Russian Agents Were Behind Yahoo Hack, U.S. Says
SAN FRANCISCO — In a development that can only heighten the distrust between U.S. and Russian authorities on cybersecurity, the Justice Department on Wednesday charged two Russian intelligence officers with directing a sweeping criminal conspiracy that broke into 500 million Yahoo accounts in 2014.
The Russian government then used the information it obtained from the intelligence officers and two others named in the indictment — a Russian hacker and a Kazakh national living in Canada — to focus on foreign officials, business executives and journalists, federal prosecutors said. The targets included numerous financial executives, executives at an American cloud computing company, an airline official and even a casino regulator in Nevada.
That U.S. and Russian authorities are often at loggerheads in their approaches to criminal breaches was made clear in the indictment. The two Russian agents were supposed to be helping Americans hunt for hackers but were instead working against them.
And one of the outside hackers, a Russian named Alexsey Belan, had been indicted twice before for three intrusions into American e-commerce companies and had been arrested in Europe, but escaped to Russia before he could be extradited. Prosecutors said they received no response to their requests to the Russian government to turn over Belan to U.S. authorities.
The hackers also used the Yahoo data to send spam and steal credit card and gift card information. In addition, they sought to break into at least 50 Google accounts, including those of Russian officials and employees of a Russian cybersecurity firm.
On Wednesday, prosecutors unsealed an indictment containing 47 criminal charges against the two agents of Russia’s Federal Security Service, or FSB, as well as two outside hackers with whom they worked on the scheme, one of the largest known thefts of data from a private corporation.
The four men together face 47 criminal charges, including conspiracy, computer fraud, economic espionage, theft of trade secrets and aggravated identity theft, the Justice Department said in a news release.
“The criminal conduct at issue, carried out and otherwise facilitated by officers from an FSB unit that serves as the FBI’s point of contact in Moscow on cybercrime matters, is beyond the pale,” the acting assistant attorney general, Mary B. McCord, said in a statement.
代理助理司法部长玛丽·B·麦科德(Mary B. McCord)在声明中说：“本案所涉犯罪行为是由俄罗斯联邦安全局一个部门的官员实施或促成其顺利实施的，该部门是联邦调查局在莫斯科的网络犯罪问题联系方，这种行为令人难以接受。”