Two Russian Spies Were Just Charged in the Massive Yahoo Hack
The spies used the information to target political adversaries.
The United States Department of Justice has issued an indictment of two Russian spies — and their two hacker co-conspirators — for the massive Yahoo hack that compromised the accounts of roughly 500 million users in 2014.
Reports of the attack didn’t surface until the fall of 2016 when the company blamed a “state-sponsored actor” for the security breach. It turns out that state actor was Russia, which seems to be appearing ever more frequently in stories around American cybersecurity.
The two spies, Dmitry Dokuchaev and Igor Sushchin, were agents in Russia’s FSB (which has been called the modern day equivalent to the more infamous KGB) and they recruited the hackers, Alexsey Belan and Karim Baratov, to aid them in their mission. The group of comrades faces a total of 47 criminal charges. Those charges include identity theft, computer fraud, and economic espionage.
The 2014 breach compromised a host of user data, from passwords and security questions to birthdays and telephone numbers. Yahoo at the time advised all users to update their passwords and security settings, but it was and still remains unclear what the full ramifications of the breach will be. To put things in perspective, the House Oversight Committee said in 2015 that a security breach in government computers, which affected about 22 million government employees, could have ramifications more than a decade later.
The Yahoo breach hit about 20 times as many people. In the case of that breach, though, the targets were not government employees or civil servants, so it’s harder to predict how much of the stolen information would be deemed valuable.
According to a Department of Justice press release, the defendants “used some of that stolen information to obtain unauthorized access to the contents of … account of Russian journalists, U.S. and Russian government officials and private-sector employees of financial, transportation and other companies.”
One is also said to have used the information to personal financial gain “by searching Yahoo user communications for credit card and gift card account numbers, redirecting a subset of Yahoo search engine web traffic so he could make commissions and enabling the theft of the contacts of at least 30 million Yahoo accounts to facilitate a spam campaign.”
It should be the United States does not yet have any of the four men charged in the indictment in custody. The FSB agents, Dokuchaev and Sushchin, are both Russian nationals who live in their home country. It’s highly unlikely that Russia will consider extraditing them to the U.S., especially given the heightened tensions over potential Russian meddling in the election of President Donald Trump.
The hackers, meanwhile, are also outside of the U.S.: Belan, who in “2013 was named one of FBI’s Cyber Most Wanted criminals,” is in Russia, having escaped from custody elsewhere in Europe before he could be sent to the U.S. The other hacker, Baratov, is a Canadian resident. According to the press release, “On March 7, the Department of Justice submitted a provisional arrest warrant to Canadian law enforcement authorities … On March 14, Baratov was arrested in Canada and the matter is now pending with the Canadian authorities.”
Baratov may be the only conspirator to face U.S. justice in the near future, but the indictment nevertheless serves as a message to Russia and the FSB that such breaches of security and trust will not be tolerated. The returned attention to the Yahoo hack should also come as a reminder to all internet users that online vigilance and due diligence are absolute necessities.