DOJ: 2 Russian spies indicted in Yahoo hack
WASHINGTON (CNN) — The Department of Justice announced Wednesday that four people — including two officers of the Russian Federal Security Service (FSB) — have been indicted in connection to a massive hack of Yahoo information.
The hack, which the DOJ said was initiated in January 2014, affected at least 500 million Yahoo accounts. Some of the stolen information was used to “obtain unauthorized access to the contents of accounts at Yahoo, Google and other webmail providers, including accounts of Russian journalists, US and Russian government officials and private-sector employees of financial, transportation and other companies,” the DOJ said in a statement.
Hackers stole data that included names, email addresses and passwords — but not financial information, according to Yahoo’s announcement regarding the breaches.
The officers of the FSB — Russia’s successor to the Soviet Union’s KGB — were identified as Igor Anatolyevich Sushchin, 43, and Dmitry Aleksandrovich Dokuchaev, 33. The two allegedly conspired with Russian national Alexsey Alexseyevich Belan, aka “Magg,” 29, and Karim Baratov, aka “Kay,” “Karim Taloverov” and “Karim Akehmet Tokbergenov,” 22, who is a resident of Canada.
Dokuchaev was arrested in a Russian sweep in December and accused of spying for the US, a lawyer for one of the men charged with Dokuchaev said. A Justice Department official said the agency has not confirmed it is the same person and declined further comment to CNN.
Baratov was arrested Tuesday morning “without incident” in Ancaster, Ontario, Toronto police spokesman Mark Pugash told CNN.
“The criminal conduct at issue — carried out and otherwise facilitated by officers from an FSB unit that serves as the FBI’s point of contact in Moscow on cybercrime matters — is beyond the pale,” acting Assistant Attorney General Mary McCord said at a news conference in Washington.
Yahoo CEO Marissa Mayer publicly thanked US authorities Wednesday, saying she was “very grateful” to the FBI and DOJ.
The San Francisco FBI office has scheduled a news conference for later Wednesday afternoon on undisclosed topics.
Yahoo has been breached at least twice, and the company previously said a September 2014 breach was state-sponsored but declined to identify who it believed was responsible.
Strained US-Russia relations
The announcement of another cyberintrusion by Russian hackers comes at a time of delicate relations between the US and Russia.
The Yahoo hack is the latest cyberattack that US authorities have blamed on Russia, a nation with which President Donald Trump’s new administration has sought to foster warmer relations.
Previous attacks US authorities have said Russian hackers perpetrated exposed the emails of Hillary Clinton’s campaign chairman, John Podesta, and the internal workings of the Democratic National Committee.
Russia’s cybercrime underground has long been seen as more focused on financial crime than economic espionage, and Wednesday’s indictment followed a series of indictments of Russian cybercriminals as the US has sought to diminish the thriving cybercrime organization in Russia.
But the indictment is the first to link that cybercrime operation to the government’s intelligence apparatus — a link that has long been alleged by cyberexperts but not explicitly accused by the federal government.
The DOJ’s national security division has long said that regular government-to-government espionage was not criminal but economic espionage crossed a line, though it maintained that governments have a right to try to block traditional spying.
Wednesday’s indictment seemed to go further to link government espionage with cybercrime more broadly.
Russia has also declined to extradite or cooperate in the arrest of cybercriminals indicted in the US, though the DOJ has been able to apprehend many of them as they vacationed around the world.
The Department of Justice has once before brought a detailed indictment against state-sponsored hackers — against alleged Chinese military hackers in 2014.
That indictment focused on economic espionage allegedly directed by China — the theft of corporate secrets. The US has long called on China to cease its sponsoring of economic espionage against American companies.
The Chinese military hackers have remained at large, and the DOJ has said it does not expect to be able to arrest those individuals unless Beijing chooses to give them up or they travel abroad. The indictments were part of a broader name-and-shame effort to signal that the US is aware of the cyber activity and willing to call it out.