A technological and legal war has erupted between two companies over the control of Visec Cloud, a service used by security cameras for license plate recognition in South Africa.
Visec’s license plate recognition (LPR) service is used all over South Africa. Its clients include residential communities and the conservation industry. Game reserves and game farms use LPR as an additional line of defence against poachers.
On 3 April 2019, the Visec Cloud went offline without any notice to clients. In the days following the outage, the story started to emerge as the two companies involved attacked one another in e-mails sent to clients.
The first shots were fired by Alexander Bordbar, founder of Philex Enterprises Inc., which originally developed the Visec Cloud. Bordbar alleged that the South African judicial system had been manipulated to allow the illegal confiscation of the Visec Cloud.
In response, Visec Sub Sahara (Visec SA) sent an e-mail to clients stating that it went to the Western Cape High Court for an order to help regain control of its cloud service.
Visec SA approached the court when Philex, which was its technology partner, transferred the Visec Cloud service from Hetzner (now Xneelo) to RSAWeb. This move placed the Visec Cloud service entirely under the control of Philex.
In one of the e-mails sent to clients, Bordbar stated that Philex made the move due to the “instability of financial health from Visec Sub Sahara”, and because it got better pricing and support from RSAWeb.
Visec SA contested this version of events, telling MyBroadband that Visec, and not Philex, had been paying the hosting bills at Xneelo and Amazon.
To regain control of the Visec Cloud services, Visec SA appeared before a judge of the Western Cape High Court on 3 April 2019 with an ex parte application.
Ex parte means that only the applicant is arguing the case before the judge.
For an ex parte application to succeed under these kinds of circumstances, the applicant (Visec SA) must provide all material facts to the court. It must also give a solid argument for why they do not want the defending party notified.
Visec SA essentially argued that notifying Philex would allow it to destroy the servers or move them outside the jurisdiction of South Africa. It also argued that Philex moved the servers from Xneelo to RSAWeb without the knowledge or consent of Visec SA.
The court sided with Visec SA and granted a provisional order compelling RSAWeb to hand over access to the servers. A court date was set for 30 April to allow Philex to argue its side of the story.
RSAWeb confirmed to MyBroadband that it duly complied with the court order, and shut the servers down on 3 April on instruction from Visec Sub Sahara.
Philex ultimately declined to defend its case, even though Bordbar said they would show in court that Visec SA had lied to the judge. The court made its final ruling in favour of Visec SA on 30 April, and ordered Philex to pay the cost of Visec SA’s lawyers.
At some point in the midst of this, a company called Global Technology Asset Partners claims to have acquired all of the Visec assets, intellectual property, and trademarks from Philex. It also claimed that the deal excluded any of Philex’s liabilities.
A person claiming to speak for Global Technology Asset Partners told MyBroadband that Philex had informed them that it would not defend itself in court. Philex believed that even if they won, it would not accomplish anything.
Philex stated that the court case did not deal with the ownership of the Visec Cloud intellectual property, but only control of the servers.
It argued that Visec SA already had control of the servers, and that Philex had already restored the cloud service from backups. According to Philex, going to court to fight over the servers was a moot point.
Visec Sub Sahara saves Philex and the Visec Cloud
The court ruling in favour of Visec SA was not the end of the matter. One battle had been decided, but the war was far from over.
Philex bad-mouthed Visec SA in e-mails sent to clients and Visec SA retorted. The two companies fought in software and networking configurations to redirect clients back to their respective versions of the Visec LPR Cloud service.
However, to fully appreciate what happened, it is necessary to backtrack and tell the story of how Visec SA acquired the Sub-Saharan rights for the original LPR Cloud from Philex, and how the deal turned sour.
The players are:
- Gary Scagell — Co-founder and CEO of Visec Africa
- Alex Bordbar — Co-founder of Visec Africa and CTO of Philex Enterprises, Inc.
- Chris Muller — The owner and founder of Visec Sub Sahara through a holding company called Vetus Schola Boland.
- Jason Berry — Chief Strategist for Visec Sub Sahara
According to shareholder agreements and e-mails filed as part of the ex parte application, Chris Muller started off as a Visec client, spending over R3.2 million on cameras and server infrastructure that ran on Visec’s software and services.
Muller bought into Visec in 2017, agreeing to float the company R250,000 per month for 12 months on a loan account, to be repaid when the company could do so.
Based on e-mails from Alex Bordbar, Muller’s investment in Visec came at a critical time.
“Chris saved the project and I will always feel strong gratitude to him for delivering at the absolute time of need,” Bordbar wrote in an e-mail dated 30 May 2018.
Rather than simply buying a stake of Visec Africa, though, Muller created a new entity called Visec Sub Sahara (Pty.) Ltd. He held 50% of its shares, while Scagell and Bordbar (through Philex) each held 25%.
A query for Visec Africa through the Companies and Intellectual Property Commission (CIPC) database gives an indication of why they decided to wind up the company and start fresh.
Visec Africa hasn’t filed any annual returns since 2012. The CIPC ultimately flagged it as “deregistered” in August 2016.
Business deal gone sour
After it became clear that Muller’s initial loan was not going to be repaid anytime soon, Visec SA negotiated a deal where it would buy out Bordbar and Scagell.
The deal went through in May 2018 and was structured as a back-to-back transaction. Philex would sell its 25% shareholding to Scagell, allowing Scagell to sell a total of 50% of the shares to Visec Sub Sahara. This effectively gave Muller full control of Visec Sub Sahara.
The first Sale of Share Agreement between Philex and Scagell is part of the court record, and it shows that Scagell agreed to pay R25 for the shares.
MyBroadband has seen the second Sale of Share Agreement between Scagell and Visec Sub Sahara. After subtracting the outstanding debt from the sales price, Scagell was paid R90,000.
Following the deal, Philex was to stay on as Visec Sub Sahara’s technical partner, and was to maintain and continue developing the Visec Cloud for a monthly retainer.
This is where things seemed to turn sour.
Jason Berry, Visec Sub Sahara’s chief strategist, told MyBroadband that Philex was meant to send through specifications for what it was going to develop, which Visec would then sign off on. Only then could Philex invoice for the work.
Berry has a background in the IT and telecommunications industry. He founded CiTEC, an Internet service provider that was sold to MTN and Johnnic Communications in 2001 for R25 million. The entity became MTN Business after MTN bought out Johnnic in 2005 and acquired Verizon Business South Africa in 2009.
According to Berry, Philex didn’t follow the agreed-upon procedure before performing work on the Visec Cloud, which led to conflict between them and Bordbar.
Philex also never sent Visec SA any invoices, Berry said.
The first invoice they received was via Philex’s laywer in South Africa on 6 March 2019 for over R2.9 million. It was stamped “Past Due”, and indicated that Visec SA had not paid Philex its full development fees since August 2018.
This invoice and its accompanying lawyer’s letter was received just after Philex had transferred the Visec Cloud servers from Hetzner to RSAWeb.
E-mails in the court record show that there was an earlier dispute over systems access between Visec and Philex. In November 2018, Muller said that Bordbar had changed the domain registration details and password for visec.com at Hetzner.
This effectively locked Muller and Berry out of administering the visec.com domain. Muller also stated that Berry was locked out of administering the e-mail addresses of the Visec team in South Africa that were on the visec.com domain.
Muller requested that their access be reinstated and the domain registration details amended. Visec SA would then also provide Philex with access to the visec.cloud domain.
Philex restored the domain registration details for visec.com, as requested, but Berry said that he recognised this as a sign of an attempted takeover of the Visec Cloud assets, and warned Muller of what was coming.
On 6 March 2019, Muller and Berry received an e-mail from Bordbar’s lawyers alleging that they owed Philex over R2.9 million and that they needed to pay within seven days, or lose access to the Visec Cloud.
traceroute confirmed the worst — they had already lost access. Traffic to the Visec Cloud address was no longer being routed via their servers at Hetzner, but via IP addresses registered to RSAWeb.
They also couldn’t get into the servers at Hetzner to recover the software and database, Visec SA said. They were completely locked out.
After briefly trading lawyers’ letters back and forth with Philex, Visec SA prepared its case and approached the Western Cape High Court.
On 3 April, armed with a provisional court order, they were able to take physical possession of the Visec Cloud servers.
Disaster recovery plan, or “FakeCloud”?
When Philex discovered that the servers were down, it put up a page on its website stating that “system maintenance and upgrades” were underway.
Within a day of the servers being taken offline, Philex had spun up new servers and restored the cloud platform from backups. Currently, it appears to be hosting its version of the Visec Cloud in Ukraine.
Bordbar said in an e-mail dated 8 April that they had enacted their disaster recovery plan within two hours of receiving an alert that the Visec Cloud was down.
Philex only found out that the Visec servers at RSAWeb had been handed over under court order after it had brought the cloud back online, Bordbar stated.
Bordbar went on to attack Muller and Berry in an e-mail sent to Visec clients on 9 April. Visec SA responded with an e-mail to clients that linked to the court documents, which it had published on its website.
Using the servers it had seized at RSAWeb, Visec SA was able to relaunch the Visec Cloud in South Africa on 13 May 2019 — more than a month after it first took the servers offline.
Visec SA issued a notice to clients to inform them that the South African cloud had been relaunched, and warned against using Philex’s “FakeCloud”.
It said that using the Ukraine-hosted Philex cloud within South Africa or Sub-Saharan Africa was illegal and insecure.
“We have paid special attention to our compliance with the MISS Act (Minimum Information Security Standard),” Visec SA said.
“Compliance with MISS is an onerous obligation on us and we do not take it lightly. Due to the sensitivity of the data in Visec Cloud, infringement of such obligations could be a serious offence.”
Among the MISS requirements are ensuring that no person with access to the sensitive information stored in the Visec Cloud is outside South Africa, and that the systems are housed, managed, maintained, and supported within the borders of South Africa.
“Visec Cloud, provided by Visec Sub Sahara (Pty.) Ltd. is the only legal entity entitled to offer Visec LPR services in South Africa and the rest of Sub-Saharan Africa,” the company said.
When asked about the long period of downtime between seizing the servers at RSAWeb, and relaunching the Visec Cloud in South Africa, Berry explained that they had to ensure the system was safe.
“I personally cloned the hard drives of the servers to ensure we never corrupted the originals,” Berry said.
From there they had to go over the system to make sure there weren’t any traps that might erase or corrupt the data if unauthorised entry was detected.
Berry said that they also hired information security professionals to go over the server code and close any security holes they might find.
Only after they had made completely sure that it was safe to bring the servers back online did they do it, he said.
Switching clients back to the Visec Cloud in South Africa
As part of the comment provided to MyBroadband’s questions, Global Technology Asset Partners alleged that people portraying themselves as Visec representatives “hacked or manipulated” client-owned control room servers and cameras.
“Their DNS server hijacks the true identity of visecintl.com to take users to their fraudulent IP: 18.104.22.168, which redirects to the stolen copy of Visec (https://admin.comehome1.visec.cloud/).”
Berry told MyBroadband that Visec SA looked at various options to try and get clients back onto the Visec Cloud in South Africa.
Cameras using Visec were configured to point to a domain which was under Philex’s control (visecintl.com), and there was no way for Visec SA to remotely change that setting on the cameras of its clients. It would have to go to each client and reconfigure each of their cameras.
Then Berry remembered something. The cameras may be connecting to Philex’s domain, but they were also all configured to point to a DNS server which was still under Visec SA’s control.
DNS—the Domain Name System—is what translates URLs like visecintl.com into the Internet Protocol (IP) addresses that computers use to communicate over the Internet.
With control over the camera DNS server, Visec SA was essentially able to reroute traffic going to Philex’s LPR cloud service in Ukraine to the Visec Cloud in South Africa.
Alex Bordbar: request for comment
MyBroadband asked Alex Bordbar for comment on this story, and he provided the following statement:
“While I am not involved in the business there anymore, we will respond in due course with facts. Note a material breach was relayed to VSS [Visec Sub Sahara] in March 2019. Because of this material breach all agreements were canceled 18 April 2019.”
Bordbar did not give further comment, but MyBroadband was subsequently contacted by someone claiming to be Bob Lambert, “officer/director” of Global Technology Asset Partners, which allegedly acquired all rights to Visec.
During our interview with Chris Muller and Jason Berry, Muller informed MyBroadband that he had brought a criminal charge of theft against Alex Bordbar and Philex Enterprises.
MyBroadband sent follow-up questions to Bordbar regarding the criminal charges and the acquisition of Visec by Global Technology Asset Partners. Bordbar did not respond.
Our investigation also revealed that Global Technology Asset Partners was merely incorporated by a Bob Lambert in the US state of Wyoming on behalf of a client.
The business record for Global Technology Asset Partners at the Wyoming Secretary of State’s office had a California phone number listed for Bob Lambert.
MyBroadband called Lambert’s office and was informed that indeed, they merely act as incorporators for companies. Lambert was not involved in the running of Global Technology Asset Partners at all.
Whoever was communicating with MyBroadband as Bob Lambert, claiming to be the “officer/director” of Global Technology Asset Partners, was therefore likely hiding behind a false identity.
Following this discovery, MyBroadband asked Alex Bordbar whether he had been pretending to be Bob Lambert in emails to us. Bordbar did not respond.
The Wyoming incorporation documents queried for Global Technology Asset Partners are embedded as a PDF at the end of the article.
Global Technology Asset Partners: founded on 12 April 2019
The full response MyBroadband received from Bob Lambert of Global Technology Asset Partners is embedded at the end of the article.
Of particular interest was an allegation from Lambert that the Sale of Share agreement between Philex and Gary Scagell had been cancelled due to non-payment.
According to Lambert, the cancellation letter was delivered by the Sheriff of the Court on 6 March 2019 to Scagell’s last known address.
As mentioned earlier, the agreement between Philex and Scagell is publicly available in the court documents disclosed by Visec SA. Scagell was to pay Philex R25 for its 25% of the shares in Visec Sub Sahara.
However, Scagell denies Lambert’s allegations and says that payment was made in full.
“Alex has never questioned the validity of this transaction before,” Scagell told MyBroadband. He also said that he is not aware of any notice delivered by the Sheriff of the Court.
“Perhaps Alex can forward to you proof of delivery thereof,” Scagell said.
“I am signatory to the conclusion of the sale of shares to me, and then on-sale to Chris’s company. I do not support Alex Bordbar’s attempts to nullify a binding contract which the parties willingly entered into.”
Another curiosity is the fact that Global Technology Asset Partners is a company that was incorporated in Wyoming on 12 April 2019.
Following Lambert’s initial responses, and the interviews with Berry, Muller, and Scagell, MyBroadband sent follow-up questions to Lambert, which included a request to share a copy of the notice of cancellation of the sale of share agreement.
The person claiming to be Lambert confirmed receipt of the questions and promised further feedback. No further comment was received.