US charges two Russian spies over hacking of 500 million Yahoo accounts

Ruth Sherlock

British intelligence made "substantial contributions" to an investigation on Wednesday saw two Russian spies charged over one of the largest data breaches in United States history.

The Russian agents, along with two other computer hackers, were indicted over a devastating breach at Yahoo in 2014 that affected at least a half billion user accounts.

Though the US department of justice has previously charged Russian hackers with cyber crime, this is the first criminal case brought against Russian government officials.

Paul Abbate, the executive assistant director at the FBI said the bureau was "extremely grateful" to M15 and other international partners - including Canada - for assistance "leading up to these criminal charges today". 

MI5 works closely with the FBI and regularly shares intelligence with the US agency.

British spies have tracked activity from the cyber espionage unit of the FSB -  Russia’s Federal Security Service, and a successor to the KGB - which was named in the US indictment. The same Russian unit, known as "Centre 18", is responsible for planning cyber attacks on UK targets.

In the Yahoo breach, officials said the FSB targeted the email accounts of Russian and American officials, Russian journalists, employees of financial services and other businesses. Breaking into a Yahoo account would have given hackers access to users’ activity on Flickr, Tumblr, fantasy sports and other applications.

Yahoo didn't disclose the 2014 breach until last September when it began notifying at least 500 million users that their email addresses, birth dates, answers to security questions and other personal information may have been stolen. 

Three months later, Yahoo revealed it had uncovered a separate hack in 2013 affecting about 1 billion accounts, including some that were also hit in 2014.

Karim Saratov, one of the defendants, has been taken into custody in Canada. 

Alexey Belan, is on the list of the FBI's most wanted cyber criminals and has been indicted multiple times in the US. He and the two other defendants, Dmitry Dokuchaev and Igor Sushchin, the men named as FSB officers, remain at large.

Because America doesn't have an extradition treaty with Russia, it is unclear if these defendants will ever set foot in a American courtroom since there's no extradition treaty with Russia. 

Mary McCord, the acting assistant attorney general said she hoped the defendants "will respect our criminal justice system". 

The charges come as US government authorities investigate Russian interference through hacking in the 2016 presidential election. 

One of the defendants, Belan, was among the Russians sanctioned last year following those hacking efforts, though US officials said the investigations were separate.

A number of congressional committees have been established to look into the reports, as well as into possible connections between Russia and Donald Trump and his associates.

Mr Trump has responded furiously to the allegations, and took to Twitter to accuse Barack Obama, the former US president of "wiretapping" his Trump Tower building in New York. 

But Devin Nunes, the Republican chairman of the House of Representatives Intelligence committee directly contradicted the president on Wednesday saying: "We don't have any evidence that that took place". 

"I don't think there was an actual tap of Trump Tower," he said. If Mr Trump's s tweets were taken literally, then "clearly the president was wrong".

James Comey, the FBI director is to appear before the committee next Monday to answer questions on the investigation into Russia's alleged meddling. He will also be asked to confirm if the bureau is actively investigating Mr Trump and his allies for potential connections to the Kremlin.

Rich Mogull, CEO of security firm Securosis, said the Yahoo indictment "shows the ties between the Russian security service and basically the criminal underground," something that had been "discussed in security circles for years."

Cyber criminals gave Russian officials access to specific accounts they were targeting; and in return, Russian officials helped the criminals to evade authorities and let them keep the type of information that hackers that hack for money tend to exploit such as email addresses and logins and credit card information.

"We've come to expect that you don't really figure out who performs these attacks," Mr Mogull said. The fact that the indictment ties together the FSB and criminals is a new development, he said. "It will be very interesting to see what comes up in court, and how they tie those two together."

 

By using Yahoo you agree that Yahoo and partners may use Cookies for personalisation and other purposes