Yahoo case shines light on Russian hacking
The U.S. government accused Russia of directing some of the world’s most notorious hackers to break into computer systems, namely 500 million accounts at Yahoo! Inc., in a broad scheme that paired cybercrime with intelligence gathering.
The broadside against the Russian government appeared in an indictment unsealed Wednesday in San Francisco federal court alleging a widespread conspiracy by two Russian FSB security agents and a pair of criminal hackers.
Only one was arrested — Canadian Karim Baratov.
Although FBI agents have long suspected the Russians have used cyber mercenaries to do their work, this case is among the first in which evidence is offered to show that.
The U.S. government has little chance of getting the other three extradited from Russia — including one who is on the list of the world’s most-wanted cyber criminals — but was sending a clear message to Moscow that heightened cyberactivity wouldn’t be tolerated.
“We have reason to believe, based on our evidence, they were acting in their capacity as FSB officials,” said Mary McCord, acting assistant attorney general for the Department of Justice’s national security division.
Prosecutors accused the four of conspiracy, economic espionage, wire fraud and theft of trade secrets connected to a 2014 breach of Yahoo.
The indictment appears to pull back the curtain on the use of criminal hackers by Russia’s spy agencies to attack key U.S. targets, including the largest purveyors of web-based email, Google and Yahoo. Russian intelligence agents are able to recruit some of the country’s best hackers by threatening them with charges if they don’t cooperate, according to the U.S. indictment.
The agents for the FSB — the main successor to the Soviet KGB that is known formally as the Federal Security Service — sheltered the accused hackers from prosecution and gave them sensitive information that helped them evade international law enforcement, it said.
The hackers gained unfettered access to operate inside Yahoo’s network.
While the Yahoo intrusion was the central cog of the operation, the indictments describe a broader intelligence-gathering effort that often went after Russian citizens, including the country’s key politicians.
In one mission, the hackers were instructed to compromise Google accounts belonging to an assistant to the deputy chairman of the Russian Federation, an officer of the Russian Ministry of Internal Affairs and a training expert for Russia’s Sports Ministry, the indictment says. Other Russian targets included journalists and politicians critical of the government, a board member and senior officer of a Russian financial firm and a senior officer of a Russian email provider.