Rodney Joffe

Rodney Joffe
Born	Rodney Lance Joffe 1954 (age 69–70) South Africa
Other names	Max
Citizenship	American[1]
Occupation	Computer scientist
Known for	Computer security

Rodney Joffe is a South African/American entrepreneur and cybersecurity expert.^[2] He is a recipient of the FBI's Director's Award for Outstanding Cyber Investigation for his role in uncovering the Mariposa botnet.^[3]

Early life

Joffe was born in South Africa.^[4] He has been involved in information technology since 1973, when he trained as a systems analyst and programmer in the pensions actuarial group of the Old Mutual Life Insurance Company in Cape Town.^[5]

Career

Joffe is credited with creating web site hosting company Genuity (Internet company), as well as UltraDNS, a domain name service company which was sold to Neustar in 2006. He retired from Neustar in September, 2021.^[6]

From 2009-2010, Joffe was Director of the Conficker Working Group.^[7]

Durham inquiry

Main articles: Russia investigation origins counter-narrative § Durham inquiry, and John Durham § Indictment of attorney

On September 15, 2021, Internet researchers successfully extrapolated information from civil litigation brought by Alfa Bank and other open source data to identify Joffe as "Max" from Dexter Filkins' New Yorker articles about Alfa-Bank and The Trump Organization, in addition to being a client of Michael Sussmann.^[8][9][10]

On September 30, 2021, Joffe was confirmed to be Tech Executive-1.^{[11][12][13][2]}

In a February 2022 court motion related to Michael Sussmann's prosecution, Special Counsel Durham alleged that Joffe and his associates had exploited access his company had through a pending cybersecurity contract with the Executive Office of the President (EOP) to acquire nonpublic government domain name system and other data traffic "for the purpose of gathering derogatory information about Donald Trump."^[14][15] Durham did not allege that any eavesdropping of Trump communications content occurred,^[16] and on March 4, 2022, he dropped these claims against Joffe.^[17][18]

A spokesman for Joffe released a statement asserting that his client had lawful access under a contract to analyze White House DNS data for potential security threats.^[19] The spokesman stated that Joffe's work was in response to hacks of the EOP in 2015 and of the DNC in 2016, as well as Russian YotaPhone queries in proximity to the EOP and the Trump campaign, that raised "serious and legitimate national security concerns about Russian attempts to infiltrate the 2016 election". According to Joffe's spokesman, "deeply concerned" cybersecurity researchers prepared a report "about the anomalies they found in the data" and shared it with the CIA.^[20]

Awards

In 2013, Joffe received the FBI's Director's Award for Outstanding Cyber Investigation for his role in uncovering the Mariposa botnet.^[21]

In 2015, Joffe received the Mary Litynski Lifetime Achievement Award from M3AAWG, for his lifetime work in fighting text spam, malware and DDoS attacks.^[22]

In 2018, Joffe received the Contribution to Cyber Security Award, presented at the 2018 Computing Security Awards. ^[23]

Three years in a row from 2018-2020, Joffe was named Cybersecurity Professional of the Year, at the Cybersecurity Excellence Awards.^[24]

Patents

1. Distributed computing system and method for distributing user requests to replicated network servers - Hopscotch - US 8,683,075 ^[25]
3. Domain name system and method of operating using restricted channels - US 9,871,794 ^[26]
5. Domain name system and method of operating using restricted channels - US 10,356,097 ^[27]
7. Method And System For Detecting Network Compromise - US 9,356,942 ^[28]
9. Method And System For Detecting Network Compromise - Continuation - US 9,674,222 ^[29]
11. Method and apparatus for balancing the process load on network servers according to network and serve based policies - US 6,185,619 ^[30]
13. Method and system for detecting network compromise - US 10,230,761 ^[31]
15. Multi-tenant unit - US 6,144,638 ^[32]
17. Secure Domain Name System - US 9,648,004 ^[33]
19. Secure Domain Name System - US 9,172,713 ^[34]

References

1. "Memo of Law Re Sussmann 10.12.21 Exhibits - Part 1". p. 93. Retrieved October 15, 2021. Did you understand why Mr. Sussmann was using a pseudonym for Rodney Joffe? [...] To the best of my recollection, it was described to me as this is an individual [Joffe] who is a senior official who has both significant government and nongovernment contracts. Someone who has no interest in being part of a news cycle, but yet as a patriotic American, felt it was his duty to provide this information to the government in some way for them to take some further research action.
2. Perez, Evan; Polantz, Katelyn (September 30, 2021). "Durham issues fresh round of subpoenas in his continuing probe of FBI investigation into Trump, Russia". CNN. Archived from the original on September 30, 2021. While working for Perkins Coie, Sussmann also represented Rodney Joffe, a cybersecurity expert referred to in Durham's indictment as "Tech Executive-1." In 2016, Joffe, who has not been previously identified, worked with researchers to collect internet data about the Trump Organization that Sussmann took to the FBI.
3. "StackPath".
4. Butterworth, Trevor (September 27, 2010). "Computer Worm Invaded Iranian Nuke Plant". The Daily Beast. Archived from the original on September 18, 2021. Charming and quick-witted, Joffe, who is 55 and originally hails from South Africa...
5. "Nominating Committee – Members 2005". www.icann.org. ICANN. Retrieved February 13, 2022.
6. Blackwell, Evelyn (30 September 2021). "Who is Rodney Joffe, aka 'Tech Executive-1' in Durham indictment?". World News Era. Joffe retired earlier this month from Neustar Inc., a Reston, Va.-based company that provides various internet-related services.
7. "Conficker still a threat, says Working Group". Infosecurity Magazine. 2010-06-14. Retrieved 2022-06-17.
8. Filkins, Dexter (October 8, 2018). "Was There a Connection Between a Russian Bank and the Trump Campaign?". The New Yorker. Archived from the original on October 8, 2018. In June, 2016, after news broke that the Democratic National Committee had been hacked, a group of prominent computer scientists went on alert. Reports said that the infiltrators were probably Russian, which suggested to most members of the group that one of the country's intelligence agencies had been involved. They speculated that if the Russians were hacking the Democrats they must be hacking the Republicans, too. "We thought there was no way in the world the Russians would just attack the Democrats," one of the computer scientists, who asked to be identified only as Max, told me. [...] (Max described himself as "a John McCain Republican.") [...] Max's group began combing the Domain Name System, a worldwide network that acts as a sort of phone book for the Internet, translating easy-to-remember domain names into I.P. addresses, the strings of numbers that computers use to identify one another. [...] Max and his group are part of a community that has unusual access to these records, which are especially useful to cybersecurity experts who work to protect clients from attacks. Max and the other computer scientists asked me to withhold their names, out of concern for their privacy and their security. I met with Max and his lawyer repeatedly, and interviewed other prominent computer experts.
9. @Fool_Nelson (September 15, 2021). "3/ Given "Max/@michaelsuss's client" was a "John McCain Republican", Joffe is a good candidate given he donated to a Republican while living in Arizona and his company @Neustar has been represented by Perkins Coie" (Tweet). Archived from the original on September 21, 2021 – via Twitter.
10. "Identity of 'Tech Executive' in Durham indictment over Alfa Bank claims revealed". Washington Examiner. September 30, 2021. Archived from the original on October 1, 2021. Online sleuths figured out earlier this month Joffe was likely the unnamed technology executive.
11. Savage, Charlie; Goldman, Adam (September 30, 2021). "Trump Server Mystery Produces Fresh Conflict". The New York Times. Archived from the original on September 30, 2021. [T]hree of their names have appeared among a list of data experts in a lawsuit brought by Alfa Bank, and Trump supporters have speculated online about their identities. The Times has confirmed them, and their lawyers provided statements defending their actions. [...] "Tech Executive-1" is Mr. Joffe, who in 2013 received the F.B.I. Director's Award for helping crack a cybercrime case, and retired this month from Neustar, another information services company.
12. McIntyre, Stephen [@ClimateAudit] (September 30, 2021). "ALL of the identifications of co-conspirators and participants in the Sussmann Indictment previously proposed in this corner of Twitter have been confirmed by Savage (just as he grudgingly confirmed identifications of Danchenko etc last year)" (Tweet). Archived from the original on September 30, 2021 – via Twitter.
13. Ross, Chuck [@ChuckRossDC] (September 30, 2021). "CNN confirms what @FOOL_NELSON sleuthed a while back -- "Tech executive 1" in the Sussmann indictment is Rodney Joffe of the firm Neustar. Alfa Bank had subpoenaed Joffe earlier this year in its lawsuit against Fusion GPS" (Tweet) – via Twitter.
14. Neidig, Harper (February 14, 2022). "Durham alleges cyber analysts 'exploited' access to Trump White House server". The Hill.
15. Alexander Mallin; Jack Date (February 15, 2022). "Special counsel, Democratic lawyer clash over new allegations regarding data purported to tie Trump to Russia". ABC News.
16. Katelyn Polantz; Evan Perez (February 14, 2022). "Special counsel Durham alleges Clinton campaign lawyer used data to raise suspicions about Trump". CNN.
17. emptywheel (2022-03-06). "John Durham Drops Claim that Rodney Joffe "Mined" EOP Data for Derogatory Information on Trump from Boilerplate". emptywheel. Retrieved 2022-06-17.
18. "Michael Sussmann's Attorneys: John Durham Engaged in 'Extraordinary Prosecutorial Overreach' and Failed to Cite a 'Single Analogous Precedent' for Indictment". Law & Crime. 2022-03-12. Retrieved 2022-06-17.
19. Savage, Charlie (February 14, 2022). "Court Filing Started a Furor in Right-Wing Outlets, but Their Narrative Is Off Track". The New York Times.
20. Alexander Mallin; Jack Date (February 15, 2022). "Special counsel, Democratic lawyer clash over new allegations regarding data purported to tie Trump to Russia". ABC News. As a result of the hacks of EOP and DNC [Democratic National Committee] servers in 2015 and 2016, respectively, there were serious and legitimate national security concerns about Russian attempts to infiltrate the 2016 election. Upon identifying DNS queries from Russian-made Yota phones in proximity to the Trump campaign and the EOP, respected cybersecurity researchers were deeply concerned about the anomalies they found in the data and prepared a report of their findings, which was subsequently shared with the CIA.
21. "Neustar's Rodney Joffe Receives Prestigious FBI Director's Award". October 29, 2013. Archived from the original on September 21, 2021.
22. Group (M3AAWG), Messaging Anti-Abuse Working (2015-06-10). "Rodney Joffe Receives 2016 M3AAWG Mary Litynski Award for Lifetime Work in Fighting Text Spam, Malware and DDoS Attacks". GlobeNewswire News Room. Retrieved 2022-06-17.
23. 2018 Computing Security Awards: The Contribution to Cyber Security Award, retrieved 2022-06-17
24. "Rodney Joffe Named a 2020 Cybersecurity Professional of the Year by the Cybersecurity Excellence Awards". I-COM. Retrieved 2022-06-17.
25. "United States Patent: 8683075 - Distributed computing system and method for distributing user requests to replicated network servers".
26. "United States Patent: 9871794 - Domain name system and method of operating using restricted channels".
27. "United States Patent: 10356097 - Domain name system and method of operating using restricted channels".
28. "United States Patent: 9356942 - Method and system for detecting network compromise".
29. "United States Patent: 9674222 - Method and system for detecting network compromise".
30. "United States Patent: 6185619 - Method and apparatus for balancing the process load on network servers according to network and serve based policies".
31. "United States Patent: 10230761 - Method and system for detecting network compromise".
32. "United States Patent: 6144638 - Multi-tenant unit".
33. "United States Patent: 9648004 - Secure domain name system".
34. "United States Patent: 9172713 - Secure domain name system".