The Department of Justice today released an indictment of four men involved in the 2016 hack of Yahoo email accounts, two of whom were acting in their capacity as Russian intelligence and security officers.
“The defendants include two officers of the Russian Federal Security Service (FSB), an intelligence and law enforcement agency of the Russian Federation, and two criminal hackers with whom they conspired to accomplish these intrusions,” said U.S. acting assistant attorney general Mary McCord. “Dmitry Dokuchaev and Igor Sushchin, both FSB officers, protected, directed, facilitated, and paid criminal hackers to collect information through computer intrusions in the United States and elsewhere.”
Dokuchaev and Sushchin worked with co-conspirators Alexsey Belan and Karim Baratov to hack the emails, specifically targeting accounts of Russian and U.S. government officials, including cybersecurity, diplomatic, and military personnel, according to McCord.
“The FSB unit that the defendants worked for, the Center for Information Security, aka Center 18, is also the FBI’s point of contact in Moscow for cyber-crime matters,” said McCord. “The involvement and direction of FSB officers with law enforcement responsibilities makes this conduct that much more egregious. There are no free passes for foreign state-sponsored criminal behavior.”
They worked with co-conspirators Belan and Baratov to hack into computers of American companies providing email and Internet-related services, to maintain unauthorized access to those computers and to steal information, including information about individual users and the private contents of their accounts.
Baratov, a Canadian resident, was arrested Tuesday in Canada under a U.S. government provisional arrest warrant.
“Yesterday’s arrest of the co-conspirator in Canada, which was executed by the Toronto police services fugitive squad, demonstrates our total and unyielding commitment to finding and bringing to justice cyber criminals no matter where they operate or reside,” said Paul Abbate, assistant director in charge of the FBI Washington field office.
Robert Cattanach, a partner at the international law firm Dorsey & Whitney and a former DOJ trial attorney, said the indictment is significant but largely symbolic. “There’s probably little likelihood that the identified hackers will ever face justice in the United States. The US has no extradition treaty with Russia,” Cattanach said.
The indictment does, however, shine a light on the Russian government’s cooperation with criminal hackers. “It also underscores the very cozy relationship between Russian state security apparatus and for-hire Russian hackers,” Cattanach said. “Not only have individual hackers operated with impunity inside Russia, but U.S. security officials increasingly suspect that they are tacitly encouraged by the Russian government, which can then leverage their techniques and intrusions to obtain sensitive information.”
Belan was already one of the FBI’s most wanted cyber criminals before the Yahoo hack, according to McCord. He was publicly indicted in September 2012 and June 2013, after which Interpol issued a Red Notice for his immediate detention. Despite being arrested in Europe in 2013, Belan was able to escape to Russia before extradition, wherein Dokuchaev and Sushchin used him to gain access to Yahoo accounts.
According to the indictment, the conspirators also stole email contacts to conduct fraud schemes for personal gain, though that was not the main objective of the hacks.
“What the indictment alleges is that these FSB officers used criminal hackers to gain information, clearly some of which has intelligence value, but in doing so and in using criminal hackers to do so, the criminal hackers used this opportunity also to line their own pockets for private financial gain,” said McCord.
Though intelligence agencies have also attributed the hack of Democratic National Committee emails in 2016 to Russian state actors, McCord stated that this indictment is in no way related to that event.
Though the indictment alleges that Dokuchaev and Sushchin were working in their capacity as FSB operatives and calls for their extradition, there is no guarantee of Russian cooperation.
“We do not have an extradition treaty with Russia,” McCord said. “We would hope that they would respect our criminal justice system and respect these charges and what they need to do.”