Yahoo cyber indictment shows Kremlin, hackers working hand-in-handWorld
Wednesday's indictments in the United States of four people in a 2014 cyber attack on Yahoo Inc provides the clearest details yet on what some US officials say is a symbiotic relationship between Moscow's security services and private Russian hackers.
The indictment charges two officers of the FSB, Russia's Federal Security Service, and two hackers who allegedly worked hand-in-hand with them to crack 500 million Yahoo user accounts.
US authorities and cyber security specialists have long said the Kremlin employs criminal hackers for its geostrategic purposes. They say the arrangement offers deniability to Moscow and freedom from legal troubles for the hackers.
A US intelligence official, speaking on condition of anonymity, said employing criminal hackers helps “complement Kremlin intentions and provide plausible deniability for the Russian state.”
The FSB in Moscow did not respond immediately to a request for comment on Wednesday evening.
The United States sometimes engages with criminal hackers as well, buying tools from them or recruiting them to help find other criminal hackers, cyber security professionals and government officials say.
Milan Patel, a former FBI cyber agent and now managing director for cyber defence at K2 Intelligence, said the intermingling of espionage and cyber crime in Russia had led the United States and its allies to be far more wary about alerting Moscow to criminal hackers.
“Magically those guys would disappear off the battlefield and most likely end up working for the Russian government,” Patel said of the names shared by Washington.
The Russian government had no official comment on the charges in the Yahoo case.
Russian news accounts stressed that one of the FSB agents, Dmitry Dokuchaev, was arrested by Russian authorities in December and charged with treason.
The indictment charges Dokuchaev with having acted as a handler for a hacker named Karim Baratov, directing him to use the Yahoo data to crack emails on other systems and paying him a bounty when he succeeded.
Baratov is in custody in Canada, according to the Toronto police, while Dokuchaev remains in Russia.
The charges coincide with mounting tensions between US intelligence agencies and Russian President Vladimir Putin's government, which they accused of hacking the 2016 US presidential election to influence the vote in favour of then-Republican candidate Donald Trump.
In addition, congressional committees are investigating possible links between Russian figures and associates of President Trump.
Senator John Warner of Virginia, the ranking Democrat on the Senate Select Committee on Intelligence, said in a statement the indictments showed “the close and mutually beneficial ties between the cyber underworld and Russia''s government and security services.”
He said the case “underscores the complexity and the urgency” of the committee's investigation of Russian interference in the US election.
James Lewis, a former State Department official and now a cyber expert at the Center for Strategic and International Studies, said there were three rules for cooperation between the Russian government and criminal hackers.
Private hackers know to avoid attacking Russian-language sites and to share their profits with authorities, he said. “Rule Number Three (is), if we ask you to do us a favour, do it.”
The Kremlin on Thursday denied any official Russian involvement in cybercrimes after the US indicted two FSB intelligence agents over cyberattacks on Yahoo that compromised 500 million accounts.
“As we have said repeatedly, there can be absolutely no question of any official involvement by any Russian agency, including the FSB, in any illegal actions in cyberspace,” Kremlin spokesman Dmitry Peskov told journalists.
The US said Dokuchaev was an officer in the FSB's Center for Information Security, known as Center 18, which is tasked with investigating hacking and is the FBI's point of contact in Moscow for cybercrimes. Dokuchaev, 33, was reported last year to have been arrested in Moscow by Russian authorities on treason charges linked to the US. He is accused of directing the Yahoo hacking along with his superior, the 43-year-old Sushchin.
The two officers “protected, directed, facilitated and paid criminal hackers to collect information through computer intrusions in the United States and elsewhere,” acting US assistant attorney general Mary McCord told reporters.
Kremlin was accused of hiring two hackers, Alexsey Belan and Karim Baratov, to carry out the attacks, which continued until late 2016.
Baratov, described as a 22-year-old Canadian-Kazakh citizen, was reportedly arrested this week on a US warrant in Canada.
Kazakhstan on Thursday said that he had officially given up his citizenship in 2011.