Russians charged in Yahoo hacks
Two intel officers among four suspects who face 47 criminal counts
Four people, including two Russian intelligence officers, have been charged in a Yahoo hacking attack that compromised the personal information of hundreds of millions of consumers, the Justice Department said Wednesday.
Federal prosecutors alleged the suspects hacked into Yahoo systems to “steal information from about 500 million accounts and then used some of that stolen information to obtain unauthorized access to the contents of accounts at Yahoo, Google and other webmail providers.”
The four men face 47 criminal charges including computer fraud and economic espionage. This marks the first time the U. S. government has issued criminal charges against Russian officials for cyberattacks.
“The indictment unequivocally shows the attacks on Yahoo were state- sponsored,” Chris Madsen, Yahoo’s assistant general counsel and head of global law enforcement, said in a statement.
Yahoo said when it revealed the security breach in September that it believed the attack was state- sponsored. It disclosed a second security breach in December that was larger than the first, affecting approximately 1 billion Yahoo accounts. That breach has not been connected to the first.
The two officers of Russia’s Federal Security Service, known as the FSB, Dmitry Dokuchaev and Igor Sushchin, allegedly paid hackers to break into Yahoo’s systems as part of an intelligence collection operation and for- profit scheme to “line the pockets” of all involved, federal prosecutors alleged.
“The defendants targeted Yahoo accounts of Russian and U. S. government officials, including cyber security, diplo- matic and military personnel,’’ Assistant Attorney General Mary McCord said at a Justice Department briefing in Washington. “They also targeted Russian journalists ... employees of financial services and other commercial entities.”
McCord said the FSB agents worked with hackers Alexsey Belan and Karim Baratov to breach the computers of American companies that provide email and Internet- related services and to “steal information, including information about individual users and the private contents of their accounts.”
Belan, indicted twice before in the U. S. for hacking into e- commerce sites as part of intrusions that victimized millions, has been listed as one of the FBI’s most- wanted cyber criminals for three years.
“Belan’s notorious criminal conduct and a pending Interpol Red Notice ( a global arrest warrant) did not stop the FSB officers who, instead of detaining him, used him to break into Yahoo networks,’’ McCord said.
The four suspects are charged with computer hacking, economic espionage and other criminal offenses. All but one, Karim Beratov, remain at large. Beratov was arrested Tuesday in Canada by Toronto police, and authorities are expected to seek his extradition to the U. S. There is no extradition agreement between the U. S. and Russia, making the U. S. prosecution of at least the two FSB officers extremely doubtful.
U. S. officials described the collaboration of the Russian government officials with criminal hackers as an increasingly alarming criminal model aimed at compromising individual privacy, economic and security interests.
Most troubling, McCord said, was that the two Russian FSB officials worked for the Russian intelligence unit known as the Center for Information Security or “Center 18,” which is the primary point of contact for the FBI in Moscow.
FBI Executive Assistant Director Paul Abbate said Wednesday that the involvement of Russian officials from Center 18 now represents “a great test” of future U. S.- Russian law enforcement cooperation.
McCord said investigators had observed no connection between the Yahoo hacks and Russia’s intrusion into the U. S. political system, including the Democratic National Committee.
Absent the prosecution of the Russian officials, McCord said all other punitive options were being considered, including government sanctions.
“We definitely will engage in those discussions,” McCord said.
The indictment largely was symbolic but still significant because, in part, it underscored “the very cozy relationship between Russian state security apparatus and for- hire Russian hackers,” Robert Cattanach, of law firm Dorsey & Whitney, said.
Yahoo, which is selling its core Internet business to Verizon, has paid a heavy cost for the security breaches. Verizon negotiated a price discount, trimming $ 350 million from the acquisition of Yahoo for a total of $ 4.48 billion. And the two companies will share some legal and regulatory liabilities arising from the breaches. The acquisition is expected to close in the second quarter.
Yahoo CEO Marissa Mayer agreed to forgo any annual equity award she might get for 2017 because of the breach her company suffered in 2014. The Yahoo board also voted to withhold her 2016 annual bonus for the same reason. Under her contract, her equity award is not to be less than $ 12 million per year. In December, the Securities and Exchange Commission opened a formal probe into the company’s handling of the attacks, investigating whether Yahoo should have notified investors sooner about both security breaches.
Mayer tweeted her appreciation to federal law enforcement authorities on Wednesday.
“Very grateful to the FBI & DOJ for bringing to justice the Russian officials & hackers who led the attack on Yahoo.”
“( Hacker Alexsey) Belan’s criminal conduct ... did not stop the FSB officers who used him to break into Yahoo networks.” Mary McCord, acting assistant attorney general