prime Minister Boris Johnson have shared screenshots of their teleconferencing publicly only to reveal Zoom meeting IDs, raising concerns that sensitive information could be compromised. More here.

Stupidly, government officials at all levels are using Zoom including the Biden presidential team. How dangerous is that? Those officials are not reading the warnings or the news? Yeesh

 

Zoom Biden Rally

For more proof, again this month…

Justice Department/December 2020: China-Based Executive at U.S. Telecommunications Company Charged with Disrupting Video Meetings

It is not only the U.S. that is sounding the warnings. The Telegraph reports warnings that “opportunistic criminals” (a formulation that’s practically redundant), can be expected to use bogus invitations to sessions in their social engineering efforts.

Connecticut Teen Arrested for Allegedly 'Zoom Bombing ... source

A security executive with the video-tech giant Zoom worked with the Chinese government to terminate Americans’ accounts and disrupt video calls about the 1989 massacre of pro-democracy activists in Tiananmen Square, Justice Department prosecutors said Friday.

The case is a stunning blow for Zoom, one of the most popular new titans of American tech, which during the pandemic became one of the main ways people work, socialize and share ideas around the world. The California-based company is now worth more than $100 billion.

But the executive’s work with the Chinese government, as alleged by FBI agents in a criminal complaint unsealed Friday in a Brooklyn federal court, highlights the often-hidden threats of censorship on a forum promoted as a platform for free speech. It also raises questions about how Zoom is protecting users’ data from governments that seek to surveil and suppress people inside their borders and abroad.

Prosecutors said the China-based executive, Xinjiang Jin, worked as Zoom’s primary liaison with Chinese law enforcement and intelligence services, sharing user information and terminating video calls at the Chinese government’s request.

Jin monitored Zoom’s video system for discussions of political and religious topics deemed unacceptable by China’s ruling Communist Party, the complaint states, and he gave government officials the names, email addresses and other sensitive information of users, even those outside China.

Jin worked also to end at least four video meetings in May and June, including video memorial calls with U.S.-based dissidents who’d survived the crackdown by Chinese military forces that killed thousands of students and protesters. The Chinese government works to censor any acknowledgment of the massacre, including on social media outside China.

A Zoom spokesperson said in a statement Friday that the company has cooperated with the case and launched its own internal investigation. Jin, the company said, shared “a limited amount of individual user data with Chinese authorities,” as well as data on no more than 10 users based outside China. Jin was fired for violating company policies, the statement said, and other employees have been placed on administrative leave until the investigation is complete.

In an updated statement on Zoom’s website, the company said it “fell short” by terminating the meetings instead of only blocking access to participants in China, to abide by Chinese law. The company said it has reinstated the victims’ accounts and will no longer allow requests from the Chinese government to affect users outside mainland China.

“As the DOJ makes clear, every American company, including Zoom and our industry peers, faces challenges when doing business in China,” the company said in its statement. “We will continue to act aggressively to anticipate and combat ever-evolving data security challenges.”

Jin could not be reached for comment. Though Jin lives in China and is not in U.S. custody, officials said he could be transferred to the United States to face prosecution if he travels to a country that has an extradition treaty with the U.S.

A spokesperson for the Chinese embassy in Washington did not respond to requests for comment.

Human-rights activists this summer said their Zoom accounts had been abruptly terminated shortly before or after they’d hosted video calls commemorating the 31st anniversary of the Tiananmen Square protests, a bloody crackdown captured in the iconic photo of a man standing in front of a Chinese tank.

Zoom said in a statement then that the company “must comply with laws in the countries where we operate.” While the company said it regretted “that a few recent meetings with participants both inside and outside of China were negatively impacted,” the statement said it was not in the company’s power “to change the laws of governments opposed to free speech.”

Zhou Fengsuo, a student leader during the Tiananmen Square protests who had his paid Zoom account terminated this summer, told The Washington Post on Friday that he had worked with the FBI on the case and saw the charges as “tremendous news.”

“It’s so eye-opening to me how this U.S. company, having this connection, would report directly to” the Chinese Communist Party and “disrupt our meetings regularly on behalf of the CCP,” he said. “This executive was working for the government and police as an agent of persecution, and Zoom was paying this guy for doing that job.”

Prosecutors charged Jin, also known as Julien Jin, with conspiracy to commit interstate harassment and to transfer a means of identification. Jin, 39, had worked at the company since 2016, most recently as a “Security Technical Leader,” the complaint said.

Quoting from electronic messages between Jin and other Zoom employees, FBI agents outlined a months-long, high-pressure campaign by China’s “Internet Police” to view users’ video calls and suppress unwanted speech. In one April message, Jin said he had been summoned to a meeting with Chinese government officials who demanded that Zoom develop the capability to terminate any “illegal meeting” within one minute. In others, Jin sent meeting passwords and other sensitive internal data directly to Chinese law enforcement.

In the complaint, FBI agents said that Zoom employees in the U.S. had agreed to a Chinese government “rectification” plan that entailed migrating data on roughly 1 million users from the U.S. to China, thereby subjecting it to Chinese law. Zoom also agreed, the complaint states, to provide “special access” to Chinese law enforcement and national-security authorities. In one message cited in the complaint, Jin wrote that the authorities had wanted him to share detailed lists of the company’s “daily monitoring” of “Hong Kong demonstrations, illegal religions” and other subjects.

To terminate the Tiananmen Square calls, the complaint alleges, Jin’s co-conspirators fabricated evidence that they were intended to discuss child abuse, racism, terrorism and violence. Jin’s co-conspirators also entered some calls with fake accounts that used pornographic or terrorist-related profile images, and Jin pointed to those images as evidence to terminate the meetings and suspend the hosts’ accounts.

John Demers, the assistant attorney general for national security, said the firm had, like many others that do business in China, put itself in a difficult position by operating in an authoritarian country whose laws and practices often “run antithetical to our values.”

“The company was focused on complying with Chinese law and the expectations of Chinese law enforcement,” Demers said. “But what happened over time is those expectations increased. So it goes from, ‘Well, respond to our lawful requests,’ to ‘You must take action within a minute to shut down any action on your platforms’ – not just in China, but outside – that hits upon topics of sensitivity to the Chinese government.”

That pressure, he noted, spans many industries: He cited the controversy last year involving the National Basketball Association, in which the general manager of the Houston Rockets tweeted in support of Hong Kong protesters, leading to a backlash in China.

“The case is an illustration of the choices that companies are forced to make when they do business in China . . . [and] how the Chinese government will take advantage of the leverage they have over you to push their agenda,” he said. “You’ve got a consistent pattern of the Chinese government using economic leverage – the opportunity to access markets, foreign investments – in order to further political goals.”

John Scott-Railton, a researcher at the Citizen Lab in Toronto, said the filing showed how authoritarian governments have increasingly looked at major tech companies as top-priority intelligence targets ripe for infiltration and recruitment.

He pointed to another case last year against two former Twitter employees charged with spying on behalf of Saudi Arabia, including by sending the personal information of thousands of people, including Saudi critics and prominent dissidents.

The charges were announced on the same day that the Trump administration added four Chinese companies to the Commerce Department entity list for enabling human rights abuses within China by providing DNA-testing materials or high-technology surveillance equipment to the Chinese government. They were among 59 Chinese companies Commerce add to its export control entity list, including companies that have been accused of stealing trade secrets and using U.S. exports to support the Chinese military.

Zoom has faced questions before about how it guards against the potential misuse of video data by the Chinese government, which censors major news and social media websites beneath what’s known as a “Great Firewall.”

This spring, Scott-Railton and another researcher found the company had routed American users’ data through Chinese servers, potentially opening it to Chinese-government data requests. The company later said it had “mistakenly” sent American video calls to Chinese data centers amid a flood of calls.

Zoom employs more than 2,500 people around the world, including, as of last year, more than 500 in China who develop the software installed in computers around the world.

The company’s billionaire chief executive, Eric Yuan, was born in China but moved to Silicon Valley in the late ’90s, where he worked for the video start-up WebEx before founding Zoom in 2011.

The Federal Trade Commission last month reached a settlement with Zoom, in which the company resolved allegations that it had misled users about their data privacy and encryption measures by agreeing to new security rules.

Questions over business dealings in China have become more commonplace as a new wave of Chinese tech start-ups has gained international popularity and acclaim. TikTok, the wildly popular short-video app owned by the Beijing-based tech company ByteDance, drew suspicions of censorship from users last year because searches on the site related to topics suppressed by the Chinese government, such as the Tiananmen Square massacre or the Hong Kong pro-democracy protests, showed few or no videos.

Internal guidelines for the site also mimicked Chinese-government censorship policies, and former employees for the company told The Post last year that key content-moderation decisions for international users were made in China. TikTok has said it has worked in recent months to distance its U.S. operations from the company’s Chinese headquarters.

Wang Dan, a Chinese dissident whose Zoom call on Tiananmen Square was also disrupted this spring, said the case showed how China could threaten free expression for people in the West.

“Interfering with the freedom of speech of those who have settled and lived in the United States in exile is . . . a serious attack to American sovereignty,” he told The Post on Friday. “The American people should also pay more attention to the [Chinese Communist Party’s] threat of American democracy.”

 

Increased Alarm over Intrusion into U.S. and Sandia/Los Alamos

Posted on by

WASHINGTON (AP) — Federal authorities expressed increased alarm Thursday about an intrusion into U.S. and other computer systems around the globe that officials suspect was carried out by Russian hackers. The nation’s cybersecurity agency warned of a “grave” risk to government and private networks.

The Cybersecurity and Infrastructure Security Agency said in its most detailed comments yet that the intrusion had compromised federal agencies as well as “critical infrastructure” in a sophisticated attack that was hard to detect and will be difficult to undo.

CISA did not say which agencies or infrastructure had been breached or what information taken in an attack that it previously said appeared to have begun in March.

“This threat actor has demonstrated sophistication and complex tradecraft in these intrusions,” the agency said in its unusual alert. “CISA expects that removing the threat actor from compromised environments will be highly complex and challenging.”

President Donald Trump, whose administration has been criticized for eliminating a White House cybersecurity adviser and downplaying Russian interference in the 2016 presidential election, has made no public statements about the breach.

President-elect Joe Biden said he would make cybersecurity a top priority of his administration, but that stronger defenses are not enough.

“We need to disrupt and deter our adversaries from undertaking significant cyberattacks in the first place,” he said. “We will do that by, among other things, imposing substantial costs on those responsible for such malicious attacks, including in coordination with our allies and partners.”

The cybersecurity agency previously said the perpetrators had used network management software from Texas-based SolarWinds t o infiltrate computer networks. Its new alert said the attackers may have used other methods, as well.

Over the weekend, amid reports that the Treasury and Commerce departments were breached, CISA directed all civilian agencies of the federal government to remove SolarWinds from their servers. The cybersecurity agencies of Britain and Ireland issued similar alerts.

A U.S. official previously told The Associated Press that Russia-based hackers were suspected, but neither CISA nor the FBI has publicly said who is believed be responsible. Asked whether Russia was behind the attack, the official said: “We believe so. We haven’t said that publicly yet because it isn’t 100% confirmed.”

Another U.S. official, speaking Thursday on condition of anonymity to discuss a matter that is under investigation, said the hack was severe and extremely damaging although the administration was not yet ready to publicly blame anyone for it.

“This is looking like it’s the worst hacking case in the history of America,” the official said. “They got into everything.”

The official said the administration is working on the assumption that most, if not all, government agencies were compromised but the extent of the damage was not yet known.

This hack had nothing to do with President Trump firing Director Krebs at CISA even though Associated Press keeps suggesting. But things just took a turn for the bad bad side –>

Sandia National Laboratories - From the Manhattan Project to a National Lab Sandia

Texas A&M System part of team awarded lucrative Los Alamos National Lab contract | The Texas Tribune Los Alamos

The Energy Department and National Nuclear Security Administration, which maintains the U.S. nuclear weapons stockpile, have evidence that hackers accessed their networks as part of an extensive espionage operation that has affected at least half a dozen federal agencies, officials directly familiar with the matter said.

On Thursday, DOE and NNSA officials began coordinating notifications about the breach to their congressional oversight bodies after being briefed by Rocky Campione, the chief information officer at DOE.

They found suspicious activity in networks belonging to the Federal Energy Regulatory Commission (FERC), Sandia and Los Alamos national laboratories in New Mexico and Washington, the Office of Secure Transportation and the Richland Field Office of the DOE. The hackers have been able to do more damage at FERC than the other agencies, the officials said, but did not elaborate.

Federal investigators have been combing through networks in recent days to determine what hackers had been able to access and/or steal, and officials at DOE still don’t know whether the attackers were able to access anything, the people said, noting that the investigation is ongoing and they may not know the full extent of the damage “for weeks.”

Spokespeople for DOE did not immediately respond to requests for comment.

The attack on DOE is the clearest sign yet that the hackers were able to access the networks belonging to a core part of the U.S. national security enterprise. The hackers are believed to have gained access to the federal agencies’ networks by compromising the software company SolarWinds, which sells IT management products to hundreds of government and private-sector clients.

DOE officials were planning on Thursday to notify the House and Senate Energy committees, House and Senate Energy and Water Development subcommittees, House and Senate Armed Services committees, and the New Mexico and Washington State delegations of the breach, the officials said.

The FBI, Cybersecurity and Infrastructure Security Agency, and Office of the Director of National Intelligence acknowledged the “ongoing” cybersecurity campaign in a joint statement released on Wednesday, saying that they had only become aware of the incident in recent days.

“This is a developing situation, and while we continue to work to understand the full extent of this campaign, we know this compromise has affected networks within the federal government,” the statement read.

NNSA is responsible for managing the nation’s nuclear weapons, and while it gets the least attention, it takes up the vast majority of DOE’s budget. Similarly, the Sandia and Los Alamos National Labs conduct atomic research related to both civil nuclear power and nuclear weapons. The Office of Secure Transportation is tasked with moving enriched uranium and other materials critical for maintaining the nuclear stockpile.

Hackers may have been casting too wide a net when they targeted DOE’s Richland Field Office, whose primary responsibility is overseeing the cleanup of the Hanford nuclear waste site in Washington state. During World War II and the Cold War, the U.S. produced two- thirds of its plutonium there, but the site hasn’t been active since 1971.

The attack on the Federal Energy Regulatory Commission may have been an effort to disrupt the nation’s bulk electric grid. FERC doesn’t directly manage any power flows, but it does store sensitive data on the grid that could be used to identify the most disruptive locations for future attacks.

21 hardened drug dealers’ at UNC, Duke, App State

Posted on by

Nearly two dozen people, including current and former students at UNC, Duke and Appalachian State universities, have been charged in connection with the investigation of a large-scale drug ring, local and federal law enforcement officials announced Thursday.

Many of the 21 people charged were connected with the Phi Gamma Delta, Kappa Sigma and Beta Theta Pi fraternal organizations, officials said. The investigation is continuing, and more charges are possible.

Thursday’s news conference was held “to save lives,” said Matthew G.T. Martin, U.S. attorney for the Middle District of North Carolina, who was joined at a news conference by Orange County Sheriff Charles Blackwood and other law enforcement officials.

“I want to make this clear,” Martin said outside the Sheriff’s Office in Hillsborough. “This was not the situation where you have single users — a 19-year-old sipping a beer or you have someone who is taking a puff of a joint on the back porch of a frat house. These are 21 hardened drug dealers.”

***

Source: The suspects were responsible for moving thousands of pounds of marijuana, hundreds of kilograms of cocaine, LSD, molly, mushrooms, steroids, HGH, Xanax and other narcotics.

The investigation started years ago. The Orange County Sheriff’s Office and the Drug Enforcement Agency launched an investigation in November 2018 into cocaine being sold in the Chapel Hill area.

It soon became clear that the illegal drug distribution was happening at or near UNC fraternity organizations.

UNC Chapel Hill Investigates Underage Drinking :: WRAL.com

Court filings specifically point to UNC chapters of Phi Gamma Delta, Kappa Sigma, and Beta Theta Pi from 2017-2020 being sites of illegal drug activity.

“Dealers set up inside these houses, poisoning fellow members of their fraternity, fueling a culture. And that’s why I say today is about saving lives. Because this reckless culture has endangered lives,” Martin said.

An Appalachian State fraternity member is also accused of being part of the drug ring, selling to fellow App State students as well as people in Chapel Hill.

Investigators also identified a female Duke student as being responsible for distributing cocaine to students at Duke and to fraternity members at UNC.

A primary supplier from California was the first person charged. According to court documents, from March 2017 until March 22, 2019, he supplied approximately 200 pounds of marijuana and two kilograms of cocaine weekly to a cooperating defendant in Orange County. Law enforcement operations at locations associated with the subject in Carrboro and Hillsborough resulted in the seizure of 148.75 pounds of marijuana, 442 grams of cocaine, 189 Xanax pills, steroids, human growth hormone, other narcotics, and approximately $27,775 in U.S. currency.

The investigation showed that payment for drugs was made using Venmo and by sending cash through the U.S. mail. That supplier pleaded guilty to on Nov. 24 and was sentenced to 73 months in prison.

The five defendants indicted for conspiracy to distribute cocaine and conspiracy to distribute marijuana face terms of imprisonment ranging from 10 years to life.

“College communities should be a safe haven for young adults to get a higher education. Not a place where illegal drugs are easily accessible,” DEA agent Matt O’Brien said. “The arrest of these drug traffickers makes these college campuses and their respective communities safer.”

UNC-Chapel Hill Chancellor Kevin Guskiewicz issued the following statement about the allegations; “We are extremely disappointed to learn of these alleged actions on our campus. The University is committed to working with law enforcement to fully understand the involvement of any university individuals or organizations so that disciplinary action can be taken. Although none of the individuals named today are currently enrolled students, we will remain vigilant and continue to work with our law enforcement partners to identify and address any illegal drug use on our campus. Our community can be certain that the University will enforce the student conduct code to the fullest extent possible.”

Pelosi Refusing to Advance China Task Force Legislation Items

Posted on by

Primer: China's Xi Jinping warned Trump could sow 'chaos' after 2016 election - Business Insider

On September 25, 2015, during CCP General Secretary Xi’s state visit to the United States, President Obama and Xi gave remarks to the press in the White House Rose Garden. The two leaders announced that they had agreed “neither the U.S. or the Chinese government will conduct or knowingly support cyber-enabled theft of intellectual property, including trade secrets or other confidential business information for commercial advantage.” Xi also pledged that “China does not intend to pursue militarization” of the South China Sea. Neither of these promises to the American people were made in good faith. Today, “China is using cyber-enabled theft as part of a global campaign to ‘rob, replicate, and replace’ non-Chinese companies in the global marketplace,” according to Assistant Attorney General John Demers. Meanwhile, the PRC’s military outposts in the South China Sea have been proven “capable of supporting military operations and include advanced weapon systems,” according to the Pentagon.

October 01, 2020 Congressional Record

COUNTERING THREAT OF CHINESE COMMUNIST PARTY The SPEAKER pro tempore. The Chair recognizes the gentleman from Pennsylvania (Mr. Joyce) for 5 minutes. Mr. JOYCE of Pennsylvania. Mr. Speaker, after months of hard work and collaboration, the China Task Force has released our final report, which includes more than 400 solutions to counter the growing threat of the Chinese Communist Party.

This report is the framework for combating the aggressive Chinese Communist regime. After meeting with more than 130 experts, we developed realistic and achievable solutions that take a comprehensive approach to strengthening America’s national security and holding the Chinese Government accountable. We realized that out of our 400 recommendations, 180 are legislative solutions, of which 64 percent are bipartisan and one-third have already passed either the House or the Senate.

Mr. Speaker, these are commonsense solutions that we can vote on today to strengthen our strategic position for tomorrow. As the only physician serving on the China Task Force, it was my privilege to delve into opportunities to strengthen our supply chains and ensure that Americans are never again beholden to the Chinese Government for key medicines or healthcare supplies.

On the Health and Technology Subcommittee, I led efforts to strengthen [[Page H5110]] the supply chains for medicines, semiconductors, and other vital materials. Congress has passed several provisions aimed at advancing research and the manufacturing of critical medical supplies here in the United States. We also created new reporting requirements to help us better understand international supply chains and counter vulnerabilities in the system.

To bolster our technology supply chain, I cosponsored H.R. 7178, the CHIPS Act, to increase domestic production of advanced semiconductors, which will help Americans to develop next-generation telecom technology, fully automated systems, and, importantly, new weapons systems. I also introduced the ORE Act, H.R. 7812, to incentivize the domestic production of rare earth materials, which is key to breaking the Chinese monopoly on critical supply chains. America cannot allow China to win the race to next-generation technology. We want innovative breakthroughs to happen here in this country, and the China Task Force is making progress through the legislative process. As a leader on the competitiveness committee, I focused on issues ranging from combating Chinese Communist-sponsored theft of intellectual property to exposing the influence of the Chinese in U.S. research institutions and countering the importation of illicit fentanyl.

Too often, American companies are being coerced to surrender intellectual property to the Chinese Government in order to gain entry into the Chinese marketplace. In extreme cases, we hear of outright theft by Chinese hackers and agents. The China Task Force has produced recommendations that direct the Federal Government to ramp up investigations of individuals acting as pawns of the Chinese Communist Party and enforce antitheft laws.

Our Nation has also seen wholesale efforts of the Chinese Government to steal research and gain influence at United States universities. In my own backyard, the FBI arrested a former Penn State researcher suspected of espionage. The task force has compiled provisions to increase transparency and accountability in the higher education system, and I introduced legislation to close loopholes and force the disclosure of all foreign money in our research systems. Finally, we must stop illicit fentanyl from reaching our communities and killing our neighbors.

The China Task Force has produced recommendations to stop the importation of these devastating analogues from China. In the House, I cosponsored legislation to hold foreign nations, including China, accountable if they fail to cooperate with U.S. narcotics control efforts and prosecute the production of fentanyl in their countries. I thank Senator Toomey for championing this provision in the Senate.

By implementing these solutions, we can make America safer, stronger, and better equipped to lead in the 21st century. The China Task Force final report is a framework. It is our playbook to make a difference. While our work on this report has finished, our commitment to this cause must and will continue. Phase two starts today.

The 141 page report is found here.

After Lying, Ambassador Yovanovitch has a Fat Job at Georgetown

Posted on by

Ambassador (ret.) Marie L. Yovanovitch is a Senior Fellow in the Russia and Eurasia Program at the Carnegie Endowment for International Peace, which is at Georgetown University’s Walsh School of Foreign Service.

(Washington, DC)Judicial Watch announced today that it received 210 pages of records from the State Department which show that former U.S. Ambassador to Ukraine Marie “Masha” Yovanovitch had specifically warned in 2017 about corruption allegations against Burisma Holdings. During her November 2019 testimony in the impeachment proceedings against President Donald Trump, Yovanovitch told lawmakers that she knew little about Burisma.

The records were obtained by Judicial Watch in response to a FOIA lawsuit filed in January 2020 seeking records of communications from the U.S. Embassy in Kyiv mentioning Burisma (Judicial Watch v. U.S. Department of State (No. 1:20-cv-00229)).

On October 4, 2017, Michael Polt, a former ambassador to Estonia and Serbia and who until October 2020 was Senior Director at the McCain Institute, emailed Yovanovitch regarding the McCain Institute’s plan to conduct leadership development training for Ukrainian prosecutors that would be funded by Burisma. The idea was suggested to Polt by Sally Painter, Burisma’s lobbyist at Blue Star Strategies, and a Burisma executive. In the email, Polt notes that he was introduced to Painter by U.S. special envoy to Ukraine, Kurt Volker. Volker was also a Trump impeachment witness.

Polt emails Yovanovitch on October 4, 2017:

Dear Masha: Greetings from the home front and all the best for your complex assignment in Kiev! I wonder if I could pick your brain on a leadership development we have been asked to run for Ukrainian public prosecutors here at the McCain Institute. Kurt cannot get involved with this, due to his other role as Special Envoy. Sally Painter of Blue Star Strategies, whom Kurt introduced to me and then stepped aside, together with Vadym Poharskyi of the Burisma Group have asked us whether we could provide a two-week Leadership Development and Professional Capacity Building program for Ukrainian public prosecutors proposed to us by the Ukrainian Chief Prosecutor. Burisma would fun this. We are prepared to do this, as we have done for similar groups from the DRC [Democratic Republic of the Congo] and from Pakistan. I would greatly appreciate your view if you know Burisma and/or Vadym or others.

Yovanovitch, in her response, warned Polt about Burisma, writing:

Mike: Sorry not to have responded more quickly. I will get back to you with a fuller response, but I would urge caution in dealing with the Burisma Group. It is widely believed that the owner was the beneficiary of the corrupt justice system here and I think –to the extent that anyone is aware that Burisma is funding the training –there would be raised eyebrows in Kyiv over the irony of Burisma training prosecutors and to what end.

I’d also note that the PGO [Prosecutor General’s Office] is one of the entities here that remains resolutely unreformed. After a year and a half of trying, we pulled out and reprogrammed our resources into other areas in the justice sector that were ready for change. Wish I had better news and will get back to you with more details.

In a November 7, 2017, email to Yovanovitch, Polt indicates that he is taking her “sage advice” and “not moving forward” with Burisma’s funding of the training.

During her November 15, 2019, testimony before the House Intelligence Committee in the impeachment proceedings, Yovanovitch said she didn’t have much knowledge about Burisma, and noted that she only learned of its connection to the Biden family through “press reports” she read while preparing for her Senate confirmation hearing.

The new production of records from the State Department also includes several emails regarding the U.S. Embassy in Kyiv’s response to John Solomon’s reporting for The Hill. The emails are almost entirely redacted, as are the names of the officials involved. In one email regarding this effort, an unidentified official cites a report by the George Soros-funded Anti-Corruption Action Center defending itself against the reporting as a “useful reference point.”

The U.S. Embassy in Kyiv closely monitored media and social media reaction to many conservatives and journalists in potential violation of federal law.

“Marie Yovanovitch knew much more about Burisma than what she revealed in her testimony at the sham impeachment hearings,” said Judicial Watch President Tom Fitton. “Judicial Watch will continue its efforts to unearth the shady details in the Burisma-Biden scandal that is not going to go away.”

In an October production from the State Department, Judicial Watch received records which included a briefing checklist of a February 22, 2019, meeting in Kyiv between Yovanovitch and Painter. The briefing checklist noted that Painter also planned to meet with Foreign Commercial Service (FCS) Officer Martin Claessens “regarding the Burisma Group energy company.”

At the time of the meeting, Hunter Biden, son of former Vice President Joe Biden, was serving on the board of directors for Burisma Holdings, a Ukrainian energy firm, despite having no previous experience in the energy industry. Biden served on the board of Burisma until his term expired in April 2019.

In September 2020, Judicial Watch made public records that show George Kent, the Obama administration’s deputy assistant secretary of state in charge of Ukraine policy, which was copied to Yovanovitch, highlighting Russia-linked media “trolling” Joe Biden over “his son’s business.”

In a related case Judicial Watch uncovered records showing the U.S. embassy in Ukraine monitoring, in potential violation of law, Donald Trump, Jr. Rudy Giuliani, and major journalists on Twitter on their commentary on Ukraine, “Biden-Burisma 2020,” and George Soros. The search terms that were flagged to be monitored by State Department officials on social media included Yovanovitch, Ukraine Ambassador, Ukrainian Ambassador, Ukraine Soros, Clinton campaign, and Biden-Burisma.