U.S. charges Russian spies, criminal hackers in Yahoo intrusion
The Justice Department announced Wednesday the indictments of two operatives of the Russian intelligence agency FSB and two criminal hackers hired by Russians in connection with the heist of 500 million Yahoo user accounts in 2014, marking the first U.S. criminal cyber charges ever against Russian government officials, according to The Washington Post.
The charges include hacking, wire fraud, trade secret theft and economic espionage, according to officials. The indictments are part of the largest hacking case brought by the United States, WP reports.
The charges are unrelated to the hacking of the Democratic National Committee and the FBI’s investigation of Russian interference in the 2016 presidential campaign. But the move reflects the U.S. government’s increasing desire to hold foreign governments accountable for malicious acts in cyberspace.
The United States does not have an extradition treaty with Russia, but officials have said that taking steps such as charges and imposing sanctions can be a deterrent. People also sometimes slip up and travel to a country that is able and willing to transfer them to the United States for prosecution.
Yahoo reported the 2014 hack last fall — in what was then considered the largest data breach in history. The company later disclosed another intrusion affecting more than 1 billion user accounts in 2013, far surpassing the 2014 event. Officials have not determined whether there is a link between the two.
Russian intel officer, cybersecurity investigator arrested for possible treasonIn the 2014 hack, the FSB — Russia’s Federal Security Service, and a successor to the KGB — allegedly sought the information for intelligence purposes, targeting journalists, dissidents and U.S. government officials, but allowed the criminal hackers to use the email cache for the officials’ and the hackers’ financial gain, through spamming and other operations.
Although FBI agents have long suspected that the Russians have used cyber mercenaries to do their work, this case is among the first in which evidence is offered to show that.
The indicted FSB officers are Dmitry Dokuchaev and Igor Sushchin, his superior. Particularly galling to U.S. officials is that the men worked for the cyber investigative arm of the FSB — a rough equivalent of the FBI’s Cyber Division. That the agency that is supposed to investigate computer intrusions in Russia is itself engaged in hacking is “pretty sad,” one official said.
Ukraine charges Russia with new cyber attacks on infrastructureDokuchaev, whose hacker alias was “Forb,” was arrested in December in Moscow, according to the news agency Interfax, on charges of state treason for passing information to the CIA. He had reportedly agreed to work for the FSB to avoid prosecution for bank card fraud.
Another man indicted in the case is Alexsey Belan, who is on the list of most-wanted cyber criminals and has been charged twice before, in connection with intrusions into three major tech firms in Nevada and California in 2012 and 2013. He was in custody in Greece for a time but made his way back to Russia, where he is being protected by authorities, officials said.
The other hacker-for-hire is Karim Baratov, who was born in Kazakhstan but has Canadian citizenship. He was arrested in Canada on Tuesday.