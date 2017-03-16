(Adds Kremlin reaction)
By Dustin Volz
WASHINGTON, March 15 The United States on
Wednesday charged two Russian intelligence agents and two
hackers with masterminding the 2014 theft of 500 million Yahoo
accounts, the first time the U.S. government has criminally
charged Russian spies for cyber offences.
The charges came amid a swirl of controversies relating to
alleged Kremlin-backed hacking of the 2016 U.S. presidential
election and possible links between Russian figures and
associates of U.S. President Donald Trump. This has given rise
to uncertainty about whether Trump is willing to respond
forcefully to any action by Moscow in cyberspace and elsewhere.
The 47-count Justice Department indictment included charges
of conspiracy, computer fraud and abuse, economic espionage,
theft of trade secrets, wire fraud, access device fraud and
aggravated identify theft. It painted a picture of the Russian
security services working hand-in-hand with cyber criminals, who
helped spies further their intelligence goals in exchange for
using the same exploits to make money.
"The criminal conduct at issue, carried out and otherwise
facilitated by officers from an FSB unit that serves as the
FBI’s point of contact in Moscow on cyber crime matters, is
beyond the pale,” Acting Assistant Attorney General Mary McCord
said at a press conference announcing the charges.
Russia’s Federal Security Service (FSB) is the successor to
the KGB.
The Kremlin, which denies Russia tried to influence the U.S.
election in any way, said on Thursday Moscow had received no
official notification of the indictment, but hoped it would.
However, Dmitry Peskov, President Vladimir Putin's
spokesman, dismissed out of hand the idea that FSB employees
could have been involved in the Yahoo hack.
"We have said repeatedly that there can be no discussion of
any official involvement of any Russian agency, including the
FSB...in any unlawful cyber activities," said Peskov, who has
cast U.S. allegations against Russia as part of a political
campaign to kill off a U.S.-Russia rapprochement.
Yahoo said when it announced the then-unprecedented breach
last September that it believed the attack was state-sponsored,
and on Wednesday the company said the indictment "unequivocally
shows" that to be the case.
The charges announced Wednesday are not related to the
hacking of Democratic Party emails during the 2016 U.S.
presidential election. U.S. intelligence agencies have said they
were carried out by Russian spy services, including the FSB, to
help the campaign of Republican candidate Donald Trump.
The indictment named the FSB officers involved as Dmitry
Dokuchaev and his superior, Igor Sushchin, who are both in
Russia.
Dokuchaev was arrested for treason in December, according to
the Russian news agency Interfax.
Reuters sent a request for comment to the FSB in Moscow on
Wednesday evening but there was no response.
The alleged criminals involved in the scheme include Alexsey
Belan, who is among the FBI's most-wanted cyber criminals and
was arrested in Europe in June 2013 but escaped to Russia before
he could be extradited to the United States, according to the
Justice Department.
Karim Baratov, who was born in Kazakhstan but has Canadian
citizenship, was also named in the indictment.
The Justice Department said Baratov was arrested in Canada
on Tuesday. Mark Pugash of Toronto police later confirmed the
Tuesday arrest.
McCord said the hacking campaign was waged by the FSB to
collect intelligence but that the two hackers used the collected
information as an opportunity to "line their pockets."
The United States does not have an extradition treaty with
Russia, but McCord said she was hopeful Russian authorities
would cooperate in bringing criminals to justice. The United
States often charges cyber criminals with the intent of
deterring future state-sponsored activity.
The administration of former President Barack Obama brought
similar charges against Chinese and Iranian hackers who have not
been extradited.
In a statement, White House spokesman Michael Anton said the
charges "are part of a broad effort across the government to
defend the United States against cyber attacks and cyber-related
crimes."
'RED NOTICE'
Yahoo in December announced another breach that occurred in
2013 affecting one billion accounts. Special Agent Jack Bennett
of the FBI's San Francisco Division said the 2013 breach is
unrelated and that an investigation of that incident is ongoing.
The hacks forced Yahoo to accept a discount of $350 million
in what had been a $4.83 billion deal to sell its main assets to
Verizon Communications Inc.
At least 30 million of the Yahoo accounts in the 2014 breach
were the most seriously affected, with Belan able to burrow deep
into their accounts and take user contact lists that were later
used for a financially motivated spam campaign, according to the
indictment. Belan also stole financial information such as
credit card numbers and gift cards, it said.
Yahoo had previously said about 32 million accounts had
fallen victim to the deeper attack, which it said leveraged
forged browser cookies to access accounts without the need for a
password.
According to the indictment, FSB officers Sushchin and
Dokuchaev also directed Baratov to use the information gained in
the Yahoo breach to hack specific targets who possessed email
accounts with other service providers, including Google.
When Baratov was successful, Dokuchaev would reward him with
a bounty, the indictment charged.
Examples where Google accounts were targeted include an
assistant to the deputy chairman of the Russian Federation, an
officer of the Russian Ministry of Internal Affairs, and a
physical training expert employed by the Russian government.
Details in the indictment reflect the often murky
relationship in Russia between criminal hackers and government
intelligence officers.
Interpol issued a "red notice" on Belan in relation to an
earlier hacking campaign, according to the indictment. Instead
of arresting Belan, however, the FSB recruited him to help with
cyber espionage and provided tools to evade detection from other
authorities.
Belan later gained unauthorized access to Yahoo's network
that he shared with FSB, the indictment said.
