nationalsecuritylaw United States v. Young (D. Miss. Mar. 29, 2016) (guilty plea in ISIL material support case)

The plea agreement is attached. Press release below:

WASHINGTON – Jaelyn Delshaun Young, 20, of Starkville, Mississippi, pleaded guilty today in the Northern District of Mississippi to conspiring to provide material support to the Islamic State of Iraq and the Levant (ISIL), a designated foreign terrorist organization.

The plea was announced by Assistant Attorney General for National Security John P. Carlin, U.S. Attorney Felicia C. Adams of the Northern District of Mississippi and Special Agent in Charge Donald Alway of the FBI’s Jackson, Mississippi, Division.

Young pleaded guilty before Chief U.S. District Judge Sharion Aycock of the Northern District of Mississippi to conspiring with Muhammad Oda Dakhlalla to provide material support to ISIL. Dakhlalla pleaded guilty to the same charge on March 13, 2016. Young was remanded to the custody of the U.S. Marshals Service to await sentencing, which will be scheduled at a later date.

The investigation was conducted by the FBI’s Jackson Division Joint Terrorism Task Force and the Washington Field Office. The case is being prosecuted by Assistant U.S. Attorneys Clay Joyner and Bob Norman of the Northern District of Mississippi and Trial Attorney Rebecca Magnone of the National Security Division’s Counterterrorism Section.

Young Plea Agreement.pdf

nationalsecuritylaw United States v. Mohamed (EDNY Mar. 24, 2016) (guilty plea for murder of US diplomat in Mali)

DOJ’s press release:

WASHINGTON – Alhassane Ould Mohamed, aka Cheibani, 46, a citizen of Mali, pleaded guilty in the Eastern District of New York to conspiring to murder a U.S. diplomat stationed in Niamey, Niger, in December 2000.

The guilty plea was announced by Assistant Attorney General for National Security John P. Carlin, U.S. Attorney Robert L. Capers of the Eastern District of New York and Assistant Director in Charge Diego Rodriguez of the FBI New York Field Office.

According to court filings and facts presented during the plea proceeding, in the early morning hours of Dec. 23, 2000, Mohamed and a co-conspirator accosted a group of employees of the U.S. Embassy in Niger as they left a restaurant in Niamey. Carrying a pistol and an AK-47 assault rifle, the two men approached Department of Defense official William Bultemeier as he was about to enter his car, which displayed diplomatic license plates clearly indicating that it belonged to the U.S. Embassy. After demanding that Bultemeier turn over the keys to the diplomatic vehicle, the defendant and his co-conspirator shot Bultemeier and Staff Sergeant Christopher McNeely, the Marine Detachment Commander for the U.S. Embassy in Niger at the time, who had run to Bultemeier’s aid. Mohamed and his fellow assailant then drove away in the U.S. Embassy vehicle.

Bultemeier died of the injuries inflicted by the gunshot wounds. Staff Sergeant McNeely survived the shooting and later retired from the Marine Corps as a Master Sergeant.

Today’s plea took place before U.S. District Judge William F. Kuntz II of the Eastern District of New York. At sentencing on April 26, 2016, as part of the agreement, the defendant faces an agreed-upon sentence of 25 years in prison.

The case is being prosecuted by Assistant U.S. Attorneys Zainab Ahmad, Margaret Lee and Melody Wells of the Eastern District of New York with assistance provided by Trial Attorney Jennifer Levy of the National Security Division’s Counterterrorism Section.

nationalsecuritylaw United States v. Fathi et al (SDNY Mar. 24, 2016) (indicting Iranians for DDOS campaign)

Interesting to see this, hot on heels of the indictment of the Free Syrian Army hackers. I know, I said I’d only be using the list to post CT cases, but I can’t resist noting the national security-related cyberstuff. The NSD Counterintelligence and Export Control Section is certainly getting interesting on this front.

The indictment is attached, and the press release appears below:

WASHINGTON – A grand jury in the Southern District of New York indicted seven Iranian individuals who were employed by two Iran-based computer companies, ITSecTeam (ITSEC) and Mersad Company (MERSAD), that performed work on behalf of the Iranian Government, including the Islamic Revolutionary Guard Corps, on computer hacking charges related to their involvement in an extensive campaign of over 176 days of distributed denial of service (DDoS) attacks.

Ahmad Fathi, 37; Hamid Firoozi, 34; Amin Shokohi, 25; Sadegh Ahmadzadegan, aka Nitr0jen26, 23; Omid Ghaffarinia, aka PLuS, 25; Sina Keissar, 25; and Nader Saedi, aka Turk Server, 26, launched DDoS attacks against 46 victims, primarily in the U.S financial sector, between late 2011 and mid-2013. The attacks disabled victim bank websites, prevented customers from accessing their accounts online and collectively cost the victims tens of millions of dollars in remediation costs as they worked to neutralize and mitigate the attacks on their servers. In addition, Firoozi is charged with obtaining unauthorized access into the Supervisory Control and Data Acquisition (SCADA) systems of the Bowman Dam, located in Rye, New York, in August and September of 2013.

The indictment was announced today by Attorney General Loretta E. Lynch, Director James B. Comey of the FBI, Assistant Attorney General for National Security John P. Carlin and U.S. Attorney Preet Bharara of the Southern District of New York.

“In unsealing this indictment, the Department of Justice is sending a powerful message: that we will not allow any individual, group, or nation to sabotage American financial institutions or undermine the integrity of fair competition in the operation of the free market,” said Attorney General Lynch. “Through the work of our National Security Division, the FBI, and U.S. Attorney’s Offices around the country, we will continue to pursue national security cyber threats through the use of all available tools, including public criminal charges. And as today’s unsealing makes clear, individuals who engage in computer hacking will be exposed for their criminal conduct and sought for apprehension and prosecution in an American court of law.”

“The FBI will find those behind cyber intrusions and hold them accountable — wherever they are, and whoever they are,” said Director Comey. “By calling out the individuals and nations who use cyber attacks to threaten American enterprise, as we have done in this indictment, we will change behavior.”

“Like past nation state-sponsored hackers, these defendants and their backers believed that they could attack our critical infrastructure without consequence, from behind a veil of cyber anonymity,” said Assistant Attorney General Carlin. “This indictment once again shows there is no such veil – we can and will expose malicious cyber hackers engaging in unlawful acts that threaten our public safety and national security.”

“The charges announced today respond directly to a cyber-assault on New York, its institutions and its infrastructure,” said U.S. Attorney Bharara. “The alleged onslaught of cyber-attacks on 46 of our largest financial institutions, many headquartered in New York City, resulted in hundreds of thousands of customers being unable to access their accounts and tens of millions of dollars being spent by the companies trying to stay online through these attacks. The infiltration of the Bowman Avenue dam represents a frightening new frontier in cybercrime. These were no ordinary crimes, but calculated attacks by groups with ties to Iran’s Islamic Revolutionary Guard and designed specifically to harm America and its people. We now live in a world where devastating attacks on our financial system, our infrastructure and our way of life can be launched from anywhere in the world, with a click of a mouse. Confronting these types of cyber-attacks cannot be the job of just law enforcement. The charges announced today should serve as a wake-up call for everyone responsible for the security of our financial markets and for guarding our infrastructure. Our future security depends on heeding this call.”

According to the indictment unsealed today in federal court in New York City:

DDoS Attacks

The DDoS campaign began in approximately December 2011, and the attacks occurred only sporadically until September 2012, at which point they escalated in frequency to a near-weekly basis, between Tuesday and Thursdays during normal business hours in the United States. On certain days during the campaign, victim computer servers were hit with as much as 140 gigabits of data per second and hundreds of thousands of customers were cut off from online access to their bank accounts.

Fathi, Firoozi and Shokohi were responsible for ITSEC’s portion of the DDoS campaign against the U.S. financial sector and are charged with one count of conspiracy to commit and aid and abet computer hacking. Fathi was the leader of ITSEC and was responsible for supervising and coordinating ITSEC’s portion of the DDoS campaign, along with managing computer intrusion and cyberattack projects being conducted for the government of Iran. Firoozi was the network manager at ITSEC and, in that role, procured and managed computer servers that were used to coordinate and direct ITSEC’s portion of the DDoS campaign. Shokohi is a computer hacker who helped build the botnet used by ITSEC to carry out its portion of the DDoS campaign and created malware used to direct the botnet to engage in those attacks. During the time that he worked in support of the DDoS campaign, Shokohi received credit for his computer intrusion work from the Iranian government towards his completion of his mandatory military service requirement in Iran.

Ahmadzadegan, Ghaffarinia, Keissar and Saedi were responsible for managing the botnet used in MERSAD’s portion of the campaign, and are also charged with one count of conspiracy to commit and aid and abet computer hacking. Ahmadzadegan was a co-founder of MERSAD and was responsible for managing the botnet used in MERSAD’s portion of the DDoS campaign. He was also associated with Iranian hacking groups Sun Army and the Ashiyane Digital Security Team (ADST), and claimed responsibility for hacking servers belonging to the National Aeronautics and Space Administration (NASA) in February 2012. Ahmadzadegan has also provided training to Iranian intelligence personnel. Ghaffarinia was a co-founder of MERSAD and created malicious computer code used to compromise computer servers and build MERSAD’s botnet. Ghaffarinia was also associated with Sun Army and ADST, and has also claimed responsibility for hacking NASA servers in February 2012, as well as thousands of other servers in the United States, the United Kingdom and Israel. Keissar procured computer servers used by MERSAD to access and manipulate MERSAD’s botnet, and also performed preliminary testing of the same botnet prior to its use in MERSAD’s portion of the DDoS campaign. Saedi was an employee of MERSAD and a former Sun Army computer hacker who expressly touted himself as an expert in DDoS attacks. Saedi wrote computer scripts used to locate vulnerable servers to build the MERSAD botnet used in its portion of the DDoS campaign.

For the purpose of carrying out the attacks, each group built and maintained their own botnets, which consisted of thousands of compromised computer systems owned by unwitting third parties that had been infected with the defendants’ malware, and subject to their remote command and control. The defendants and/or their unindicted co-conspirators then sent orders to their botnets to direct significant amounts of malicious traffic at computer servers used to operate the websites for victim financial institutions, which overwhelmed victim servers and disabled them from customers seeking to legitimately access the websites or their online bank accounts. Although the DDoS campaign caused damage to the financial sector victims and interfered with their customers’ ability to do online banking, the attacks did not affect or result in the theft of customer account data.

DDoS Botnet Remediation

Since the attacks, the Department of Justice and the FBI have worked together with the private sector to effectively neutralize and remediate the defendants’ botnets. Specifically, through approximately 20 FBI Liaison Alert System (FLASH) messages, the FBI regularly provided updated information collected from the investigation regarding the identity of systems that been infected with the defendants’ malware and operating as bots within the malicious botnets. In addition, the FBI conducted extensive direct outreach to Internet service providers responsible for hosting systems that have been infected with the defendants’ malware to provide them information and assistance in removing the malware to protect their customers and other potential victims of the defendants’ unlawful cyber activities. Through these outreach efforts and the cooperation of the private sector, over 95 percent of the known part of the defendants’ botnets have been successfully remediated.

Bowman Dam Intrusion

Between Aug. 28, 2013, and Sept. 18, 2013, Firoozi repeatedly obtained unauthorized access to the SCADA systems of the Bowman Dam, and is charged with one substantive count of obtaining and aiding and abetting computer hacking. This unauthorized access allowed him to repeatedly obtain information regarding the status and operation of the dam, including information about the water levels, temperature and status of the sluice gate, which is responsible for controlling water levels and flow rates. Although that access would normally have permitted Firoozi to remotely operate and manipulate the Bowman Dam’s sluice gate, Firoozi did not have that capability because the sluice gate had been manually disconnected for maintenance at the time of the intrusion.

Remediation for the Bowman Dam intrusion cost over $30,000.

* * *

All seven defendants face a maximum sentence of 10 years in prison for conspiracy to commit and aid and abet computer hacking. Firoozi faces an additional five years in prison for obtaining and aiding and abetting unauthorized access to a protected computer at the Bowman Dam.

An indictment is merely an accusation and all defendants are presumed innocent unless proven guilty in a court of law.

The case was investigated by the FBI, including the Chicago; Cincinnati; New York; Newark, New Jersey; Phoenix; and San Francisco Field Offices. This case is being prosecuted by Assistant U.S. Attorney Timothy T. Howard of the Southern District of New York, with the substantial assistance of Deputy Chief Sean M. Newell of the National Security Division’s Counterintelligence and Export Control Section.

Fathi et al Indictment.pdf

nationalsecuritylaw United States v. Agha et al. (EDVA) (hacking charges, and lots more, vs Syrian Electronic Army)

And now for something quite different…the attached complaints and press release below describe some fascinating charges (attempting to cause a mutiny!) in relation to members of the so-called Syrian Electronic Army (at least some of whom are in Syria, it seems). Details:

WASHINGTON – Three Syrian nationals, all current or former members of the Syrian Electronic Army (SEA), were charged with multiple conspiracies related to computer hacking, according to two criminal complaints unsealed today in the U.S. District Court of the Eastern District of Virginia.

The announcement was made by Assistant Attorney General for National Security John P. Carlin, U.S. Attorney Dana J. Boente of the Eastern District of Virginia, Assistant Director James Trainor of the FBI’s Cyber Division and Assistant Director in Charge Paul M. Abbate of the FBI’s Washington Field Office.

Ahmad Umar Agha, 22, known online as “The Pro,” and Firas Dardar, 27, known online as “The Shadow,” were charged with a criminal conspiracy relating to: engaging in a hoax regarding a terrorist attack; attempting to cause mutiny of the U.S. armed forces; illicit possession of authentication features; access device fraud; unauthorized access to, and damage of, computers; and unlawful access to stored communications. Dardar and Peter Romar, 36, also known as Pierre Romar, were separately charged with multiple conspiracies relating to: unauthorized access to, and damage of, computers and related extortionate activities; receiving the proceeds of extortion; money laundering; wire fraud; violations of the Syrian Sanctions Regulations; and unlawful interstate communications. The court has issued arrest warrants for all three defendants.

According to allegations in the first complaint, beginning in or around 2011, Agha and Dardar engaged in a multi-year criminal conspiracy under the name “Syrian Electronic Army” in support of the Syrian Government and President Bashar al-Assad. The conspiracy was dedicated to spear-phishing and compromising the computer systems of the U.S. government, as well as international organizations, media organizations and other private-sector entities that the SEA deemed as having been antagonistic toward the Syrian Government. When the conspiracy’s spear-phishing efforts were successful, Agha and Dardar would allegedly use stolen usernames and passwords to deface websites, redirect domains to sites controlled or utilized by the conspiracy, steal email and hijack social media accounts. For example, starting in 2011, the conspirators repeatedly targeted computer systems and employees of the Executive Office of the President (EOP). Despite these efforts, at no time was an EOP account or computer system successfully compromised. Additionally, in April 2013, a member of the conspiracy compromised the Twitter account of a prominent media organization and released a tweet claiming that a bomb had exploded at the White House and injured the President. In a later 2013 intrusion, through a third-party vendor, the conspirators gained control over a recruiting website for the U.S. Marine Corps and posted a defacement encouraging U.S. marines to “refuse [their] orders.”

Today, the FBI announced that it is adding Agha and Dardar to its Cyber Most Wanted and offering a reward of $100,000 for information that leads to their arrest. Both individuals are believed to be residing in Syria. Anyone with information is asked to contact their nearest FBI field office or U.S. Embassy or consulate.

According to allegations in the second complaint, beginning in or around 2013, SEA members Dardar and Romar engaged in multiple conspiracies dedicated to an extortion scheme that involved hacking online businesses in the United States and elsewhere for personal profit. Specifically, the complaint alleges that the conspiracy would gain unauthorized access to the victims’ computers and then threaten to damage computers, delete data or sell stolen data unless the victims provided extortion payments to Dardar and/or Romar. In at least one instance, Dardar attempted to use his affiliation with the SEA to instill fear into his victim. If a victim could not make extortion payments to the conspiracy’s Syrian bank accounts due to the Syrian Sanctions Regulations or other international sanctions regulations, Romar would act as an intermediary in an attempt to evade those sanctions.

“The Syrian Electronic Army publicly claims that its hacking activities are conducted in support of the embattled regime of Syrian President Bashar al-Assad,” said Assistant Attorney General Carlin. “While some of the activity sought to harm the economic and national security of the United States in the name of Syria, these detailed allegations reveal that the members also used extortion to try to line their own pockets at the expense of law-abiding people all over the world. The allegations in the complaint demonstrate that the line between ordinary criminal hackers and potential national security threats is increasingly blurry.”

“The tireless efforts of U.S. prosecutors and our investigative partners have allowed us to identify individuals who have been responsible for inflicting damage on U.S. government and private entities through computer intrusions,” said U.S. Attorney Boente. “Today’s announcement demonstrates that we will continue to pursue these individuals no matter where they are in the world.”

“Cybercriminals cause significant damage and disruption around the world, often under the veil of anonymity,” said Assistant Director Trainor. “As this case shows, we will continue to work closely with our partners to identify these individuals and bring them to justice, regardless of where they are.”

“These three members of the Syrian Electronic Army targeted and compromised computer systems in order to provide support to the Assad regime as well as for their own personal monetary gain through extortion,” said Assistant Director in Charge Abbate. “As a result of a thorough cyber investigation, FBI agents and analysts identified the perpetrators and now continue to work with our domestic and international partners to ensure these individuals face justice in the United States. I want to thank the dedicated FBI personnel, federal prosecutors, and our law enforcement partners for their tremendous efforts to ensure on-line criminal activity is countered, U.S. cyber infrastructure is safeguarded, and violators are held accountable under the law.”

The case is being investigated by the FBI’s Washington Field Office, with assistance from the NASA Office of the Inspector General, Department of State Bureau of Diplomatic Security and other law enforcement agencies. The case is being prosecuted by Assistant U.S. Attorneys Jay V. Prabhu and Maya D. Song of the Eastern District of Virginia, and Special Assistant U.S. Attorney Brandon Van Grack and Trial Attorneys Scott McCulloch and Nathan Charles of the National Security Division’s Counterintelligence and Export Control Section.

# # #

16-329

DO NOT REPLY TO THIS MESSAGE. IF YOU HAVE QUESTIONS, PLEASE USE THE CONTACTS IN THE MESSAGE OR CALL THE OFFICE OF PUBLIC AFFAIRS AT 202-514-2007.

Agha and Dardar Complaint.pdf

Romar and Dardar Complaint.pdf

nationalsecuritylaw United States v. Farrokh (E.D. Va. Mar. 18, 2016) (guilty plea in ISIL material support case)

Plea agreement and fact statement attached, details from DOJ’s press release below:

WASHINGTON – Joseph Hassan Farrokh, 28, of Woodbridge, Virginia, pleaded guilty today to conspiring to provide material support and resources to the Islamic State of Iraq and the Levant (ISIL), a designated foreign terrorist organization. The plea was accepted by U.S. District Judge Anthony J. Trenga of the Eastern District of Virginia.

The plea was announced by Assistant Attorney General for National Security John P. Carlin, U.S. Attorney Dana J. Boente of the Eastern District of Virginia and Assistant Director in Charge Paul M. Abbate of the FBI’s Washington Field Office.

According to a statement of facts filed with the plea agreement, beginning in or about August 2015, and continuing through Jan. 15, 2016, Farrokh conspired with Mahmoud Amin Elhassan, 25, of Woodbridge, to travel from the United States to Syria in order to fight for, and at the direction of, ISIL. As part of their plan, Farrokh would travel first, followed by Elhassan at a later date. Farrokh and Elhassan spoke in detail about their potential travel, including discussing the different routes each would take to travel to Syria. Farrokh also provided $600 to Elhassan to aid in Elhassan’s future travel to Syria. Both men spoke openly with each other about supporting ISIL and supporting violent jihad, with Farrokh saying on Oct. 2, 2015, that he had no patience and wanted to go right away and “chop their heads.”

According to the statement of facts, in an effort to conceal their plans to support ISIL, Farrokh and Elhassan communicated in a manner in which they thought they could not be detected by law enforcement, such as using apps they believed were safe from law enforcement detection. In the summer 2015, Farrokh and Elhassan talked more seriously about going to join ISIL. When Farrokh and Elhassan discussed ways to reach ISIL, they concluded that they needed someone to help them do so.

According to the statement of facts, from November 2015 through Jan. 15, 2016, Farrokh and Elhassan spoke with other persons they believed would help facilitate their travel to Syria. Two of the individuals Farrokh spoke to were, in fact, sources for the FBI. Over the course of many meetings, the men discussed in detail their travel plans and efforts to avoid law enforcement detection, including having Farrokh shave his beard and to fly out of Richmond International Airport, to avoid what Farrokh believed to be stricter law enforcement scrutiny at larger airports. Farrokh and Elhassan agreed that Farrokh should tell his family that he intended to travel to Saudi Arabia to study.

On Jan. 15, 2016, Elhassan picked up Farrokh at his home in Woodbridge and drove him to Richmond to a location approximately one mile from the airport. Farrokh then took another cab to the airport, checked in for his flight, cleared security and was arrested as he was approaching his departure gate.

Farrokh was charged by criminal complaint on Jan. 16, 2016, and faces a maximum penalty of 20 years in prison when sentenced on July 15, 2016. The maximum statutory sentence is prescribed by Congress and is provided here for informational purposes, as the sentencing of the defendant will be determined by the court based on the advisory Sentencing Guidelines and other statutory factors.

The case is being investigated by the FBI’s Joint Terrorism Task Force. The case is being prosecuted by Assistant U.S. Attorneys Gordon Kromberg and Dennis Fitzpatrick of the Eastern District of Virginia, along with Trial Attorney D. Andrew Sigler of the National Security Division’s Counterterrorism Section.

# # #

16-317

DO NOT REPLY TO THIS MESSAGE. IF YOU HAVE QUESTIONS, PLEASE USE THE CONTACTS IN THE MESSAGE OR CALL THE OFFICE OF PUBLIC AFFAIRS AT 202-514-2007.

Farrokh Plea Agreement.pdf

Farrokh Statement of Facts.pdf

nationalsecuritylaw United States v. Elfgeeh (N.D.N.Y. Mar. 17, 2016) (22-year sentence in ISIL recruitment case)

From DOJ’s press release:

WASHINGTON – Mufid Elfgeeh, 32, of Rochester, New York, was sentenced to 270 months in prison by U.S. District Judge Elizabeth A. Wolford of the Western District of New York for attempting to provide material support to the Islamic State of Iraq and the Levant (ISIL), a designated foreign terrorist organization.

The sentencing was announced by Assistant Attorney General for National Security John P. Carlin, U.S. Attorney William J. Hochul Jr. of the Western District of New York and Special Agent in Charge Adam S. Cohen of the FBI’s Buffalo Division.

“Mufid Elfgeeh’s sentence holds him accountable for his attempt to provide material support to ISIL, including his efforts to recruit individuals and raise funds for the designated terrorist group,” said Assistant Attorney General Carlin. “ISIL’s horrific violence is waged against men, women and children, as well as against Muslims and non-Muslims alike. The National Security Division will continue to vigorously investigate and prosecute anyone who seeks to provide material support to the designated foreign terrorist organization.”

“Thanks to today’s sentence, one of the first ISIL recruiters ever captured has been brought to justice and will now serve a very long jail sentence,” said U.S. Attorney Hochul. “But while this case strikes a significant blow against ISIL killers and wannabes, our ongoing efforts to eradicate terrorist groups will continue until all are brought to justice. As it did in this case, the public should continue to report to law enforcement any suspicious individuals or activities and thereby promote and protect the wonderful WNY area we call home.”

“While we are confident that keeping Mr. Elfgeeh in prison for the next two decades will keep us safer, there continues to exist a pervasive, persistent and ever-changing terrorism threat,” said Special Agent in Charge Cohen. “This threat remains among the highest priorities for the FBI and the intelligence community.”

According to court documents, from December 2013 through May 31, 2014, Elfgeeh actively recruited and attempted to send two individuals – both of whom were cooperating with the FBI at the time – to Syria to join and fight on behalf of ISIL.

Elfgeeh sent anti-American ISIL propaganda videos to one of the individuals and arranged for an English-speaking ISIL contact located in Iraq to communicate with that person over Facebook. In addition, Elfgeeh paid more than $240 for that individual to obtain a copy of his birth certificate, passport photographs and an expedited passport. Elfgeeh also purchased a laptop computer and a high-definition action camera for both individuals to take to Syria. The defendant further provided guidance to them about traveling so that they could avoid detection and be prepared for the vetting process involved in joining ISIL. In May 2014, Elfgeeh arranged for an overseas contact to coordinate the logistics of the trip and the admission of both individuals into ISIL-controlled territory in Syria.

According to court documents, Elfgeeh also sent $600 to a third individual in Aden, Yemen, in an effort to assist that individual in traveling from Yemen to Syria for the purpose of joining and fighting on behalf of ISIL.

In March 2014, Elfgeeh communicated with a Syrian national alleged to be the military commander of the Green Battalion of the United Rebels of Homs-Al-Murabitun, a group of fighters located in Homs, Syria. At the time, the battalion was blockaded in Homs and needed military support, including ammunition, mortar shells and explosives that could penetrate armored vehicles, to break out. Elfgeeh facilitated communication and coordination between the battalion commander and ISIL leadership for the purpose of the commander and his battalion pledging their allegiance to and joining ISIL.

In addition to all of the other criminal conduct, Elfgeeh used social media to receive and disseminate information about foreign terrorist groups and their activities in Syria and other countries; to declare his support for violent jihad, ISIL and other foreign terrorist groups; to inspire and encourage others to engage in violent jihad and/or pledge allegiance to ISIL and other foreign terrorist groups; and to seek financial contributions to assist jihadist fighters.

The case was investigated by the FBI’s Rochester Joint Terrorism Task Force (JTTF). The case was prosecuted by Assistant U.S. Attorneys Brett A. Harvey and Frank H. Sherman of the Western District of New York with the assistance of Trial Attorney Paul Casey of the National Security Division’s Counterterrorism Section.

# # #

16-308

DO NOT REPLY TO THIS MESSAGE. IF YOU HAVE QUESTIONS, PLEASE USE THE CONTACTS IN THE MESSAGE OR CALL THE OFFICE OF PUBLIC AFFAIRS AT 202-514-2007.

nationalsecuritylaw United States v. Kareem (D. Ariz. Mar. 17, 2016) (jury conviction in Garland-related ISIL material support case)

From DOJ’s press release:

WASHINGTON – Abdul Malik Abdul Kareem, 44, of Phoenix, was found guilty today by a federal jury of one count each of the following five crimes: conspiracy to provide material support to the Islamic State of Iraq and the Levant (ISIL), a designated foreign terrorist organization; conspiracy to transport firearms and ammunition in interstate commerce with the intent to commit murder and aggravated assault; transporting firearms and ammunition in interstate commerce with the intent to commit murder and aggravated assault; making false statements to the FBI; and being a felon in possession of a firearm.

The verdict was announced by Assistant Attorney General for National Security John P. Carlin, Acting U.S. Attorney Elizabeth Strange of the District of Arizona and Acting Special Agent in Charge Justin Tolomeo of the FBI’s Phoenix Division.

“In the first jury trial in the country involving a homeland attack committed in the name of ISIL, Abdul Kareem was convicted of conspiring to provide material support to the foreign terrorist organization and other federal offenses,” said Assistant Attorney General Carlin. “The defendant conspired with Elton Simpson and Nadir Soofi to provide material support to ISIL and to transport firearms in interstate commerce with the intent to commit murder and aggravated assault. Thanks to the response of brave law enforcement officers at the scene, no innocent lives were lost when Simpson and Soofi attacked the Curtis Culwell Center in Garland, Texas. The National Security Division will continue to prosecute to the fullest extent of the law those who conspire with others to support foreign terrorist organizations and to commit acts of violence.”

“Today’s guilty verdict, in one of the country’s first trials involving terrorist acts committed in the United States by ISIL supporters, demonstrates our office’s deep commitment to combatting terrorism,” said Acting U.S. Attorney Strange. “I want to thank the FBI for the massive effort that went into the underlying investigation, as well as the brave law enforcement officials in Garland whose quick action during the attack prevented a much larger tragedy.”

“This verdict sends a strong message to those who support terrorists,” said Acting Special Agent in Charge Tolomeo. “People who are plotting to harm America and Americans are no longer a world away. Our agents and analysts will continue to confront this threat with a strong and coordinated effort as we work to protect all Americans. The FBI would like to thank the U.S. Attorney’s Office as well as our federal, state and local law enforcement partners of the Joint Terrorism Task Force for their assistance in this case.”

The evidence at trial showed that, beginning around June 2014, Kareem and his two roommates, Simpson and Soofi, began conspiring to support ISIL. Their conspiracy focused on supporting ISIL by attacking targets in the United States. Over the course of the conspiracy, Kareem, Simpson and Soofi considered perpetrating an attack against military bases; individual military service members; shopping malls; the Glendale, Arizona, Super Bowl; and the so-called “Muhammad Art Exhibit and Contest,” which was to take place in Garland. On May 3, 2015, the morning of the contest, Simpson and Soofi drove from Arizona to Texas. Simpson and Soofi stopped their car near the contest’s location, got out of their car and began firing assault rifles at security personnel and law enforcement officers. A security guard was injured by one of their bullets, and Simpson and Soofi were shot and killed by police officers in the firefight. Kareem did not travel to Texas and was not injured during the attack. During an interview with FBI agents soon after the attack, Kareem lied about having prior knowledge of the attack and the contest.

The case was tried over the span of several weeks before U.S. District Judge Susan R. Bolton of the District of Arizona. Kareem is being detained pending sentencing, which is currently scheduled for June 27, 2016, before Judge Bolton. Kareem’s counts of conviction carry a potential sentence of at least 45 years in prison.

The case was investigated by the FBI, and the prosecution was handled by Assistant U.S. Attorneys Joseph Koehler and Kristen Brook of the District of Arizona, with assistance provided by Trial Attorney Rebecca Magnone of the National Security Division’s Counterterrorism Section.

# # #

16-307

DO NOT REPLY TO THIS MESSAGE. IF YOU HAVE QUESTIONS, PLEASE USE THE CONTACTS IN THE MESSAGE OR CALL THE OFFICE OF PUBLIC AFFAIRS AT 202-514-2007.

nationalsecuritylaw United States v. al-Jayab (N.D. Ill. Mar. 17, 2016) (material support charge relating to unspecified groups in Syria)

DOJ’s press release is below, and a brief (one-count) indictment is attached. Looks like they are not sure which group this person affiliated with in Syria, and hence the charge is under 2339A rather than 2339B (the latter requiring that the support go to a specific designated foreign terrorist organization, the former requiring no particular organizational link but instead requiring support knowing or intending that it will facilitate commission of one of many predicate criminal acts).

WASHINGTON – Aws Mohammed Younis Al-Jayab, 23, of Sacramento, California, was indicted today in the Northern District of Illinois for attempting to provide material support to acts of violence overseas.

The indictment was announced by Assistant Attorney General for National Security John P. Carlin, U.S. Attorney Zachary T. Fardon of the Northern District of Illinois, Special Agent in Charge Monica M. Miller of the FBI’s Sacramento Division and Special Agent in Charge Michael J. Anderson of the FBI’s Chicago Division.

Al-Jayab was also indicted earlier this year by a grand jury in Sacramento for allegedly making a false statement involving international terrorism. He pleaded not guilty to that charge, and his next court appearance will be a status hearing on May 12, 2016, at 9:00 a.m. PDT, before U.S. District Judge Morrison C. England Jr. of the Eastern District of California.

According to a criminal complaint filed in the Eastern District of California, Al-Jayab is a Palestinian born in Iraq, who came to the United States as an Iraqi refugee in October 2012. Between October 2012 and November 2013, while living in Arizona and Wisconsin, Al-Jayab communicated via social media with numerous individuals about his intention to go to Syria to fight for terrorist organizations, the complaint alleges. The complaint further alleges that on Nov. 9, 2013, he flew from Chicago to Turkey and then traveled to Syria.

According to the complaint, between November 2013 and January 2014, Al-Jayab reported on social media that he was in Syria fighting with terrorist organizations. Al-Jayab returned to the United States on Jan. 23, 2014, and settled in Sacramento.

The indictment returned in California contends that Al-Jayab gave false statements to agents from the U.S. Citizenship and Immigration Services during an interview on Oct. 6, 2014. In the interview, Al-Jayab indicated that he never supported terrorist groups and that the purpose of his trip to Turkey was to visit his grandmother. The California indictment contends that both statements were false.

The statutory maximum sentence for attempting to provide material support is 15 years in prison. An arraignment date has not yet been set.

An indictment is merely an allegation. A defendant is presumed innocent unless and until proven guilty beyond a reasonable doubt.

The investigation was led by the Sacramento Joint Terrorism Task Force, which is comprised of FBI special agents and representatives from numerous federal, state and local law enforcement agencies. The U.S. Attorney’s Office of the Eastern District of California and the U.S. Department of Justice’s National Security Division provided assistance in the investigation. The case in Chicago is being prosecuted by Assistant U.S. Attorneys Barry Jonas and Shoba Pillay of the Northern District of Illinois and Trial Attorney D. Andrew Sigler of the National Security Division’s Counterterrorism Section.

# # #

16-310

DO NOT REPLY TO THIS MESSAGE. IF YOU HAVE QUESTIONS, PLEASE USE THE CONTACTS IN THE MESSAGE OR CALL THE OFFICE OF PUBLIC AFFAIRS AT 202-514-2007.

Al-Jayab NDIL Indictment.pdf

nationalsecuritylaw United States v. al-Ghazi (N.D. Ohio Mar. 16, 2016) (guilty plea in ISIS material support case)

From DOJ’s press release:

WASHINGTON – A Sheffield Lake, Ohio, man pleaded guilty today to attempting to provide material support to the Islamic State of Iraq and the Levant (ISIL), a designated foreign terrorist organization, as well as firearms violations.

Assistant Attorney General for National Security John P. Carlin, Acting U.S. Attorney Carole S. Rendon of the Northern District of Ohio and Special Agent in Charge Stephen D. Anthony of the FBI’s Cleveland Division made the announcement.

Amir Said Rahman Al-Ghazi, 39, also known as Robert C. McCollum, pleaded guilty to one count of attempting to provide material support to ISIL and two counts of possessing firearms as a felon.

Al-Ghazi, who changed his name from Robert McCollum last year, pledged his support to ISIL and Abu Bakr Al-Baghdadi via social media in 2014. From July 2014 to June 2015, Al-Ghazi made multiple statements trying to persuade others to join ISIL. He also expressed his own desire to perpetrate an attack on the United States and attempted to purchase an AK-47 assault rifle. Al-Ghazi has communicated with individuals he believed to be members of ISIL in the Middle East and took steps to create propaganda videos for ISIL, according to court documents.

He is scheduled to be sentenced on June 23, 2016.

This case was investigated by the FBI. The case was prosecuted by Assistant U.S. Attorneys Matthew W. Shepherd and Christos N. Georgalis of the Northern District of Ohio, with assistance from the National Security Division’s Counterterrorism Section.

nationalsecuritylaw United States v. Dakhlalla (D. Miss. Mar. 11, 2016) (plea agreement in ISIS material support case)

The plea agreement is attached, and the DOJ press release appears below:

WASHINGTON – Muhammad Oda Dakhlalla, 23, of Starkville, Mississippi, pleaded guilty today in U.S. District Court in Greenville, Mississippi, to conspiring to provide material support to a designated foreign terrorist organization.

The plea was announced by Assistant Attorney General for National Security John P. Carlin, U.S. Attorney Felicia C. Adams of the Northern District of Mississippi and Special Agent in Charge Donald Alway of the FBI’s Jackson, Mississippi, Division.

Dakhlalla pleaded guilty before Chief U.S. District Judge Sharion Aycock of the Northern District of Mississippi to conspiring with another individual to provide material support to the Islamic State of Iraq and the Levant (ISIL), a designated foreign terrorist organization. Dakhlalla was remanded to the custody of the U.S. Marshals Service to await sentencing, which will be scheduled at a later date.

The investigation was conducted by the FBI’s Jackson Division Joint Terrorism Task Force and the Washington Field Office. The case is being prosecuted by the U.S. Attorney’s Office of the Northern District of Mississippi and the National Security Division’s Counterterrorism Section.

Dakhlalla Plea Agreement.pdf

Dakhlalla Factual Basis.pdf