Category: Security

Key Tactic: Strong Communication Skills

In addition to excellent technical skills, CAT members are closely vetted for strong communication skills. Ledford explained that part of the CAT applicant selection process entails a multi-day live technical exercise that’s designed and curated by CAT:

“We design a network environment. We may mimic an industry, for example, an electric utility. And then we compromise that environment, and we litter it with artifacts, digital evidence, and malware. Then we task applicants to investigate this cyber incident and present their findings.

At the end of the five days, applicants present their findings, and we identify who has the technical capability and expertise to find digital evidence of a crime hidden within this mountain of data that we’ve thrown at them.

If the applicant passes that phase of that selection exercise, we invite them to participate in a panel presentation. Our CAT members will play the roles of the victims we’re trying to help and their own resource teams, for example, a company CEO, a U.S. attorney, a third-party legal counsel, or IT administrator.

You’re essentially giving us the narrative of the cyber intrusion. You’re telling us a story about what happened. While some of the panel questions will be very technical in nature, some will be more basic questions—the applicant will need to be able to explain to a CEO, for example, who might not have technical expertise, what the problem was and how to fix it. We’re looking to see whether you can take something that’s exceptionally technically complex and explain it in such a way that everyone in the room understands it.

We’re also looking for interpersonal ability. For example, in the case of a company CEO, at that moment during a cyberattack, they may be going through one of the most stressful times of their company’s existence—there may be data leaked that can make or break that company’s future and their profits, as well as their ability to employ people and their ability to deliver services to their customers. You need the communications skills to interact with them during a difficult time and gain trust.”

Operation Clean House was implemented in two phases. 
 
Phase One focused on a proactive strategy. Law enforcement teams were deployed in every district of New Orleans, engaging in real-time, intelligence-driven actions. Uniformed and unmarked units from multiple agencies received live analytical support as they moved into targeted areas. 

Phase One resulted in 74 arrests; multiple dangerous drugs seized, including fentanyl, heroin, crack cocaine, and oxycodone; and 46 firearms and ammunition taken into evidence, including AK-47s, AR-15s, Glock switches, and multiple types of handguns.

“Each weapon and each bullet confiscated is potentially one less person potentially injured or killed,” said Myrthil. 

Phase Two focused on fugitive apprehension. During the planning phase, partner agencies submitted more than 400 outstanding arrest warrants for FBI intelligence analysts to review and determine whether to include as part of Operation Clean House. Analysts vetted warrants for consideration, checking to see which ones were still active, whether the subject was already incarcerated, or, in some cases, whether the subject was deceased. The analysts narrowed the list of warrants to 76 of the most violent offenses, including attempted murder, assault by drive-by shooting, and aggravated battery or aggravated assault. The warrants were then divided among multi-agency teams to make arrests. 

Phase Two resulted in 77 arrests, including 100% execution of all warrants, and the seizure of 11 firearms and additional ammunition. 

“We saw significant results immediately, including the arrest of a 31-year-old man from Pennsylvania on gun and drug charges who was also wanted in Vermont for first-degree murder,” said Myrthil. “At the time we arrested him, this suspected killer had two guns in his possession, including one with an extended magazine.”

The operation led to one suspect being taken into custody within minutes of a shooting near a New Orleans neighborhood where agents, officers, and troopers were already working. In another incident, state troopers and Homeland Security Investigation agents provided life-saving support to a subject who had shot himself in the leg while fleeing from law enforcement. 
 
Ultimately, Operation Clean House’s successful results came down to the integration between intelligence and operational components, which ensured a smooth flow of validated information, and partnerships between law enforcement and local communities. 

“The research and analysis conducted by the intelligence analysts were crucial to this operation and contributed to the likelihood of safe apprehensions,” said Myrthil. “The tremendous partnerships the FBI enjoys with external federal, state, and local law enforcement agencies were key to success. We are proud to also recognize the support of the New Orleans community and its active interest in combatting violent crime.”

Myrthil emphasized that though Operation Clean House has ended, the FBI and law enforcement will continue to fight violent crime in New Orleans and across Louisiana. 

“We will work tirelessly with our partners to keep Louisiana safe. We are here, we are listening, and we care.”

Director Wray joined past and present CJIS leaders, lawmakers, FBI staff, and dozens of retired fingerprint examiners at the July 10 event, which celebrated 100 years since the Bureau established its Identification Division on July 1, 1924. The new division consolidated 810,000 fingerprint files from the United States Penitentiary in Leavenworth, Kansas, and the National Bureau of Criminal Identification, which had been the keeper of crime data for the International Association of Chiefs of Police since 1896.

Wray described the history of fingerprint technology in investigations spanning a century.

“I’m proud that we’ve maintained that focus on growing our capabilities, because there’s simply no other way to remain as effective as a law enforcement and intelligence agency when the threats are as dynamic and evolving as they are today,” Wray said. He also highlighted the introduction of new biometric modalities—like facial recognition, palm prints, and iris scans—as innovations that will help the FBI and its partners better carry out their missions into the future. NGI’s National Iris Service, for example, allows users like police and prison staff to enroll iris images without physical contact, linking a subject’s irises to their respective fingerprint records. “You want to talk about the textbook illustration of innovation,” Wray said. 

To help mark the occasion, artifacts spanning the fingerprint repository’s century-long history were on display for visitors. Items included vintage fingerprint cards, magnifiers, and the colored pencils that fingerprint examiners have used for generations. And a gallery of images illustrated the progression of fingerprint technology—from taking impressions with ink rollers and paper cards to the digital mobile devices that many agencies use today.

Now, investigators had to determine what these items were and where they had been stolen from.  

Some of these answers came from Scott Corbett, AUSA Newton said. “He had a very good memory and could tell us where Michael had stolen some of the firearms,” she noted. 

The investigative team also traveled to Cody, Wyoming, to attend a national museum curator’s meeting to see if any experts could help identify these mystery items. 

“It turns out Michael stole these items from museums from Massachusetts to as far south as Mississippi,” Newton said. “A lot of them were stolen from Pennsylvania. We believe he was responsible for two of the thefts at Valley Forge. He was also responsible for a theft at the U.S. Army War College Museum in Carlisle, Pennsylvania. So, we were able to identify some of these firearms.” 

Based on the evidence at hand, AUSA Newton explained, “We couldn’t charge him with the thefts, but what we could charge him with was possession of stolen property that had been transported interstate because he’s in Delaware.”  

Michael Corbett was indicted and pleaded guilty. As part of his plea, he agreed to help recover some of the items that the investigators were initially looking for when they searched his Delaware residence.  

“Leads in the Corbett case took the FBI Art Crime Team as far west as San Francisco,” Archer added. 

Coincidentally, during the investigation, a concerned collector called Dr. Stephenson because he believed he might’ve accidentally purchased a stolen rifle. 

The collector initially purchased the gun from a man named Thomas Gavin, believing it to be a copy of a famous rifle built by Moravian gunsmith John Christian Oerter. But the more he researched, the more he suspected he had the genuine article. The collector turned the rifle over to the authorities. 

Thomas Gavin turned out to be “a significant museum thief” in his own right, having robbed items from the Valley Forge Park, the Philadelphia Museum of Art, the Academy of Natural Sciences of Drexel University, and additional museums in the greater Philadelphia area. “But he too cooperated and told us what he had stolen,” AUSA Newton said. 

“We had to then stop, solve that case in order to figure out who stole what from where, in order to then pick the Corbett case back up and bring it home,” Archer recalled of the Gavin section of the overall investigation. “So, it was staggeringly complex across space and time and material.” 

But just like in Corbett’s case, investigators are still searching for items that Gavin stole, including a rifle that was once owned by naturalist John James Audubon. 

Even though the investigators’ work is ongoing, the impact of the partnership and the recovery of the artifacts cannot be overstated. 

“With the 250th anniversary of the American Revolution coming up,” said James Taub, an associate curator at the museum, “the teamwork and partnership between local police and the FBI have given us in Philadelphia and the historical community at large a really strong opportunity to reach people in ways that we haven’t before, through objects that people of my generation haven’t seen and that previous generations might not have seen since before the 200th anniversary of the American Revolution.” 

Dr. Stephenson echoed that sentiment, noting that “for us, as educator- and preservation-oriented institutions, these objects are irreplaceable.” 

Stephenson says the museum’s work isn’t done. “It may be that the person who stole an object say 50 years ago may have passed away long ago. In many cases, families may have things that they don’t realize where they came from, how they came into that collection, or things that were sold and passed around.”  

For this reason, he said, the museum is reexamining how it describes the missing objects, to highlight any valuable details that might spark someone’s memory. The museum is also spreading the word about the stolen items to antique enthusiasts and collectors. 

“The fact is, the vast majority of people want to do the right thing,” he said. 

But the FBI stands ready to investigate anyone who knowingly holds onto looted artifacts. 

“Ultimately,” said Special Agent Archer, “people who know that they are in possession of these stolen items and do the wrong thing, we certainly are prepared to investigate.” 

A federal jury returned guilty verdicts yesterday on all five counts in the superseding indictment against Rafat Amirov, also known as Farkhaddin Mirzoev, Pᴎᴍ, and Rome, 46, of Iran; and Polad Omarov, also known as Araz Aliyev, Polad Qaqa, and Haci Qaqa, 40, of Georgia. The defendants were convicted of murder-for-hire and attempted murder in aid of racketeering charges, in a trial before U.S. District Judge Colleen McMahon. Amirov and Omarov are scheduled to be sentenced on Sept. 17.

“The Iranian regime’s brazen plot to silence and murder Americans will not be tolerated,” said Sue J. Bai, head of the Justice Department’s National Security Division. “This verdict underscores the Department’s commitment to finding and holding accountable those who threaten our citizens and our freedoms. With the great work of our prosecutors and law enforcement partners, we are now one step closer to justice.”

“For years, the Government of Iran has attempted to silence an outspoken Iranian journalist, author, activist and critic of their regime through any means necessary, including harassment, violence, intimidation, and even attempted murder,” said Acting U.S. Attorney Matthew Podolsky for the Southern District of New York. “Chillingly, the plot to murder this Iranian dissident culminated over 6,000 miles from Iran, on U.S. soil, right here in New York, when a hitman with an AK-47 camped outside her home to kill her. I commend the career prosecutors of this office, and our law enforcement partners at the FBI’s Counterintelligence Division for their tireless work in bringing these defendants to justice. This verdict should send a clear message around the world: if you target U.S. citizens, we will find you, no matter where you are, and bring you to justice.”

“The defendants participated in a brazen plot to kill an Iranian American dissident in New York who criticized the regime in Iran,” said Acting Assistant Director Roman Rozhavsky of the FBI’s Counterintelligence Division. “Thanks to the good work of the FBI and our partners their plan failed. This verdict demonstrates the FBI will not tolerate Iran’s attempts to threaten, silence, or harm American citizens.”

According to court documents, Amirov and Omarov were high-ranking members of an Eastern European organized crime group (the Organization) who worked with other members of the Organization to attempt to kill Masih Alinejad on instructions from high-ranking members of the Islamic Revolutionary Guard Corps (IRGC). Alinejad has previously been the target of plots by the Government of Iran to intimidate, harass, and kidnap her for her work as a journalist, author, and human rights activist who has publicized the Government of Iran’s human rights abuses around the world. As recently as 2020 and 2021, Iranian intelligence officials and assets plotted to kidnap Alinejad from within the U.S. for rendition to Iran in an effort to silence her criticism of the Iranian regime.

After these brazen efforts to kidnap Alinejad from the U.S. failed, the IRGC turned to Amirov and Omarov to locate, surveil, and murder her. Beginning in approximately July 2022, Amirov sent targeting information—which he had received directly from IRGC officials in Iran—about Alinejad to Omarov. In turn, Omarov communicated this information to Khalid Mehdiyev, another member of the Organization who had been residing in Yonkers, New York, so that Mehdiyev could surveil Alinejad and murder her. In turn, Mehdiyev sent photographs and videos of Alinejad’s residence to Omarov, who shared these materials with Amirov and the IRGC officials who orchestrated the plot in Iran. Amirov and Omarov then arranged for a $30,000 cash payment to Mehdiyev, who used a portion of this payment to buy an AK-47 style assault rifle, two magazines, and at least 66 rounds of ammunition; as Mehdiyev boasted in electronic communications, a “war machine” he could use to kill Alinejad.

In late July 2022, Mehdiyev repeatedly traveled to Alinejad’s neighborhood to surveil her. Mehdiyev sent reports of his surveillance to Omarov, who passed them to Amirov. On July 24, 2022, Mehdiyev reported to Omarov from Alinejad’s residence that he was “at the crime scene.” On July 27, 2022, Omarov told Amirov that Mehdiyev was ready to kill Alinejad, writing “this matter will be over today. I told them to make a birthday present for me. I pressured them, they will sleep there this night.”  On July 28, 2022, Mehdiyev sent Omarov a video taken from inside the car that Mehdiyev was driving with the assault rifle and a message reading “we are ready.” Amirov sent an image of the interior of Alinejad’s home to Omarov to be forwarded to Mehdiyev, writing “this is the house where she stays.”  As Omarov continued to update Amirov about Mehdiyev’s readiness, Amirov cautioned Omarov “let him keep the car clean.”  When Mehdiyev subsequently drove from where he was surveilling the residence, he was stopped after a traffic violation and, during a subsequent search of the vehicle, police officers found the assault rifle, 66 rounds of ammunition, approximately $1,100 in cash, and a black ski mask.

After Mehdiyev was arrested and placed into custody, Omarov contacted Mehdiyev’s mother and threatened to kill her and her other son if she did not locate Mehdiyev.

Amirov and Omarov were convicted on five counts: murder-for-hire, which carries a maximum penalty of 10 years in prison (Count One); conspiracy to commit murder-for-hire, which carries a maximum penalty of 10 years in prison (Count Two); conspiracy to commit money laundering, which carries a maximum penalty of 20 years in prison (Count Three); attempted murder in aid of racketeering, which carries a maximum penalty of 10 years in prison (Count Four); and possession and use of a firearm in connection with the attempted murder, which carries a maximum penalty of life in prison and a mandatory minimum penalty of five years in prison (Count Five).

The FBI New York Field Office Counterintelligence-Cyber Division and the New York FBI Iran Threat Task Force are investigating the case, with assistance from the New York City Police Department (NYPD) and the NYPD Intelligence Bureau. The Department of Justice’s Office of International Affairs provided valuable assistance. The Justice Department thanked the authorities in the Czech Republic for their assistance.

Assistant U.S. Attorneys Michael D. Lockard, Jacob H. Gutwillig, and Matthew J.C. Hellman for the Southern District of New York are prosecuting the case with assistance from paralegal specialist Owen Foley and Trial Attorneys Christopher Rigali and Leslie Esbrook of the National Security Division’s Counterintelligence and Export Control Section.

Earlier today, in federal court in Brooklyn, defendant Quanzhong An, 58, of Roslyn Heights, New York, was sentenced to 20 months in prison for acting as an illegal agent of the government of the People’s Republic of China (PRC), for his participation in a scheme to cause the coerced repatriation of a U.S. resident (the U.S. Resident) to the PRC as part of the PRC government’s international extralegal repatriation effort known as “Operation Fox Hunt.” In addition to the term of imprisonment, An was ordered to pay a financial penalty of approximately $5 million, including approximately $1.3 million in restitution to the U.S. Resident and his family, as well as a $50,000 fine. An pleaded guilty in May 2024 and was charged in October 2022.

As set forth in the government’s sentencing memoranda and other court filings, An was a leading member of an international campaign to threaten, harass, and intimidate the U.S. Resident and his family members, with the goal of coercing the U.S. Resident to repatriate to the PRC. An participated in the multi-year scheme to elevate his status within the PRC government as a means of furthering his own economic interests.

An’s involvement in the repatriation scheme began in 2017, when he attempted to locate the U.S. Resident by visiting the home of the U.S. Resident’s adult son, without notice or invitation. The following year, An sent his daughter, as well as two PRC government officials, to the home of the U.S. Resident’s son. An subsequently met with the U.S. Resident’s son on numerous occasions, during which time An served as a mouthpiece for the PRC by conveying threatening messages on behalf of the PRC government. For example, An said he did not want to pronounce “ruthless words” from the PRC government but stated that PRC officials would “keep pestering [the U.S. Resident’s son], [and] make [his] daily life uncomfortable” if the son was unable to convince his father to repatriate to the PRC. An’s harassment continued unabated from 2017 until his arrest in 2022. An’s conduct intimidated individuals living in the United States and their loved ones in the PRC – just as it was intended to do – for the benefit of the PRC government.

At sentencing, Judge Matsumoto considered that An participated in additional criminal conduct. Specifically, he perpetrated a bank fraud and money laundering scheme to defraud U.S. financial institutions so that he could enjoy continued access to U.S.-based bank accounts. As part of this scheme, he moved millions of dollars from the PRC into the United States, deliberately deceiving U.S. financial institutions regarding the source and purpose of the funds.

The FBI has created a website for victims to report efforts by foreign governments to stalk, intimidate, or assault people in the United States. If you believe that you are or have been a victim of transnational repression, please visit the FBI’s website.

Supervisory Official Sue Bai, head of the Justice Department’s National Security Division, U.S. Attorney John J. Durham for the Eastern District of New York, and Acting Assistant Director in Charge Leslie R. Backshies of the FBI New York Field Office made the announcement.

Assistant U.S. Attorneys Alexander Solomon, Meredith A. Arfa, and Antoinette N. Rangel for the Eastern District of New York are prosecuting the case, with assistance from Trial Attorney Scott Claffee of the National Security Division’s Counterintelligence and Export Control Section. Claire S. Kedeshian of the Eastern District of New York’s Asset Recovery Section is handling forfeiture matters and Madeline O’Connor and Daniel Saavedra of the Eastern District of New York’s Financial Litigation Program are assisting with restitution matters.