Northwest Arkansas Democrat-Gazette
U.S. charges four in Yahoo hacking
WASHINGTON — Two Russian intelligence agents and a pair of hired hackers have been charged in a devastating criminal breach at Yahoo that affected at least a half-billion user accounts, the Justice Department said Wednesday in bringing the first case of its kind against current Russian government officials.
In a scheme that prosecutors say blended intelligence gathering with old-fashioned financial greed, the four men targeted the email accounts of Russian and U.S. government officials, Russian journalists and employees of financial services and other private businesses, U.S. officials said.
Using in some cases a technique known as “spear-phishing” to dupe Yahoo users into thinking they were receiving legitimate emails, the hackers broke into at least 500 million accounts in search of personal information and financial data such as gift-card and credit-card numbers, prosecutors said.
“We will not allow individuals, groups, nation states or a combination of them to compromise the privacy of our citizens, the economic interests of our companies or the security of our country,” said Acting Assistant Attorney General Mary McCord, the head of the Justice Department’s National Security Division.
One of the defendants, a Canadian and Kazakh national named Karim Baratov, has been taken into custody in Canada. Another, Alexsey Belan, is on the list of the FBI’s most wanted cybercriminals and has been indicted multiple times in the U.S. It’s not clear whether he or the other two defendants, Dmitry Dokuchaev and Igor Sushchin, will ever step foot in an American courtroom, since there’s no extradition treaty with Russia.
“I hope they will respect our criminal justice system,” McCord said.
The indictment identifies Dokuchaev and Sushchin as officers of the Russian Federal Security Service. Belan and Baratov were paid hackers who were directed by the service to break into the accounts, prosecutors said.
Yahoo didn’t disclose the breach until last September when it began notifying hundreds of millions of users that their email addresses, birth dates, answers to security questions and other personal information may have been stolen. Three months later, Yahoo revealed it had uncovered a separate hack in 2013 affecting about 1 billion accounts, including some that were also hit in 2014.
U.S. officials said it was especially galling that the scheme involved officers from a Russian counterespionage service that theoretically should be working collaboratively with its FBI counterparts.
“Rather than do that type of work, they actually turned against that type of work,” McCord said.
Paul Abbate, an FBI executive assistant director, said the bureau had had only “limited cooperation with that element of the Russian government in the past,” noting that prior U.S. demands to turn over Belan had been ignored.
Though the Justice Department has previously charged Russian hackers with cybercrime — as well as hackers sponsored by the Chinese and Iranian governments — this is the first criminal case to implicate the Russian government so directly in cybercrime and to name as defendants sitting members of the Federal Security Service for hacking charges.
The indictment, which includes charges of economic espionage, trade secret theft and unauthorized access to protected computers, arises from a compromise of Yahoo user accounts that began at least as early as 2014.
The Justice Department’s assertion that the Federal Security Service was directing the hacking likely provides significant political and legal cover for Yahoo, which saw its multibillion-dollar deal with Verizon teeter after it was forced to warn consumers that their private information might have been exposed.
In a statement, Chris Madsen, Yahoo’s assistant general counsel and head of global security, thanked law enforcement agencies for their work.
“We’re committed to keeping our users and our platforms secure and will continue to engage with law enforcement to combat cybercrime,” he said.