The US Govt. ordered 2 travel companies to provide information about the movement of a Russian suspected of hacking. The data was used as part of an investigation by the US Secret Service, states US court documents just unsealed.
Sabre & Travelport had to report the weekly activities of former “Cardplanet” cyber-criminal Aleksei Burkov for 2 years, & this eventually led to his arrest & prosecution.
2015 Investigation
The revelation of the extent of surveillance that the US Feds. ordered companies to do in a 2015 investigation of Russian hacker Aleksei Burkov again raises questions of privacy, accountability & responsibility in terms of how much access the Govt. should have to an individual’s confidential data.
A letter from Forbes prompted the unsealing of court documents in the case Burkov, a now-infamous cyber-criminal who at the time of the investigation was suspected of facilitating the theft of $20m from stolen credit cards on a website called Cardplanet that he was running on the dark web.
Tel Aviv Airport
Burkov was arrested at Ben-Gurion Airport, Tel Aviv, Israel in Dec. 2015, & he eventually was extradited to the US in 2019. In Jan. 2020, he pleaded guilty to one count of access device fraud, & one count of conspiracy to commit access device fraud, identity theft, computer intrusions, wire fraud & money laundering.
Burkov eventually was sentenced to 9 years in a US Federal prison, but ‘mysteriously’ was sent back to Russia in Sept. 2021 for reasons which are still unknown, according to Forbes.
Legal Challenge
Forbes submitted a legal challenge to unseal documents in the case, which it won, subsequently publishing a report this week on what those documents revealed: extensive surveillance of Burkov by 2 travel companies, US-based Sabre & UK based Travelport, at the request of the US authorities.
The US Govt. used this data to track Burkov’s movements which eventually led to his arrest & prosecution.
Tracking Burkov’s Movement
The court documents show that in Nov. 2015, a judge in the US District Court for the Eastern District of Virginia granted a request by the US Govt. & ordered Sabre & Travelport to provide “all records, services & usages” of Burkov for a 2-year period following the issuing of the order.
The companies also had to provide a “real time” report on a weekly basis of Burkov’s account activity to the US authorities.
The order was granted under the All-Writs Act, a broad, 233-year-old law that allows for the US Govt. to “issue all writs necessary & appropriate” to aid authorities in their quest for the “proper administration of justice.”
Open to Interpretation
The act is ‘open to interpretation’ & has already been used a few times by the US Govt. as a means of forcing tech companies into giving up information to aid them in investigations—a situation the American Civil Liberties Union (ACLU) deems “improper use.”
Also, the act has most often been used against tech giants Google & Apple to force them to help the US Federal Govt. unlock Android devices or iPhones of suspects in criminal cases.
The most high-profile of these cases came after a 2015 mass shooting in San Bernadino, Calif., when Apple held its ground in its refusal to unlock the iPhone of shooter Syed Rizwan Farook. Eventually, the case came to end when the FBI managed to unlock the device without Apple’s help.
Privacy Issues or Just Cause?
While privacy advocates believe the US Federal use of the courts to force tech companies to give up data that customers shared with them in privacy is an ‘overreach,’ security professionals mainly support the action in the case of criminal investigations — up to a point.
The monitoring of Burkov’s movement to catch him was justified due to the criminal nature of his activity, a security professional suggested.
CIA Cyber Threat Analyst
“After reviewing the facts of the case, a US Federal judge agreed there was enough cause & issued a ruling that authorised this activity,” Rosa Smothers, a former CIA cyber threat analyst & technical intelligence officer & current Senior VP at security firm KnowBe4, outlined. “This was not a case of rogue Govt. officials conducting unapproved data collection.”
Another security professional stated that he is not too concerned if the US Federal Govt. uses legal means to get access to confidential data collected by technology companies.
Massive Troves
However, it is not always clear who has access to the “massive troves of data” being collected by companies like Meta & Google, explained John Bambenek, Principal Threat Hunter at security & operations analytics company Netenrich. This, he suggested, is concerning & should be remedied.
“Whether its Meta saying they can’t figure out where personal data is being used inside Meta, or law enforcement being able to get real time information on suspects, society just hasn’t come to grips with the implications of surveillance capitalism,” he concluded.