Federal prosecutors announced indictments Wednesday against two Russian operatives they said orchestrated the 2014 hack of internet giant Yahoo.
The men, both members of Russia’s Federal Security Service (FSB) — the heir to the Soviet-era KGB — recruited two other hackers to carry out the hack, which breached information on at least 500 million Yahoo accounts.
It is believed to be the first time Russian agents have been formally charged in the U.S. with such high-level cybercrimes.
“We will not allow individuals, groups, nation-states or a combination of them to compromise the privacy of our citizens, the economic interests of our companies or the security of our country,” acting Assistant Attorney General Mary McCord said at a news conference announcing the charges.
The indictments were handed up by a grand jury in California, which lodged charges against FSB officers Igor Sushchin and Dmitry Dokuchaev, as well as accused hackers Alexseyvich Belan, a Russian national, and Karim Baratov, a Canadian and Kazakh national. Charges include economic espionage and theft of trade secrets.
Officials said Mr. Baratov was arrested on Tuesday in Canada and that warrants had been issued for the other three defendants.
Mr. Sushchin and Mr. Dokuchaev recruited Mr. Belan and Mr. Baritov to carry out the scheme to target accounts of Russian journalists and U.S. and Russian government officials, the Justice Department said.
The defendants lost their access to Yahoo’s networks in September but were able to continue to use the stolen data until at least December, prosecutors said.
Mr. Belan, one of the FBI’s most wanted cybercriminals, was also accused of manipulating Yahoo’s search engine to drive certain users looking for erectile-dysfunction medications to an online pharmacy website that had paid him, according to the 47-count indictment.
The indictment said Mr. Belan accessed the accounts of employees at a Swiss bitcoin and banking firm, as well as accounts belonging to a Nevada gambling official and a senior officer at a major U.S. airline.
The indictment comes at a particularly sensitive time, as Congress continues to investigate Russian attempts to influence the U.S. presidential election.
However, Ms. McCord said the indictment doesn’t claim any connection between the 2014 breach and the hacks carried out last year against Democratic National Committee officials.
“We appreciate the FBI’s diligent investigative work and the DOJ’s decisive action to bring to justice those responsible for the crimes against Yahoo and its users,” Mr. Madsen said in a statement posted to the company’s website.
Sen. Mark R. Warner of Virginia, the top Democrat on the Senate Select Committee on Intelligence, applauded the Justice Department and said Yahoo could have publicly reported the breach sooner.
“This simply underscores the complexity and the urgency of the task facing the Senate intelligence committee in its bipartisan investigation into Russia’s interference in America’s 2016 elections,” Mr. Warner said.
There is no extradition treaty between the U.S. and Russia, and it’s unlikely the accused hackers will ever face justice here, said Robert Cattanach, a former trial attorney for the Justice Department.
But the Wednesday announcement exposes the “very cozy relationship between Russian state security apparatus and for-hire Russian hackers,” Mr. Cattanach said.
The indictment also shows that the U.S. can track even sophisticated hackers, said Mr. Cattanach, who now works in private practice in the areas of regulatory litigation, including cybersecurity and data breaches.
Copyright © 2017 The Washington Times, LLC.