The Volokh Conspiracy

Mostly law professors | Sometimes contrarian | Often libertarian | Always independent

Volokh Conspiracy

"Indictment: Man Behind Cyberattacks Was Working for Wichita Lawyer"

Federal prosecutors have indicted two men for attacking Leagle (an online repository of court opinions), RipOffReport (a consumer gripe site), and JaburgWilk.com (the site of a law firm that sometimes represents RipOffReport).

|

The Justice Department reports on this indictment:

A Wichita lawyer and a computer software engineer were charged [Tuesday] in a federal indictment alleging they were responsible for cyberattacks on web sites that posted information critical of the lawyer's work, U.S. Attorney Stephen McAllister said.

Wichita Attorney Bradley A. Pistotnik, 62, and David Dorsett, 36, Wichita, Kan., co-founder of a company called VIRAL Artificial Intelligence, are charged with five counts of computer fraud and two counts of conspiracy. In addition, Pistotnik is charged with three counts of making false statements to the FBI.

The indictment alleges Pistonik and Dorsett are responsible for cyberattacks on Leagle.com, Ripoffreport.com and JaburgWilk.com. The indictment alleges Dorsett filled the web site's in-boxes with threats.

One of the emails read: "Remove this page and we stop" and "if you don't remove it we will begin targeting your advertisers and explain that this will stop happening to them once they pull their ads from leagle.com or leagle.com kills this page."

The indictment [also] alleges that when an FBI agent questioned Pistotnik he made false statements ….

Pistotnik responded to a KWCH-TV media query by saying,

We have been aware of these allegations for more than two years. We conducted our own investigation and shared our findings with the U.S. Attorney. We have had no request for follow-up, and we consider the matter closed. We are surprised the matter has resurfaced. We denied the allegations then and now.

Wichita press accounts suggest that Pistotnik is well-known as a local lawyer. I've seen no indication of just which case on leagle.com the attack was meant to get taken down, but it might have been In re Pistotnik (Kan. 1993):

This is an original proceeding in discipline filed [in 1992] by the Office of the Disciplinary Administrator against Bradley A. Pistotnik, an attorney admitted to the practice of law in Kansas. Two formal disciplinary complaints … were brought against Pistotnik based on a pattern of repeated criminal offenses and on his conduct in connection with a personal injury action….

IT IS … ORDERED that Bradley A. Pistotnik be and he is hereby suspended from the practice of law in the State of Kansas for a period of one year ….

Relatedly, some months ago a federal jury convicted a different man for a different but similar attack [UPDATE: but a new trial has been ordered]; here's the press release from when he was indicted:

A Seattle man has been charged in a federal indictment, returned late yesterday, with one count of knowingly causing the transmission of a command to a protected computer, announced U.S. Attorney John Parker of the Northern District of Texas (NDTX).

Kamyar Jahanrakhshan, aka "Kamyar Jahan Rakhshan," "Andy or Andrew Rakhshan," "Andy or Andrew Kamyar," and "Kamiar or Kamier Rakhshan," 37, of Seattle, Washington, was arrested late last month in the Western District of Washington (WDWA) on a related federal criminal complaint, filed on July 29, 2016, in the U.S. District Court for the NDTX. He made his initial appearance before a U.S. Magistrate Judge in federal court in the WDWA on July 26, 2017, and was detained. The U.S. Magistrate Judge set Rakhshan's identity hearing in WDWA on August 14, 2017, after which, Rakhshan should be transported to Dallas to appear in a federal court in the NDTX.

The indictment alleges that between December 30, 2014 and January 25, 2015, Jahanrakhshan knowingly caused the transmission of a program, information, code, and command, and, as a result of such conduct, intentionally caused a denial of service attack on the website Leagle.com without authorization to a protected computer causing a loss of at least $5,000 during a one-year period.

UPDATE [Aug. 9, 2018]: It turns out that two days before I posted the original post, the district judge in Jahanrakhshan granted a new trial, because the jury hadn't been properly instructed that it could convict either for the felony computer crime (if it found that the loss was at least $5,000) or for a misdemeanor computer crime (if it found that the loss was less than $5,000). The jury did find that Jahanrakhshan had committed the crime, and that the loss was at least $5,000, but under federal rules related to lesser included offenses, a new trial was apparently justified; it's scheduled for later this year.