Press "Enter" to skip to content

Gunpowder Gazette Exclusive: Federal Government Silent on Questionable Foreign Contracts with National Data Security Implications


Company with Ties to Russian Investor and Maryland Election System also had ties to the federal government –which said nothing at the time FBI agents raised alarm about the election connection.

After the FBI announced to Maryland legislators last year that the state’s voter registration and data server provider had ties to a Russian investor, lawmakers scrambled to assure voters that Maryland’s election process and data were secure.

Agents said that Greenwich, Connecticut based investment firm, Altpoint Capital, financially backed ByteGrid Holdings, which in 2015 purchased the Sidus Group, the company which previously contracted with the Maryland Department of Information Technology for the state’s board of elections online voter registration, election-night results and election information systems.

The problem was that federal agents discovered that ByteGrid was funded by Altpoint Capital, whose main investor, Vladimir Potanin, is a close ally of Russian President Vladimir Putin. But until agents alerted legislators of the connection, the state’s elections office was unaware of the introduction of a foreign investor when ByteGrid acquired the Sidus Group mid-way through the company’s contract for Maryland election data services.

But despite a similar and multi-year connection – discovered by The Gunpowder Gazette – in which the companies housed data for the federal government’s Department of Defense, Department of Labor, Department of Agriculture, Department of Veteran Affairs and a U.S. Army installation, the federal government has remained silent on its own connection to the companies which seemingly occurred right under its nose.

The exact nature of the federal data that was stored on ByteGrid’s servers remains unclear.

Here’s what we do know:

  • In 1999, the Sidus Group registered as an LLC in the state of Maryland.
  • In 2011, Altpoint Capital acquired an ownership stake in ByteGrid
  • In 2015, ByteGrid acquired divisions of the Sidus Group
  • In 2018, federal agents alerted the Maryland Elections Board of the connection.

During this time, both the Sidus Group and ByteGrid were directly involved with the federal agencies.

A review of federal government spending data, along with details for other federal contractors whose work involved the service providers, shows ByteGrid handled federal information systems, technology software, computer facilities management, and also served as a data storage facility for departments within the federal government, housing servers at its various data centers, government spending data shows.

Click to enlarge. Source: www.usaspending.gov
Click to enlarge. Source: www.usaspending.gov

If concerns existed regarding U.S. election data, shouldn’t data hosted by the companies – including that for the U.S. Department of Defense during the same time period – have also been a concern?

While most federal contracts with the companies expired by the time agents alerted Maryland officials of the connection in 2018, the companies’ involvement with the federal government spanned the time the FBI, Maryland legislators and election officials raised concern about the election connection. And a nearly 40-month contract between the US Department of Labor and the Office of the Inspector General with GovSmart shows that ByteGrid continued hosting federal data at its server warehouses, long after the foreign connection to Maryland’s election came to light.

Maryland Matters first reported on Altpoint’s connection to Maryland’s election system in July 2018.

That same month, numerous Russian intelligence officers were indicted for hacking offenses related to the 2016 presidential election.  At the time, ByteGrid said that its investor had no involvement in – or access to – the company’s operations, but the revelation was enough to spark calls for an investigation by the Committee on Foreign Investment in the United States (CFIUS) and trigger changes to U.S legislation in order to ensure that there are no foreign ties to the country’s election systems.

CFIUS, whose function is to authorize and review certain transactions involving foreign investment in the United States, and determine if the transactions pose threats to national security, would not respond to questions on the federal connection to the companies.

But in response to the companies’ connection to the Maryland election system, in August 2018, U.S. Senators Ben Cardin and Chris Van Hollen (both D-Md.) called on CFIUS to review the transaction between Altpoint Capital and ByteGrid. In an open letter about their concern for U.S. elections, Cardin and Van Hollen wrote, “Access to these systems by a foreign government could provide information for intelligence or other purposes adverse to U.S. national security interests.”

The senators also called on the U.S. Senate Rules Committee to sponsor a bill amendment protecting American election systems from any unknown foreign ownership and to require elections vendors to disclose such ownership as part of the Secure Elections Act.

A spokesperson for Maryland U.S. Congressman Dutch Ruppersberger told The Gunpowder Gazette that last year’s revelation concerning foreign investors’ ties to election systems was a “watershed moment” for the country that triggered legislation to ensure the county’s election data was free from any foreign ties.

In response to the concern, Ruppersberger co-sponsored a bill, the Securing America’s Federal Elections Act –  also known as the SAFE Act –  which addresses election security.  The House bill passed in June and awaits Senate support.

But whether the same concerns exist for federal data – including that for the U.S. Department of Defense – remains to be seen. CFIUS and the U.S. legislators would not say.

ByteGrid now

In May, ByteGrid sold its facilities and customer agreements, including its data servers housed in Maryland, Washington and Illinois to Lincoln Rackhouse and Agile Data Sites. But details about which of its data centers transferred to the companies is not known due to confidentiality agreements surrounding the acquisitions.

“We have confidentiality obligations regarding the transaction.  However, we can say that no ByteGrid entity is, nor have any been, affiliates or subsidiaries of Lincoln Rackhouse,” the company’s vice president , Ryan Crabtree, told The Gunpowder Gazette. “Also, Bytegrid is no longer operating, managing or involved with the sites that were purchased by Lincoln Rackhouse,” he said.

Jim Weller from Agile, said, “As far as I know ByteGrid no longer exists, and neither successor has any ties to Altpoint.”

In response to questions surrounding the Sidus Group and any continued foreign investment, Laura Berry, director of operations, said, “Sidus Group, LLC and its data centers have no connection to Altpoint Capital nor any of its investors.”

After the FBI informed officials of Sidus’ connection to AltPoint, the company pulled back from ByteGrid and, in February, Maryland’s Election Board moved its election system data to Virginia-based Intelishift.

While the elections board said it was confident Maryland’s election process had not been compromised by any foreign control, Maryland election officials said it was best for the agency to separate from any perceived nefarious involvement with the foreign investor who backed the company.

But what about the United States’ federal data? And how could the connection have been overlooked amid its own investigation into the U.S. election systems?

According to government spending records, The Sidus Group held three contracts with the US Department of Defense, one in which the company – which had been acquired by ByteGrid in 2015 – provided Information Technology software and services from 2014 to 2017 for the Defense Information Systems’ computer management services at Fort George G. Meade, a United States Army installation.

Under the name ByteGrid Holdings, redacted data shows three work orders – and two partial refunds to the company for a cost adjustment – although the redacted contract, which was awarded to multiple vendors for the Department of Veteran Affairs and Department of Agriculture – does not disclose the full extent of ByteGrid’s work for the government, except for the lease of its data center, Cleveland Tech Center, which it sold in 2017 to H5.

Yet, records found by The Gunpowder Gazette show that the federal government purchased computing and networking gear for infrastructure housed at Bytegrid facilities since 2015.

Along with ByteGrid, its investor, Altpoint, is partnered with a number of American companies, including Ford Modeling Agency, Lyft Drivers and Fidex, a California-based crypocurrency company, Altpoint’s website shows.

Altpoint did not respond to questions about its current connection to ByteGrid, which it continues to display as a partner on its website.  The company also would not say whether it continues to invest in companies tied to U.S. election systems or the federal government’s data.

ac@gunpowdergazette.com

One Comment

  1. Michele Guyton Michele Guyton October 2, 2019

    My office has already drafted a Bill to address the PIA timing issue you wrote about in the featured article. Thank you for bringing to my attention.

Leave a Reply

Your email address will not be published. Required fields are marked *

The Gunpowder Gazette, LLC - P.O. Box 183, Monkton, Maryland 21111 - All Rights Reserved