I finally tracked down a copy of the search warrant application / affidavit for the data center raid in Dallas, TX. Hat tip to http://crimeblog.dallasnews.com/archives/fbi/ for linking to the information.
The search warrant is 39 pages. The first 10 pages contain a list of what they want to seize (effectively everything not nailed down), background on the investigating agent, and a reposting of the crimes they believe are involved. The last 4 pages is some generic fluff on what digital evidence might exist. In the remaining 25 pages of information pertinent to the raid is summarized, and it is quite an interesting read.
The only location really important in the context of the data center raid is 2323 Bryan St, Suite 2440 – the data center itself. This is Core IP Networks, LLC’s office location (they also have offices on the 7th floor.) Core IP Networks is mentioned minimally in the document, and does not seem at first to be related to the individuals under investigation, but there is a link to Mathew Simpson which seems to shed some light on the situation. Specifically the references that seems to link Core IP Networks to the investigation are on pages 15, 16, and 23-25. Page 15 mentions a wire transfer to Verizon on behalf of Lone Star Power, LLC as a surety fee was traced back to Core IP Networks. Page 16 identifies Mathew Simpson as a manager of Core IP Networks and its registered agent. This identification is given weight by this post (http://sites.google.com/site/mnsclec/index) where a post from Mathew Simpson identifies him as the CEO of Core IP Networks, LLC. I will get to pages 23-25 in a moment.
The primary target of the investigation appears to be Michael Faulkner who uses the handle CygonX. There are other individuals implicated including Brian Patrick Haney, Nathan Todd Shafer, Michael Ray Bowden and Watts. A wide ranging list of crimes litters the pages ranging from drug use to using unlicensed software. The instigation seems to be a significant amount of money owed to AT&T and Verizon for DS3 and similar voice/data links. According to the FBI’s theories the individuals established a system of companies – changing names and forming new companies as their debts caught up with them – and obtained service from the two telecom companies using forged documents to pass any credit inspections required to establish the service. Verizon and AT&T were, by the end of it, owed several million dollars in unpaid bills. On top of it the investigation led the FBI to believe spam and unlicensed software distribution were going on as well.
From 2005 to 2007 Faulkner operated a company called Union Datacom. An employee from this time, acting as a confidential witness, gave the investigators information regarding the operations during those times including the use of unlicensed software in every facet of the business. More importantly, on pages 23-25, a link emerges to how Core IP Networks was implicated and subsequently raided. The witness recalled Faulkner providing telecom services to Mathew Simpson while Simpson worked for Rio Grande Communications, and also recalled seeing the two together recently. The investigator remembered Mathew Simpson being involved with Core IP Networks while obtaining this information about Faulkner’s Union Datacom days from the confidential witness.
There is a fuzzy point I am not sure of. The document indicates the FBI was aware Faulkner’s equipment was located in “Cabinet 24.02.900.” It is not clear if this cabinet is located within Core IP Network’s data center, or was simply near it, though the information from Mathew Simpson’s post indicating the search was targeted at a former customer indicates it was either in the data center or renting services from it.
So to summarize. Faulkner and his associates allegedly defraud AT&T and Verizon in addition to a host of potential other charges involving unlicensed software and spam. At one point along the way Faulkner provided services to Mathew Simpson while Simpson worked for a telecommunications company. More recently Simpson provided services to Faulkner in his new line of work as the owner of a telecommunications company. The FBI gets a warrant to search & seize Faulkner’s equipment, but also strips the data center bare taking all of Simpson’s customers offline. The implication is Simpson is involved with Faulkner’s alleged crimes and thus anything in the data center could potentially contain evidence. The flip side of this is Simpson and Faulkner could just be casual acquaintances who did some legitimate business back in the day, and had another brief business relationship more recently.
While it is possible Simpson is in cahoots with Faulkner and his associates, shutting down an entire data center seems like a disproportionate and inappropriate response to the situation as presented. It should be interesting to see this progress.