Justice Department Charges Russian Spies with Yahoo Cyber Breach
The Justice Department brought the first-ever U.S. criminal cyber charges against Russian government officials Wednesday when they announced the indictments of two Russian spies and two criminal hackers with the heist of 500 million Yahoo user accounts in 2014.
The indictments are part of the largest hacking case brought by the U.S. and target two members of FSB, the Russian intelligence agency, and two hackers hired by Russians.
Charges include hacking, wire fraud, trade secret theft and economic espionage, according to officials, and the move reflects the U.S. government’s desire to hold foreign governments accountable for malicious cyberspace acts.
Yahoo was attached in the fall of 2014 in what was considered the largest data breach in history–at that point. Yahoo later admitted another breach that affected 1 billion user accounts in 2013, but officials have yet to determine if the incidents are related.
In the 2014 hack, the FSB — Russia’s Federal Security Service, and a successor to the KGB — allegedly sought the information for intelligence purposes, targeting journalists, dissidents and U.S. government officials, but allowed the criminal hackers to use the email cache for the officials’ and the hackers’ financial gain, through spamming and other operations, reports The Washington Post.
The charges “illustrate the murky world of Russian intel services using criminal hackers in a wide variety of ways,” said Milan Patel, a former FBI Cyber Division supervisory special agent who is now a managing director at K2 Intelligence, a cyber firm.
Even though the DBI has long suspected Russian involvement in cyber breaches, this case marks the first in which sufficient evidence exists to build a case.
In an interview with Ars Technica, FBI agent Malcolm Palmore said the hackers were able to use a "spear phishing" email to gain the Yahoo employee's credentials. Spear phishing emails can encompass various techniques designed to trick the recipient into giving up his or her personal information. Phishing emails usually appear to come from a trusted source.
Posted in The Takedown