The News

U.S. Charges Russian Spies, Hackers in Massive Yahoo Hack

FILE PHOTO - A Yahoo logo is pictured in front of a building in Rolle, Switzerland on December 12, 2012. REUTERS/Denis Balibouse/File Photo

WASHINGTON –The United States on Wednesday charged two Russian intelligence agents and two criminal hackers with masterminding the 2014 theft of 500 million Yahoo accounts, marking the first time the U.S. government has criminally charged Russian spies for cyber offenses.

The charges came amid a swirl of controversies relating to alleged Kremlin-backed hacking of the 2016 U.S. presidential election and possible links between Russian figures and associates of U.S. President Donald Trump, and uncertainty about whether Trump is willing to respond forcefully to aggression from Moscow in cyberspace and elsewhere.

The 47-count Justice Department indictment includes charges of conspiracy, computer fraud and abuse, economic espionage, theft of trade secrets, wire fraud, access device fraud and aggravated identify theft. It paints a picture of the Russian security services working hand-in-hand with cyber criminals, who helped spies further their intelligence goals in exchange for using the same exploits to make money.

Acting AAG for National Security Mary McCord smiles in front of a poster of a suspected Russian hacker during FBI National Security Division and the U.S. Attorney’s Office for the Northern District of California joint news conference at the Justice Department in Washington, U.S., March 15, 2017. Photo: Reuters/Yuri Gripas

“The criminal conduct at issue, carried out and otherwise facilitated by officers from an FSB unit that serves as the FBI’s point of contact in Moscow on cyber crime matters, is beyond the pale,” Acting Assistant Attorney General Mary McCord said at a press conference announcing the charges.

Russia’s Federal Security Service (FSB) is the successor to the KGB.

Yahoo said when it announced the then-unprecedented breach last September that it believed the attack was state-sponsored, and on Wednesday the company said the indictment “unequivocally shows” that to be the case.

The charges announced Wednesday are not related to the hacking of Democratic Party emails during the 2016 U.S. presidential election. U.S. intelligence agencies have said they were carried out by Russian spy services, including the FSB, to help the campaign of Republican candidate Donald Trump.

The indictment named the FSB officers involved as Dmitry Dokuchaev and his superior, Igor Sushchin, who are both in Russia.

A poster of suspected Russian hacker is seen before FBI National Security Division and the U.S. Attorney’s Office for the Northern District of California joint news conference at the Justice Department in Washington, U.S., March 15, 2017. Photo: Reuters/Yuri Gripas

Dokuchaev was arrested for treason in December, according to the Russian news agency Interfax.

Reuters sent a request for comment to the FSB in Moscow on Wednesday evening but there was no immediate response.

The alleged criminals involved in the scheme include Alexsey Belan, who is among the FBI’s most-wanted cyber criminals and was arrested in Europe in June 2013 but escaped to Russia before he could be extradited to the United States, according to the Justice Department.

Karim Baratov, who was born in Kazakhstan but has Canadian citizenship, was also named in the indictment.

The Justice Department said Baratov was arrested in Canada on Tuesday. Mark Pugash of Toronto police later confirmed the Tuesday arrest.

McCord said the hacking campaign was waged by the FSB to collect intelligence but that the two hackers used the collected information as an opportunity to “line their pockets.”

The United States does not have an extradition treaty with Russia, but McCord said she was hopeful Russian authorities would cooperate in bringing criminals to justice. The United States often charges cyber criminals with the intent of deterring future state-sponsored activity.

Washington has not contacted Moscow over the charges, Russian news agencies reported on Wednesday, citing a “highly placed” source in Moscow.

The administration of former President Barack Obama brought similar charges against Chinese and Iranian hackers who have not been extradited.

In a statement, White House spokesman Michael Anton said the charges “are part of a broad effort across the government to defend the United States against cyber attacks and cyber-related crimes.”

 

DUSTIN VOLZ