DoJ Charges Russian Spies Over Yahoo Hack – Data Was Used to Access Russian Journalists & Gov Officials’ Accounts
The US Justice Department officials are expected to announce charges against individuals who are allegedly responsible for at least one of a series of massive data breaches that targeted Yahoo. Reuters has reported that DOJ will “announce indictments” against suspects, who are said to be living in Russia and Canada.
Since Russia has no extradition treaty, it is expected that the Canadian suspect is “far more likely” to be arrested. While Reuters didn’t confirm which hack were the arrests associated with, the WaPo reported that the arrests are in connection with the heist of 500 million Yahoo user accounts in 2014.
Justice Department charging Russian spies in Yahoo attacks
The indictments target at least two Russian spies who are members of the Russian intelligence agency FSB, and two criminal hackers who were also reportedly hired by the Russians. The WaPo reported that this marks the “first U.S. criminal cyber charges ever against Russian government officials”. The charges against the four include hacking, wire fraud, trade secret theft and economic espionage, according to unnamed officials.
In September 2016, Yahoo had disclosed that hackers broke into its network in 2014 and stole data linked to over 500 million accounts. Yahoo had said that the breach was carried out by a “state-sponsored actor”. Another separate attack was later reported in December that affected over 1 billion user accounts in 2013, and again the company said the attack was carried out by a nation-state. It isn’t immediately clear whether the two attacks are connected.
Today’s expected charges against Russians will be another move by the US government holding the foreign nations responsible for cyberattacks. The country has previously accused Russians of hacking the Democratic National Committee, North Koreans for hacking into the networks of Sony Pictures Entertainment, and Chinese hackers for economic cyber espionage.
The two massive breaches affected Yahoo’s sale of its core business to telecommunications giant Verizon, who received a $350 million discount on the original offer. Yahoo and its CEO Marissa Mayer have been criticized for keeping the wraps on the massive attacks for years until the acquisition deal with Verizon was finalized. Mayer is expected to step down from the position of CEO after the transition process is over.
[Update]: “Stolen data was used to access contents of Russian journalists and gov officials’ accounts”
The Department of Justice has now announced these reported indictments. The DoJ said the hack was initiated in January 2014, affecting at least 500 million Yahoo accounts. Two Russian FSB officials were identified as Dmitry Dokuchaev and his superior, Igor Sushchin.
Another two criminal hackers who were said to be hired by Russians include Alexsey Belan – one of the most-wanted cyber criminals – and Karim Baratov, who was born in Kazakhstan but has Canadian citizenship. Baratov was arrested in Canada on Tuesday and DoJ said that his case is now pending with the Canadian authorities.
The contents of at least 30 million accounts were accessed and at least 18 people who used other services, such as Google, were also victimized, the DoJ said in a news conference in Washington.
The stolen information was used to “obtain unauthorized access to the contents of accounts at Yahoo, Google and other webmail providers, including accounts of Russian journalists, US and Russian government officials and private-sector employees of financial, transportation and other companies,” the DoJ said in a statement.