U.S. Faces Tall Hurdles in Detaining or Deterring Russian Hackers
WASHINGTON — When a suspected Russian cybercriminal named Dmitry Ukrainsky was arrested in a Thai resort town last summer, the American authorities hoped they could whisk him back to New York for trial and put at least a temporary dent in Russia’s arsenal of computer hackers.
But the Russian authorities moved quickly to persuade Thailand not to extradite him, saying that he should be prosecuted at home. American officials knew what that meant. If Mr. Ukrainsky got on a plane to Moscow, they concluded, he would soon be back at work in front of a computer.
“The American authorities continue the unacceptable practice of ‘hunting’ for Russians all over the world, ignoring the norms of international laws and twisting other states’ arms,” the Russian Foreign Ministry said.
The dispute over Mr. Ukrainsky, whose case remains in limbo, highlights the difficulties — and at times impossibilities — that the United States faces in combating Russian hackers, including those behind the recent attacks on the Democratic National Committee. That hack influenced the course, if not the outcome, of a presidential campaign and was the culmination of years of increasingly brazen digital assaults on American infrastructure.
乌克兰斯基的案件依然被搁置。围绕他产生的争端，突显出美国在对付俄罗斯黑客上遭遇的困难，有时甚至是不可能实现的事。这些黑客就包括民主党全国委员会(Democratic National Committee)最近遭遇的袭击背后所潜藏的人。这场袭击就算没有影响一场总统竞选的结果，也影响了它的进程，称得上是连续多年来，对美国基础设施所实施的数字袭击的巅峰，而且这种袭击还在日益变得肆无忌惮。
The United States has few options for responding to such hacks. Russia does not extradite its citizens and has shown that it will not easily be deterred through public shaming. At times, the American authorities have enlisted local police officials to arrest suspects when they leave Russia — for vacation in the Maldives, for example. But more often than not, the F.B.I. and Justice Department investigate and compile accusations and evidence against people who will almost certainly never stand trial.
“You can indict 400 people. They don’t care,” said Robert E. Anderson Jr., who until last year served as the F.B.I.’s most senior executive overseeing computer investigations.
“你可以起诉400个人，他们不在乎，”直到去年还在担任FBI计算机犯罪调查部门最高长官的小罗伯特·E·安德逊·(Robert E. Anderson Jr.)说道。
The American government divides the cybersecurity world into two categories: attacks directed or sponsored by governments, and those conducted by criminals. But Russian hacking defies easy categorization, American officials say, because the Russian government tacitly supports many private hackers and occasionally taps them for freelance government work. That has complicated investigations and upended the normal diplomatic order.
In May 2009, for instance, Secret Service agents met in Moscow with their counterparts in the Russian Federal Security Service, known as the F.S.B. The Americans said they were investigating a hacker who had installed malicious code in the software that some American businesses used to process credit card transactions. The hacker was stealing millions of credit card numbers and selling them in an underground digital marketplace.
比如在2009年5月，美国特勤局(Secret Service)的特工在莫斯科与俄罗斯联邦安全局（Russian Federal Security Service，简称FSB）的特工会面。美方表示，他们在调查一名黑客，此人在一些美国公司用来处理信用卡交易的软件中设置了恶意代码。这名黑客在盗取数百万信用卡号码，将它们拿到一个地下数字市场出售。
The agents provided a name — Roman Seleznev — and the aliases he used online. His father was a member of the Russian Parliament. The Secret Service had followed his digital trail to Vladivostok, Russia, and they asked for help catching him.
Within weeks, all evidence of Mr. Seleznev’s online identity vanished from the internet. Rather than advancing the case, the Russian government had set it back, the American authorities believed. Prosecutors described their blunt conclusion in court documents: “Further coordination with the Russian government would jeopardize efforts to prosecute this case.” The American authorities were left to pursue Mr. Seleznev by themselves.
In the D.N.C. case and other election-year hacks, the authorities have concluded that people affiliated with the Russian government are to blame. But even if intelligence officials can identify who is behind those attacks, naming the actual perpetrators is even harder. One senior federal law enforcement official said this week that investigators still had many unanswered questions.