When Your Router Goes to War: The Ubiquiti Scandal and What It Means for Tech Accountability

A major American tech company’s equipment is all over the Russian front lines in Ukraine. The evidence is damning. The silence is deafening.

DEAR READER: Please consider a basic support membership at $5 per month. As a journalist in Ukraine, I work every day (even during blackouts and drone attacks) to examine our world situation from where the fulcrum of the world’s hell pivots, and your help is vital. Today is my 1387th day in this war, and Independent Journalism is not cheap to do, and I will keep making the posts available for all readers (even during nearly 24 hr daily blackouts), but good patrons are needed and I thank you for your time. - Chris Sampson, Kyiv, January 27, 2026

When Hunterbrook Media dropped their investigation showing that Ubiquiti Networks—a $14 billion American company—has been flooding Russia with military-useful networking equipment throughout the invasion, I felt that familiar combination of rage and resignation that comes with covering this conflict from Kyiv.

Because here’s the thing: this isn’t complicated. This is a San Jose-based company whose wireless radios are being used by Russian artillery units to coordinate strikes on Ukrainian cities. The evidence isn’t circumstantial—it’s photographed, geolocated, and posted by Russian soldiers themselves on Telegram.

And yet, as of today, there’s been no enforcement action. No investigation announcement. No accountability.

Let me walk you through what we’re actually looking at here, what it means legally, and what happens next—if anything happens at all

.

What Actually Happened

Ubiquiti makes wireless networking equipment—basically, long-range WiFi systems. The kind of gear that connects remote locations, operates in harsh conditions, and doesn’t require complicated infrastructure. Perfect for rural internet service providers. Also perfect for military communications in a war zone.

According to Hunterbrook’s investigation:

The Evidence:

• Russian customs data shows a 66% surge in Ubiquiti imports after the February 2022 invasion—$4.8 million worth through 2023

• At least nine Russian military units using Ubiquiti gear in Ukraine via open-source intelligence

• Russian soldiers posting installation guides and “thank you” messages on Telegram

• Equipment photographed in use by the 29th Combined Arms Army, 810th Naval Infantry Brigade, 42nd Motor Rifle Division, and others

The Smoking Gun: Hunterbrook conducted undercover purchases. Nearly a dozen distributors—including U.S.-based companies—agreed to sell equipment after being explicitly told it was for Russian military use. One distributor allegedly shared “thank you letters” from Russian Defense Ministry units. Another offered to route shipments through Turkey to obscure the Russian destination.

This isn’t grey area. This isn’t “our products got diverted without our knowledge.” This is distributors actively facilitating sales to the Russian military after explicit disclosure, while the manufacturer appears to have done nothing to stop it.

Why This Is Legally Catastrophic

I’m not a lawyer, but I’ve spent enough time covering sanctions evasion and export controls to know when someone is in deep trouble. And Ubiquiti? They’re potentially facing the kind of enforcement action that ends with eight-figure penalties and criminal referrals.

Here’s what’s implicated:

Export Administration Regulations (BIS)

After February 24, 2022, the Commerce Department implemented comprehensive export controls on Russia. Wireless networking equipment like Ubiquiti’s products became controlled items requiring licenses—which are denied for military end-users. Each unauthorized shipment is a separate violation. If we’re talking about hundreds of shipments over two years, we’re talking about hundreds of violations.

Base penalty: $330,000 per violation.

Do the math.

Military End-Use Rule

Even if individual products weren’t controlled, there’s a specific prohibition on exports to Russian military end-users. The OSINT evidence—Russian soldiers literally posting photos of Ubiquiti equipment on Telegram—proves military end-use. That’s separate violations on top of the unauthorized exports.

Knowledge Standard (”Red Flags”)

Here’s where it gets criminal. U.S. export law doesn’t require proof that Ubiquiti executives personally knew equipment was going to Russian forces. It requires proof that they should have known—that there were “red flags” they ignored.

What are red flags? Let’s see:

• ✓ Distributors agreeing to sell after disclosure of military end-use

• ✓ Offers to route through third countries to hide Russian destination

• ✓ 66% surge in shipments to Russia during comprehensive sanctions

• ✓ Open-source documentation of military use that anyone could Google

That’s not “we didn’t know.” That’s willful blindness—which the law treats as knowledge.

The Iran Problem

Oh, and Ubiquiti already settled with Treasury in 2014 for Iran sanctions violations. The settlement specifically cited “lack of compliance program,” “reckless disregard,” and use of “indirect routing to obscure sanctioned destinations.”

Sound familiar?

If you violate sanctions, pay a penalty, sign a settlement promising to fix your compliance program, and then do the exact same thing ten years later in an even worse context (active war zone, military end-use, NATO adversary), you’re not a first-time offender anymore. You’re a recidivist. And regulators hate recidivists.

What We’re Really Looking At

If enforcement agencies substantiate these allegations, here’s the potential exposure:

Conservative violation count: 124–620 apparent violations
Civil penalty range: $30–60 million
Criminal referral risk: Moderate to high

For context, the 2014 Iran case involved 13 violations and a $504,000 settlement. This is potentially 60 to 120 times worse in terms of violation count, with massively greater national security implications.

The Iran case was about commercial products reaching Iran through distributors. This is about American networking equipment being used by Russian artillery units to kill people in a war against a U.S.-supported democracy.

The aggravating factors are off the charts:

• Active theater of war

• Direct military end-use with photographic evidence

• Explicit distributor knowledge (undercover recordings)

• Post-settlement repeat violations

• Systematic compliance failures

And here’s the thing about criminal referrals: they don’t require proof that the CEO personally approved sales to Russian forces. They require proof that the company acted with “willful blindness” or “reckless disregard”—which means ignoring obvious red flags.

Distributors offering to route through Turkey after disclosure of military destination? That’s conspiracy to evade export controls. And if Ubiquiti’s compliance program was so weak that they didn’t catch a 66% surge in Russia shipments during the most comprehensive sanctions regime in modern history? That’s reckless disregard.

Why This Matters Beyond Ubiquiti

Russia sustains its war effort through sanctions evasion networks, shell companies, and grey-market procurement. But Western technology in Russian military hands represents a specific kind of betrayal.

Because here’s what those Ubiquiti radios are doing: they’re connecting forward observation posts to artillery batteries. They’re linking drone operators to command centers. They’re enabling the coordination of strikes on Ukrainian cities, hospitals, and schools.

Every piece of Western equipment that reaches Russian forces makes the war harder for Ukraine to win. And when it’s happening through U.S. companies—companies that already knew they had sanctions compliance problems—it’s not just a violation of law. It’s a moral failure.

The broader issue is distributor network accountability. Tech companies love to hide behind independent distributors when things go wrong. “We can’t control what our resellers do.” But export law explicitly rejects that defense. You’re responsible for your distribution chain. You’re required to implement controls, conduct audits, and terminate distributors who violate sanctions.

If your distributors are selling to Russian military buyers after explicit disclosure, and you’re not catching it? Your compliance program is worthless. And if you’re not even looking—if you’re not monitoring OSINT, not analyzing shipment patterns, not auditing high-risk distributors—then you’re not meeting the “reasonable care” standard that export law requires.

What Should Happen

Immediate:

1. Formal BIS/OFAC Investigation
Commerce Department’s Bureau of Industry and Security and Treasury’s Office of Foreign Assets Control should open formal investigations. Subpoena corporate records, distributor communications, and compliance program documentation.

2. Congressional Oversight
Senate Banking Committee (which oversees Treasury/sanctions) and House Foreign Affairs should demand briefings. This is exactly the kind of case that warrants oversight hearings.

3. Distributor Prosecutions
The U.S.-based distributors who agreed to sell to Russian military buyers in undercover operations should face criminal charges. This isn’t negligence—this is active facilitation.

Long-term:

4. Industry-Wide Compliance Standards
Commerce and Treasury should issue guidance requiring OSINT monitoring for technology companies operating in conflict zones. If your products are showing up in Russian military Telegram channels, you’re required to investigate and self-disclose.

5. Mandatory Distributor Audits
High-risk distributors (those in transshipment hubs like Turkey, UAE, Central Asia) should face annual third-party compliance audits as a condition of continued authorization.

6. Beneficial Ownership Transparency
Require ultimate beneficial owner disclosure for all distributors in sanctions-adjacent jurisdictions. No more shell companies and nominee directors obscuring who actually controls distribution networks.

What Will Probably Happen

Here’s the depressing part: maybe nothing.

Sanctions enforcement has always been under-resourced and slow. BIS and OFAC have small staffs relative to their mandates. Investigations take years. By the time settlement agreements are reached, the news cycle has moved on and no one’s paying attention.

And there’s a dark possibility that in the current political climate, Russia sanctions enforcement becomes deprioritized. If the next administration decides Ukraine isn’t worth supporting, why would they pursue companies supplying Russia’s military?

I hope I’m wrong. I hope the evidence is so damning that enforcement is unavoidable. But I’ve covered enough of these stories to know that corporate accountability is the exception, not the rule.

What You Can Do

If you’re a journalist: FOI request BIS and OFAC for any investigation records. Ask Ubiquiti direct questions about compliance program improvements since 2014. Interview the distributors named in the report.

If you’re in Congress: Demand answers. Write to BIS and OFAC asking whether investigations are underway. Hold hearings. Make noise.

If you’re a tech industry compliance officer: Learn from this. If your products have military utility and you’re operating in conflict-adjacent markets, you need OSINT monitoring, distributor audits, and transaction pattern analysis. “We didn’t know” won’t save you.

If you’re an investor: Ask hard questions about sanctions compliance in your portfolio companies. Request audit results. Demand transparency about distributor oversight.

If you’re a Ukrainian reading this: I’m sorry. I’m sorry that three years into this war, American companies are still supplying your enemies. I’m sorry that the people profiting from this war include executives in Silicon Valley, not just arms dealers in Moscow.

Where We Go From Here

The reason this work matters—the reason any of us stay in difficult places doing difficult work—is because accountability matters. Evidence matters. The slow, grinding work of investigation and documentation matters.

Hunterbrook Media just did that work. They’ve handed enforcement agencies a case on a silver platter—corporate records, undercover recordings, OSINT documentation, financial flows, the whole package.

Now we find out if any of it matters.

If BIS and OFAC ignore this, if Ubiquiti faces no consequences, if distributors who explicitly agreed to arm Russian forces walk free, then we’ll know something important: that sanctions are performative, that corporate accountability is optional, and that American law stops mattering when it becomes inconvenient for American companies.

But if enforcement agencies do their jobs—if they investigate, charge violations, impose penalties that actually hurt, and send the message that arming adversaries in active war zones will destroy your company—then maybe we get a deterrent effect. Maybe the next tech company thinks twice before letting its distribution network become a pipeline to Russia’s military.

I’m not optimistic. But I’m watching.

And I’m not going anywhere.

---

Chris Sampson
Kyiv, Ukraine
January 27, 2026

---

Resources:

• Full Hunterbrook Media Investigation

• Bureau of Industry & Security: Report Export Violations

• OFAC: Report Sanctions Violations

• Congressional Contacts: Senate Banking Committee, House Foreign Affairs Committee

If you work in tech compliance, defense industry, or investigative journalism and want to discuss this case, reach out. I’m aggregating additional documentation and would welcome collaboration on further investigation.

Comments

[Dennis Fetters]

It appears that enforcement of the sanctions violations is non-existent.