Friday, March 31, 2017

US Indicts Four in Connection with 2014 Yahoo Hack

On March 15, 2017, the Department of Justice announced an indictment that charged hackers in connection with the 2014 Yahoo breach. In late 2016, Yahoo announced that unidentified hackers breached 500 million user accounts. With the accounts, the hackers stole login credentials and any information that came with them. Along with the first indictment, the DoJ charged two FSB agents in a second indictment – also allegedly connected to the Yahoo breach.

Milan Patel, a former FBI Cyber Division special agent said the charges “illustrate the murky world of Russian intel services using criminal hackers in a wide variety of ways.” the two FSB agents, according to the DoJ, sought data from the Yahoo breach for intelligence purposes.

One of the two hackers in the first indictment, Alexsey Belan, landed on the U.S.’s most-wanted cyber criminal list several years ago. He slipped through the FBI’s fingers several times.

The other man charged in the first indictment—the hacking indictment—held a Canadian citizenship. Canadian authorities arrested Karim Baratov, alleged “hacker-for-hire,” on March 14—a day before the indictment.

U.S. authorities claimed that both men worked as “hackers-for-hire.” The Russian connection, according to the DoJ, landed in the list of contractors that hired the hackers. DoJ officials announced that Russia hired both hackers, potentially more than once. Alexsey Belan, a Russian citizen, avoided incarceration several times, according to the FBI themselves. They stated that between January 2014–December 2016, Alexsey Belan conspired with FSB officers, including both in the second indictment—Dmitry Aleksandrovich Dokuchaev, Igor Anatolyevich Sushchin.

Alexsey Belan, the FBI wrote, worked with the FSB to “gain unauthorized access to the computer networks of and user accounts hosted at major companies providing worldwide webmail and internet-related services.” On February 28, 2017, a United States District Court in the Northern District of California issue an arrest warrant for Belan. The indictment charged him for conspiracy to commit computer fraud and abuse; unauthorized computer access for financial gain; causing computer damage by hacking; economic espionage; theft of trade secrets; access device fraud; and wire fraud.

And in 2012–2013, a United States District Court in Nevada indicted Belan after a hacker breached the network of a Nevada-based company. The indictment accused him of data theft from a locked computer; “possession of fifteen or more unauthorized access devices;” and aggravated identity theft. In the same period, the Northern District of California District Court charged him with similar crimes after he allegedly hacked a California company. Their indictment charged him with two counts of computer fraud and two counts of aggravated identity theft. 

And in 2012–2013, a United States District Court in Nevada indicted Belan after a hacker breached the network of a Nevada-based company. The indictment accused him of data theft from a locked computer; “possession of fifteen or more unauthorized access devices;” and aggravated identity theft. In the same period, the Northern District of California District Court charged him with similar crimes after he allegedly hacked a California company. Their indictment charged him with two counts of computer fraud and two counts of aggravated identity theft.

“The FSB officer defendants, Dmitry Dokuchaev and Igor Sushchin, protected, directed, facilitated and paid criminal hackers to collect information through computer intrusions in the U.S. and elsewhere,” the DoJ announced. “In the present case, they worked with co-defendants Alexsey Belan and Karim Baratov to obtain access to the email accounts of thousands of individuals.”

Additionally, in December 2016, former President Obama imposed economic sanctions on Russia for suspected election hacking. The government imposed sanctions on two Russian hackers—Belan’s name landed on the sanction list. Obama never mentioned a connection between Belan and the Yahoo hacks.

The FSB officers indicted by the DoJ, Dmitry Dokuchaev and Igor Sushchin, enabled both hackers in connection with the Yahoo hack. Authorities in Moscow arrested Dokuchaev in December. He passed information to the CIA, U.S., authorities claimed. Sushchin worked above Dokuchaev and enabled his actions, according to the indictment.