In 2019, the Afghan President’s office granted SOS International (SOSi), a Virginia military contractor with links to American special forces units and intelligence agencies, exclusive access to illegal artisanal mines across Afghanistan as part of a scheme to privatize a Pentagon backed chromite mining operation. Secrecy haven documents and metadata revealed the brother of the now former President, Ashraf Ghani, was a major shareholder of the relevant SOSi subsidiary.
Many factors led to the end of the American military mission in Afghanistan and the ensuing collapse of Kabul, but our article was a major piece of the broad picture of the failure of the war that emerged last spring. Defense journalist Spencer Ackerman called our story “one of the best pieces of journalism of the entire Afghanistan war.” Its release sparked protests in Afghanistan and further eroded faith in the country’s corrupt and dictatorial government, both amongst the Afghan people and American policymakers. The FBI also appears to be investigating the case now.
The primary tool was comparative metadata analysis. We used it to match phone numbers, addresses and photos on corporate, banking, archived websites, business registries, and social media and communication platforms like Skype and WhatsApp, along with several other data sources, in order to identify the beneficial owners of companies involved in corruption.
We also obtained confidential documents based on bulk sourcing through similar metadata techniques. Using LinkedIn metadata, we built source email lists and managed to obtain Afghan government records and even secret records from a UAE secrecy haven, one of the most secure jurisdictions on Earth.
What was the hardest part of this project?
The hardest part of this project was cracking Ras al-Khaimah. We had gathered tons of circumstantial evidence that the President of Afghanistan’s brother was involved in a corrupt scheme with an American contractor, largely through matching phone numbers and addresses, but the smoking gun was concealed in a jurisdiction designed to help dictators and other criminals hide their money and corruption.
Through taking a broad approach we managed to find a way to access that information.
What can others learn from this project?
The value of bulk sourcing. The weak point in even the most secure jurisdiction is it requires employees, from interns up, to have access to data that dictators and kleptocrats want hidden. People are predictable and with the right tools to check metadata and good pattern recognition, it is possible to find contact information for a large number of employees of an organization and engage in bulk sourcing.