Gubarev maintains those allegations are untrue and sued BuzzFeed to prove his case. U.S. District Court Judge Ursula Ungaro threw out the lawsuit this past December, arguing BuzzFeed had a legal right to publish the unconfirmed dossier. Documents in the case were sealed, but the New York Times intervened, requesting they be unsealed. Today Ungaro agreed to unseal them. And it turns out that another cybersecurity expert also believes Webzilla's servers were likely gamed by Russian spies.
That expert is former FBI analyst Anthony Ferrante, whom BuzzFeed hired to investigate the Steele Dossier's claims. Gubarev had long fought to keep Ferrante's statements sealed.
Specifically, the dossier from former British intelligence agent Christopher Steele claimed Gubarev's companies had used “botnets and porn traffic to transmit viruses, plant bugs, steal data, and conduct ‘altering operations’ against the Democratic Party leadership.” In the newly unsealed court filings, Ferrante appears to confirm some of Steele's conclusions.
As the Times first reported this afternoon, Ferrante stated in his own report and deposition that Webzilla (and Webzilla's parent company, XBT) had been used by Russian operatives in the leadup to the November 2016 election. Ferrante also said "substantial evidence" existed that Gubarev's networks had been used to conduct other major cyber-attacks, including one that crippled Ukraine's power grid in 2015. But Ferrante could not confirm Gubarev or Webzilla knew what was going on. He stated the following in his deposition (emphasis ours):
Gubarev's lawyer: Your conclusion, your opinion is that XBT and/or Webzilla's infrastructure was utilized to do the malicious things described in the Steele dossier, correct?Gubarev has long professed his innocence. He claims that neither he nor his employees knew anything about Russian agents using his networks to hack the emails of government employees. Gubarev's lawyers, who fought for months to keep Ferrante's statements sealed, told the Times today the claims were akin to blaming Google, Amazon, or Facebook for "allowing" Russian activity on their platforms. In 2017, XBT and Webzilla released a statement denying any involvement with the Russians:
Lawyer: But other than the fact that their infrastructure was used, you have not concluded that XBT/Webzilla themselves did those things?
Ferrante: In my opinion, I think you're extremely oversimplifying complex cyber investigations. In the course of my assignment... substantial evidence that links XBT infrastructure to many significant malicious cyber events [was collected]; in my expert opinion, their infrastructure was most certainly used. And I think what you're trying to say is that were we ever able to put a human behind a keyboard at XBT? And that's why I think you're oversimplifying complex cyber investigations. They're not binary. They're not black and white. And what we've done is collect substantial evidence that most certainly links XBT to the described malicious activity.
Lawyer: Through its infrastructure?
Lawyer: You have not concluded that a single XBT employee used botnets or porn traffic to transmit viruses, plants bugs, steal data, or conduct altering operations, correct?
Ferrante: Again, I would say that I think you're oversimplifying complex cyber investigations. And based on the information made available to me, I was able to link XBT infrastructure to multiple significant cyber events over the last few years. And when those significant cyber events took place and they were brought to their attention, they did little to detect, stop, or prevent future activities from taking place.
There has been absolutely no involvement by Webzilla, XBT, or any of its other subsidiaries with the people or alleged activities in this unsubstantiated report. In fact, Webzilla and XBT companies provide online server capacity for their customers and wouldn't be involved in the kind of activity alleged in the account published by BuzzFeed.According to court filings, the company is based in the Netherlands but operates in Dallas and Fort Lauderdale. The firm's North American headquarters are located on Broward Boulevard, near Fort Lauderdale City Hall.
Our management believes that the information presented in the report, as well as the media that distribute this information, cannot be accounted as credible. Our management condemns these activities and has offered to fully cooperate with law enforcement officials investigating this matter.
Today's news is far from the first South Florida link to the Trump-Russia affair. Among numerous other examples, Special Counsel Robert Mueller's office alleged in court filings that a September 11, 2016 pro-Trump rally in Miami had been organized with the help of Russian agents.