Collapse of national security elites’ cyber firm leaves bitter wake
Lt. Gen. Keith Alexander, director of the National Security Agency, speaks at the RSA Conference in San Francisco on April 21, 2009. (AP Photo/Jeff Chiu, File)
IronNet co-CEOs William Welch, center left, and Keith Alexander, center right, ring the opening bell of the New York Stock Exchange, to celebrate their company’s listing, Thursday, Sept. 9, 2021. Partially obscured behind Alexander is Andre Pienaar. (AP Photo/Richard Drew, File)
National Security Agency Director Gen. Keith Alexander approaches the witness table on Capitol Hill in Washington, Tuesday, June 18, 2013, to testify before the House Intelligence Committee hearing regarding NSA surveillance. (AP Photo/Charles Dharapak, File)
BY ALAN SUDERMAN
October 3, 2024
WASHINGTON (AP) — The future was once dazzling for IronNet.
Founded by a former director of the National Security Agency and stacked with elite members of the U.S. intelligence establishment, IronNet promised it was going to revolutionize the way governments and corporations combat cyberattacks.
Its pitch — combining the prowess of ex-government hackers with cutting-edge software – was initially a hit. Shortly after going public in 2021, the company’s value shot past $3 billion.
Yet, as blazing as IronNet started, it burned out.
Last September the never-profitable company announced it was shutting down and firing its employees after running out of money, providing yet another example of a tech firm that faltered after failing to deliver on overhyped promises.
The firm’s crash has left behind a trail of bitter investors and former employees who remain angry at the company and believe it misled them about its financial health.
IronNet’s rise and fall also raises questions about the judgment of its well-credentialed leaders, a who’s who of the national security establishment. National security experts, former employees and analysts told The Associated Press that the firm collapsed, in part, because it engaged in questionable business practices, produced subpar products and services, and entered into associations that could have left the firm vulnerable to meddling by the Kremlin.
“I’m honestly ashamed that I was ever an executive at that company,” said Mark Berly, a former IronNet vice president. He said the company’s top leaders cultivated a culture of deceit “just like Theranos,” the once highly touted blood-testing firm that became a symbol of corporate fraud.
IronNet’s collapse ranks as one of the most high-profile flameouts in the history of cybersecurity, said Richard Stiennon, a longtime industry analyst. The main reason for its fall, he said: “hubris.”
“The company got what was coming to” it, Stiennon said.
IronNet and top former company officials either declined to comment or did not respond to requests for comment.
The general
IronNet’s founder and former CEO Keith Alexander is a West Point graduate who retired as a four-star Army general and was once one of the most powerful figures in U.S. intelligence. He oversaw an unprecedented expansion of the NSA’s digital spying around the world when he led the U.S.’s largest intelligence agency for nearly a decade.
Alexander, who retired from the government in 2014, remains a prominent voice on cybersecurity and intelligence matters and sits on the board of the tech giant Amazon. Alexander did not respond to requests for comment.
IronNet’s board has included Mike McConnell, a former director of both the NSA and national intelligence; Jack Keane, a retired four-star general and Army vice chief of staff, and Mike Rogers, the former Republican chairman of the House Intelligence Committee who is running for the U.S. Senate in Michigan. One of IronNet’s first presidents and co-founders was Matt Olsen, who left the company in 2018 and leads the Justice Department’s National Security Division.
Alexander’s reputation and the company’s all-star lineup ensured IronNet stood out in a competitive market as it sought contracts in the finance and energy sectors, as well as with the U.S. government and others in Asia and the Middle East.
IronNet marketed itself as a kind of private version of the NSA. By scanning the networks of multiple customers, the company claimed, IronNet’s advanced software and skilled staff could spot signals and patterns of sophisticated hackers that a single company couldn’t do alone. The company dubbed the approach the “Collective Defense Platform.”
The South African
Venture capital firms were eager to invest. Among IronNet’s biggest early boosters was C5 Capital, an investment firm started and run by Andre Pienaar, a South African who had spent years serving the needs of the ultra-rich while cultivating business relationships with former top national security officials.
C5’s operating partners – essentially expert advisers — include former Chairman of the U.S. Joint Chiefs of Staff Mike Mullen and Sir Iain Lobban, who used to lead the U.K.’s signals intelligence agency equivalent to the NSA. Former C5 operating partners include National Cyber Director Harry Coker Jr. and Ronald Moultrie, who resigned earlier this year as undersecretary of defense for intelligence and security.
Prior to going into venture capital, Pienaar was a private investigator and started a firm called G3 Good Governance Group whose clients included blue chip companies, wealthy individuals and the British royal family. Pienaar also worked at the time to help Russian oligarch Viktor Vekselberg cement relationships with London’s rich and famous, according to William Lofgren, a former CIA officer and G3 co-founder.
“The relationship was steady and frequent because both Andre and Vekselberg saw merit in it,” said Lofgren.
ADVERTISEMENT
Pienaar also helped Vekselberg win a share of a South African manganese mine in 2005 and then later served as one of the oligarch’s representatives on the mine’s board of directors until early 2018, internal G3 records and South African business records show.
Vekselberg has been sanctioned twice by the U.S. government, first in April 2018 and again in March 2022. The U.S. Treasury Department has accused him of taking part in “soft power activities on behalf of the Kremlin.”
In 2014, the FBI publicly warned in an op-ed that a Vekselberg-led foundation may be “a means for the Russian government to access our nation’s sensitive or classified research.”
Pienaar’s long association with Vekselberg should have disqualified him from investing in IronNet, which was seeking highly sensitive U.S. defense contracts, former intelligence officials said.
The company’s leaders “absolutely should have known better,” said Bob Baer, a former CIA officer.
He added that Russian intelligence services would have had a strong interest in a company like IronNet and have a history of using oligarchs like Vekselberg to do their bidding, either directly or through witting or unwitting proxies.
Pienaar also sponsored a swanky Russian music festival that Vekselberg and a close associate, Vladimir Kuznetsov, put on in Switzerland. Kuznetsov, who served as a key investment adviser to Vekselberg, was also an investor in Pienaar’s investment firm.
Alexander and others at IronNet either did not know the details of Pienaar’s relationships with Vekselberg or did not find them troubling: A month after Vekselberg was first sanctioned in 2018, Pienaar joined IronNet’s board and C5 announced it was putting in a $35 million investment.
C5’s investment would grow to $60 million by the time IronNet went public, giving the investment firm around a 7% stake in the company.
Vekselberg did not respond to requests for comment. Kuznetsov told the AP he stopped speaking to Pienaar about five years ago but did not say why.
“I’m not commenting on that,” Kuznetsov said.
Pienaar’s attorneys said he has never had a relationship with Vekselberg. The lawyers said the mine’s filings with the South African government’s regulatory agency that listed Pienaar as a director were incorrect and should be “viewed as suspect” because news reports indicated the agency has been hacked.
Pienaar filed a defamation lawsuit last year against an Associated Press reporter who sought interviews with Pienaar’s former associates. The AP said the suit, which remains pending, was meritless and an attempt to stifle legitimate reporting.
The fall
Not long after Alexander rang the opening bell at the New York Stock Exchange in September 2021, IronNet’s stock price soared, making its founders and early investors extremely wealthy on paper.
Top officials were prohibited from unloading their stock for several months, but Alexander was allowed to sell a small amount of his shares. He made about $5 million in early stock sales and bought a Florida mansion worth the same amount.
IronNet was projecting exponential growth that required the company to land a handful of major contracts, according to confidential board documents obtained by the AP.
Those prospective deals included one valued at up to $10 million to provide cybersecurity for the U.S. Navy’s contractors and a more than $22 million deal with the government of Kuwait.
It did not take long for IronNet’s promises to slam into a tough reality as it failed to land large deals and meet revenue projections. Its products simply didn’t live up to the hype, according to former employees, experts and analysts.
Stiennon, the cybersecurity investing expert, said IronNet’s ideas about gathering threat data from multiple clients were not unique and the company’s biggest draw was Alexander’s “aura” as a former NSA director.
The AP interviewed several former IronNet employees who said the company hired well-qualified technicians to design products that showed promise, but executives did not invest the time or resources to fully develop the technology.
When IronNet tried to land contracts with the NSA, officials dismissed the company’s offerings as unserious, according to a former member of U.S. Cyber Command who was at the meeting but not authorized to discuss government procurement proceedings publicly.
The failure to win large contracts quickly derailed IronNet’s growth plans. In December 2021, just a few months after going public, IronNet downgraded its annual recurring revenue projections by 60%.
Another sign that things were not well: IronNet and C5 were engaging in a questionable business practice in an apparent effort to juice the cybersecurity firm’s revenues, according to C5 records and interviews with former employees at both firms.
In addition to being a major investor, C5 was also one of IronNet’s biggest customers, accounting for a significant part of the cybersecurity firm’s revenue when it went public.
C5 had signed two multi-year customer contracts with IronNet for $5.2 million, according to internal C5 records.
Contracts of that size were typical for large clients with thousands of employees, not a small investment firm like C5 that had a couple dozen employees and partners, former IronNet employees said.
“That’s an inflated number,” said Eddie Potter, a former top sales executive at IronNet, when told by the AP of the size of C5’s contracts with IronNet. He added there was “no way” that C5 required services “worth $5 million.”
Indeed, one C5 internal record obtained by the AP shows it budgeted only about $50,000 a year for IronNet’s services.
Pienaar’s attorneys said C5’s contracts with IronNet were to help protect the U.K. government’s hospitals and other entities against “escalating cyberattacks during the COVID-19 pandemic.” His attorneys said the work was coordinated through a charity Pienaar and C5 created in 2020.
Securities and Exchange Commission filings and C5 records show C5’s contracts with IronNet were signed in the summer and fall of 2019 — several months before the onset of the coronavirus pandemic. Pienaar’s attorneys said Alexander and Pienaar were “briefed on the shocking scale of hostile nation-state cyberattacks on hospitals” in 2019, which created the “foundation” for IronNet’s work with C5.
Pienaar’s charity never registered with the IRS, as one of Pienaar’s companies claimed in U.K. business filings, and former C5 and IronNet officials said they did not see it do any substantive work.
“It was marketing, fluffy crap,” said Rob Mathieson, a former IronNet vice president.
Pienaar’s attorneys said his charity was successful but there was “insufficient time” for it to register with the IRS.
After reporting millions in revenue from C5 from 2020 to 2023, IronNet wrote off $1.3 million from C5 in what the cybersecurity firm claimed was “bad debt,” IronNet’s filings with the SEC show. Pienaar’s attorneys said the write-off represented a reduction in the cost of providing services to his charity and denied that C5 had not fulfilled its financial obligations to IronNet.
IronNet was not alone in having trouble getting money from Pienaar and his firms.
A group of nuns sued C5 in 2022, court records show, alleging it failed to return their $2.5 million investment in a tech incubator that Pienaar had promoted as a way to boost socially conscious start-ups. C5 agreed to refund the nuns’ investment, plus attorney fees and expenses, to settle the lawsuit, records show. The nuns’ financial adviser, Carolyn LaRocco, told the AP that Pienaar used the nuns’ investment to pay expenses she believed were unwarranted.
An affiliate of the United States Institute of Peace, a nonprofit established by Congress, sued Pienaar in 2020 after he failed to pay a promised $1.5 million personal donation, federal court records show. The nonprofit’s affiliate then took Pienaar back to court after he failed to make payments on time as part of a settlement. Pienaar used $500,000 from a C5 bank account to meet a court-ordered deadline for payment, court records show. C5 staff were concerned about Pienaar’s use of the firm’s funds to cover his personal debt, according to C5 records.
In the last year, Pienaar-controlled entities have been sued by a top former CIA executive who alleged C5 owed him back wages and a Washington landlord who accused Pienaar’s firms of failing to pay more than $140,000 in rent and associated costs. The suits were dismissed soon after they were filed, indicating the parties likely settled, court records show. A lawsuit recently filed by a financial services firm alleges C5 owes it more than $1 million in unpaid debts.
The crash
After slashing revenue projections in December 2021, Alexander tried to project confidence and said IronNet was still on track to see its revenue rise.
It didn’t work. IronNet’s stock went into a prolonged skid and the company underwent multiple rounds of layoffs.
In April 2022, the company was hit with a class-action lawsuit from investors who alleged IronNet had fraudulently inflated its revenue projections to boost its stock price.
The company has denied any wrongdoing but recently agreed to pay $6.6 million to settle the lawsuit, according to a proposed settlement filed in federal court. Alexander told Bloomberg News this past January that IronNet’s troubles stemmed in part from his naivety about how the business world worked.
C5 began loaning money to IronNet to keep it afloat starting at the end of 2022 while Pienaar continued to try and boost the company’s brand.
In September of last year, IronNet announced it had run out of money and was closing its doors.
A Pienaar-controlled entity stepped in shortly afterwards with $10 million in loans to allow the company to restructure via bankruptcy.
A dramatically scaled-down version of IronNet led by Pienaar’s allies went private in February and announced Alexander had stepped down as chairman of the board.
Pienaar remains bullish on the company, which he said continues to successfully protect clients in the U.S. and Europe from cyber threats. IronNet’s more recent activities have included looking to partner with the government of Ukraine.
“Any accusation that IronNet has been anything other than successful is categorically false,” his attorneys told the AP.
Many of C5’s investors and former employees are baffled by Pienaar’s continued heavy bets on IronNet after it has been soundly rejected by the market.
During bankruptcy proceedings earlier this year, an investment bank approached 114 prospective buyers for IronNet, federal court records show. None of them made an offer.
ALAN SUDERMAN
Suderman is an Associated Press investigative reporter interested in national security, cybersecurity and other related topics.
No comments:
Post a Comment