Two Russian Spies Indicted By US Justice Department For Orchestrating Yahoo Hack

Two Russian intelligence agents have been charged by the US for orchestrating the 2104 Yahoo hack that led to 500 million user accounts being compromised.

The US Department of Justice indicted two Russian FSB agents,  Dimitry Aleksandrovich Dokuchaev, 33, and Igor Anatolyevich Sushchin, 43, as the perpetrators of the attack who worked with Russian national Alexsey Alexseyevich Belan, 29, and Canadian national Karim Baratov, 22, to carry out one of the largest data breaches in history.

The attack has been attributed to a move by the agents to access accounts of interest belonging to Russian and US government officials, Russian journalists, employees of technology companies and workers at an significant Russian security company.

Yahoo hack

“Cyber crime poses a significant threat to our nation’s security and prosperity, and this is one of the largest data breaches in history,” said US Attorney General Jeff Sessions. “But thanks to the tireless efforts of U.S. prosecutors and investigators, as well as our Canadian partners, today we have identified four individuals, including two Russian FSB officers, responsible for unauthorized access to millions of users’ accounts. The United States will vigorously investigate and prosecute the people behind such attacks to the fullest extent of the law.”

While Baratov is in the custody of Toronto Police Department at the courtesy of its fugitive squad, the other three are in Russian, so Sessions’ ambitions to prosecute them is at risk, as the Russia has not extradition deal with the US.

Furthermore, Belan is one of the US’ most wanted cyber criminals having been indicted twice by US federal grand juries but fled to Russia. And without an extradition treaty, Belan and the two FSB agents are safe from being arrested by the US unless the country enters negotiations with the Russian government to hand over the agents and hacker to the US authorities.

Given the FSB agents were likely working under the direction of the Russian government, it would be fairly unlikely for President Putin’s government to handover the trio to the US. This could put the rather testy relations between the two nations further two the test, as well as portray Russia as a nation to be wary of when it comes to cyber attacks.

However, the BBC reported that Russian has denied allegations that the FSB was involved in the data breach.

“As we have said repeatedly, there can be absolutely no question of any official involvement by any Russian agency, including the FSB, in any illegal actions in cyberspace,” said spokesman Dmitry Peskov.

For Yahoo the indictment is a good result as it confirms the company’s previous claims that the massive data breach it suffered was carried out by state-sponsored actors, and was not necessarily down to poor security on it part.

“The indictment unequivocally shows the attacks on Yahoo were state-sponsored. We are deeply grateful to the FBI for investigating these crimes and the DOJ for bringing charges against those responsible,” said Chris Madsen, assistant general counsel and head of Global Law Enforcement, Security & Safety at Yahoo.

“This morning’s announcement is consistent with our prior disclosures. On September 22, 2016, we disclosed our belief that a state-sponsored actor had stolen a copy of certain user account information for approximately 500 million user accounts in late 2014. On December 14, 2016, we provided details on the forging of cookies to gain access to certain user accounts without a password and we linked some of that activity to the same state-sponsored actor.”

The Yahoo data breach cost the company several hundred million dollars after Verizon adjusted its offer to buy Yahoo when the data breach came to light.

Quiz: How much do you know about the world of Yahoo?

Roland Moore-Colyer

As News Editor of Silicon UK, Roland keeps a keen eye on the daily tech news coverage for the site, while also focusing on stories around cyber security, public sector IT, innovation, AI, and gadgets.

Recent Posts

Twitter To Hide Tweets That Share False Information During A Crisis

Potentially risking Elon's wrath over free speech, Twitter says it will hide tweets spreading misinformation…

11 hours ago

Boeing Starliner Test Flight Readied For Tonight

Third time the charm? Main rival to SpaceX's Dragon capsule, the embattled Boeing Starliner spacecraft,…

13 hours ago

September 13 Slated For iPhone 14 Launch – Report

No surprise there. Apple is slated to launch the iPhone 14 on 13 September according…

15 hours ago

Texas Social Media Law Battle Heads To Supreme Court

Battle between Texas and social networking giants reaches US Supreme Court, and it could decide…

16 hours ago

UK Can Legally Launch Cyberattacks Against Hostile Nations, Says AG

Chief legal advisor to government says UK can legally launch cyberattacks against hostile nations, and…

20 hours ago