recommended reading

2 Russian Spies Charged in Yahoo Breach of 500M Accounts

Gil C/Shutterstock.com

Two members of the Russian intelligence unit that works with the FBI on cyber crime lead a conspiracy to use Yahoo’s email network to target dissidents and government officials, according to the Justice Department.

Russian Federal Security Service officers Dmitry Aleksandrovich Dokuchaev, 33, and Igor Anatolyevich Sushchin, 43, allegedly directed and paid Alexsey Alexseyevich Belan, 29, and Karim Baratov, 22, to access at least 500 million Yahoo accounts and steal the code to create “cookies” to authenticate accounts, according to the Justice release.

They used that information to get access to accounts that belonged to Russian journalists, U.S. and Russian government officials, a Russian cybersecurity firm’s employees, and other private-sector employees, including a bitcoin wallet and a U.S. airline.

» Get the best federal technology news and ideas delivered right to your inbox. Sign up here.

The four men collectively face 47 criminal charges of computer hacking, economic espionage, trade secrets theft, aggravated identity theft and other criminal offenses in Northern California.

“The FSB unit that the defendants worked for, the Center for Information Security, also known as Center 18, is also the FBI’s point of contact in Moscow for cyber crime matters," said Acting Assistant Attorney General Mary McCord at a press conference Wednesday. "The involvement and direction of FSB officers with law-enforcement responsibilities makes this conduct that more egregious. There are no free passes for foreign state-sponsored criminal behavior.”  

The case highlights the lack of cooperation between U.S. and Russia on cyber issues. One problem is that the Justice Department thinks the FSB agents were operating in their official capacity, not as rogue agents, McCord said.

Then there’s Belan. He’s been charged in the U.S. previously in 2012 and 2014, is featured on FBI’s Cyber Most Wanted List and has the dubious honor of being one of the hackers sanctioned by then-President Barack Obama in December. He fled to Russia, and although the bureau asked for his return in 2014, it received no response from Russia’s official channels, according to FBI Executive Assistant Director Paul Abbate.

During that time, the FSB agents allegedly used Belan in the Yahoo campaign and allowed him to profit from stolen gift cards and credit card numbers, a spam campaign and redirected search engine traffic. Using criminal hackers for state gains isn’t uniquely Russian behavior, but McCord said they’re seeing more and more of it. 

The U.S. and Russia do not have an extradition treaty, but Abbate says they will reach out to the Russian government.

“We expect and hope for their cooperation here,” he said. “In fact, post this announcement, we will go out with another official request, not just for Mr. Belan, but also for the other two individuals that are charged here and are residing in Russia now.”

The fourth defendant, Baratov, is a resident of Canada and was detained Tuesday, McCord said.

Officials thanked Canadian law enforcement agencies and the United Kingdom’s MI-5, as well as Yahoo and Google for their cooperation. They urged private-sector companies to reach out if they suspect they’re under cyberattack.

“It is very important for corporations around the country to know that when you are going against the resources and backing of a nation-state, it is not a fair fight and it is not a fight you are likely to win alone,” McCord said. “But you do not have to go it alone.”  

Threatwatch Alert

Stolen laptop

Wireless Heart Monitor Maker to Pay $2.5M Settlement to HHS After Laptop Stolen

See threatwatch report

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • Modernizing IT for Mission Success

    Surveying Federal and Defense Leaders on Priorities and Challenges at the Tactical Edge

    Download
  • Communicating Innovation in Federal Government

    Federal Government spending on ‘obsolete technology’ continues to increase. Supporting the twin pillars of improved digital service delivery for citizens on the one hand, and the increasingly optimized and flexible working practices for federal employees on the other, are neither easy nor inexpensive tasks. This whitepaper explores how federal agencies can leverage the value of existing agency technology assets while offering IT leaders the ability to implement the kind of employee productivity, citizen service improvements and security demanded by federal oversight.

    Download
  • Effective Ransomware Response

    This whitepaper provides an overview and understanding of ransomware and how to successfully combat it.

    Download
  • Forecasting Cloud's Future

    Conversations with Federal, State, and Local Technology Leaders on Cloud-Driven Digital Transformation

    Download
  • IT Transformation Trends: Flash Storage as a Strategic IT Asset

    MIT Technology Review: Flash Storage As a Strategic IT Asset For the first time in decades, IT leaders now consider all-flash storage as a strategic IT asset. IT has become a new operating model that enables self-service with high performance, density and resiliency. It also offers the self-service agility of the public cloud combined with the security, performance, and cost-effectiveness of a private cloud. Download this MIT Technology Review paper to learn more about how all-flash storage is transforming the data center.

    Download

When you download a report, your information may be shared with the underwriters of that document.