
Justice Department charging Russian spies and criminal hackers in Yahoo intrusion - ziszis
https://www.washingtonpost.com/world/national-security/justice-department-charging-russian-spies-and-criminal-hackers-for-yahoo-intrusion/2017/03/15/64b98e32-0911-11e7-93dc-00f9bdd74ed1_story.html
======
dmix
> Particularly galling to U.S. officials is that the men worked for the cyber
> investigative arm of the FSB - a rough equivalent of the FBI's Cyber
> Division. That the agency that is supposed to investigate computer
> intrusions Russia is engaged in hacking is "pretty sad," one official said.

This is why the FBI not engaging in their own grey-area shady offensive cyber
techniques is so important, if they plan on making statements like these and
expect to be taken seriously. Even if the FBI always find ways to get away
with it legally, it still doesn't help their case when claiming moral high
ground.

There is nothing Russia loves better than to dismiss claims against them
because the US does it too - and the Russian public eats this "US double
standard" up every time. They just see what Russia does as more explicit.
Without giving Russia this easy out I don't see how enforcement like this is
going to be effective. They show no signs of slowing down. Unless some new
sanctions are planned?

Finding legal avenues instead of hiring shady Russian criminal hackers might
seem like a big difference but the end results are hard to distinguish.

Last week the FBI let a pedophile who ran a hugely popular darknet CP site go
instead of revealing the full details of their own hacking:
[https://www.wired.com/2017/03/feds-rather-drop-child-porn-
ca...](https://www.wired.com/2017/03/feds-rather-drop-child-porn-case-give-
exploit/)

Consistency really does matter...

~~~
pjc50
Indeed. Many years ago a treaty was made against the militarisation of space -
which has largely been kept. There was an opportunity some time back to try to
regulate the use of ""cyberwarfare"" against civilians, but it wasn't taken.
The US was quite happy to use it against other countries.

Unfortunately, like biological weapons, these techniques don't go back in the
box very easily. We're entering an era where economic and political sabotage
by hostile intelligence agencies - in both directions, and occasionally
between "allies" or even in the same country - is becoming increasingly
common.

~~~
zby
The problem of attribution is much worse with cyberweapons than with anything
that has to be delivered physically. That makes any treaty impossible to
enforce.

------
_nox_
One of the FSB officers in this story, Dmitry Dokuchaev, was arrested a few
weeks ago by the Russian authorities. He was arrested along with his FSB
supervisor Sergey Mikhailov. Authorities cited treason, but the most
interesting bit of the story was that the two were part of the Shaltai-Boltai
hacks. The group was notorious for hacking government officials, and leaking
e-mails and sensitive reports. Their highest-profile target was Dmitry
Medvedev.

So, yes, dear american attorney, it's all quite sad. These counter-
intelligence officers not only hacked yahoo, but their own government as well.

My guess is that they were grunts serving one of the power blocks within
Kremlin. Hence the leaks targeting certain Kremlin officials, and not others.
That's why they were safe for so long.

Another funny bit you can read between the lines, is that when the Americans
tracked them down, they probably tried to recruit them as their own spies
within the FSB. Or at least ferret out as much info as they could, probably in
exchange for a sweeter deal back in the US. And that's when the Russian
counter-intelligence decided to pull the plug. Hence, you see them being
arrested primarily for "treason and colluding with the FBI", rather than the
Shaltai-Boltai leaks.

------
r721
>The indicted FSB officers are Dmitry Dokuchaev and Igor Sushchin, his
superior. Particularly galling to U.S. officials is that the men worked for
the cyber investigative arm of the FSB — a rough equivalent of the FBI’s Cyber
Division. That the agency that is supposed to investigate computer intrusions
Russia is itself engaged in hacking is “pretty sad,” one official said.

>Dokuchaev, whose hacker alias was “Forb,” was arrested in December in Moscow,
according to the news agency Interfax, on charges of state treason for passing
information to the CIA. He had reportedly agreed to work for the FSB to avoid
prosecution for bank card fraud.

The interesting bit here is that Dokuchaev is a part of Humpty Dumpty
(Shaltai-Boltai) saga:

[https://krebsonsecurity.com/2017/01/a-shakeup-in-russias-
top...](https://krebsonsecurity.com/2017/01/a-shakeup-in-russias-top-
cybercrime-unit/)

[https://www.bloomberg.com/view/articles/2017-01-30/how-
russi...](https://www.bloomberg.com/view/articles/2017-01-30/how-russian-
hackers-became-a-kremlin-headache)

[http://www.bbc.com/news/world-europe-38930627](http://www.bbc.com/news/world-
europe-38930627)

[https://themoscowtimes.com/articles/tinker-tailor-hacker-
spy...](https://themoscowtimes.com/articles/tinker-tailor-hacker-spy-57013)

------
itchyjunk
Could someone with better forensic understanding help explain this a little
better please? How does one not only trace back the hack to originating
computer, but also figure out who was sitting behind that machine. Also, who
hired that person to sit behind that machine and perform said hacks. Is this
possible within the realms of digital forensics? Or does this imply alternate
sources of intel?

Just curious as to why these hackers are competent enough to hack multi-
billion dollar industries but not competent enough to at least hide their
employer if not themselves?

~~~
salesguy222
In my opinion, no, digital forensics cannot prove these things 100%.

The prosecutors and agencies involved can only string together evidence in an
attempt to convince a non-technical jury (or tribunal) to see things that
aren't there explicitly, but could be implied.

For example, a machine with photos of me and some of my financial documents
might be used to hack someone, and my MAC address and IP show up in the
"hacking evidence".

Depending on how motivated the prosecutors are to charge me personally, you
will either see me in trouble, or you won't. In my opinion, if you aren't
politically well connected, your ability to evade indictments and eventually
convictions is non existent in the face of someone as powerful as the DOJ

~~~
itchyjunk
So tracing the the computer, hacking the webcam, getting the face, getting
into the persons back account, following the money trail to FSB is more of a
Hollywood hack and not reality than? I ask because I no longer have a feel for
what is possible and what is fantasy. Especially how machine learning and what
not comes into play if it does. [1]

[1]
[https://www.youtube.com/watch?v=v5ghK6yUJv4](https://www.youtube.com/watch?v=v5ghK6yUJv4)

~~~
salesguy222
Sorry, I'm on mobile right now and I can't watch your link. Please do help me
though:

Are you saying that in the case of this Yahoo hack, this is the evidence that
has been obtained? Or is this a general link about what authorities are able
to do?

Because if so, then yes, I personally would say this is enough to reach a
guilty verdict. They deserve it if they were dumb enough to show their face
and receive on the books payment from a shady authority.

But too often, someone's machine is implicated with the kind of flakey
technical evidence that is used to extort a confession or a plea bargain.

~~~
itchyjunk
Ah, this is nothing specific. Just wild speculations on how one might be able
to figure out the person behind a hack.

------
aluminussoma
Hacking is "sexy" and sensational, but if you really wanted a corporation's
data, wouldn't it be easier to just get your agent hired as an Ops person at
your target?

~~~
JoeAltmaier
...or just reward an existing ops person with something like the real value of
the information (millions?). Ops people are notoriously underpaid and
overworked.

~~~
seppin
why not both? (they do both)

------
gcb0
yet moments before we got this
[https://yro.slashdot.org/story/17/03/15/0521225/hacking-
vict...](https://yro.slashdot.org/story/17/03/15/0521225/hacking-victim-cant-
sue-foreign-government-for-hacking-him-on-us-soil-says-court)

> a court of appeals in Washington D.C. ruled that an American citizen can't
> sue the Ethiopian government for hacking into his computer and monitoring
> him with spyware. "The decision on Tuesday is a blow to anti-surveillance
> and digital rights activists who were hoping to establish an important
> precedent in a widely documented case of illegitimate government-sponsored
> hacking."

~~~
anigbrowl
There's a general principle that individuals can't sue governments because
otherwise the conduct of foreign relations by governments becomes impossible.
Also, other countries are disinclined to pay attention to verdicts against
themselves in US courts, and it would be embarrassing for us to have people
win their cases and then have no way of enforcing the judgement. That could
lead to courts ordering the seizure of foreign assets to pay compensation,
which would undermine the Constitutional role of the Executive branch to
conduct foreign relations.

Thus, courts generally decline to hear those cases. Governments are held to
have 'sovereign immunity' and indeed most countries offer no way to sue a
foreign government in their own courts.

~~~
igivanov
Perhaps in theory...

[http://www.jpost.com/Middle-East/Iran-News/Terror-victims-
ki...](http://www.jpost.com/Middle-East/Iran-News/Terror-victims-kin-have-no-
right-to-sue-Iran-in-US-courts-Zarif-says-452664)

[http://www.zerohedge.com/news/2016-10-01/sept-11-widow-
first...](http://www.zerohedge.com/news/2016-10-01/sept-11-widow-first-
american-sue-saudi-arabia-terrorism-her-full-lawsuit)

[http://www.historycommons.org/context.jsp?item=complete_time...](http://www.historycommons.org/context.jsp?item=complete_timeline_of_the_2003_invasion_of_iraq_2015#complete_timeline_of_the_2003_invasion_of_iraq_2015)

------
finid
The interesting thing about this is that one of the indicted spies was
arrested by the FSB and charged with treason for spying for the CIA. That was
just 2 months ago.

Twisted world.

------
londons_explore
Identifying individuals in an enemy's secret services sounds to me to be a
tactic to say:

> "You tried to hide from us, but not only do we know it was you, we also know
> exactly which operative did it. We have fully infiltrated your intel agency,
> you might as well give up now".

~~~
lostboys67
One of the key tasks of your contra espionage Is to identify who your
opposition is - having an avowed FSB officer with a public day job do naughty
stuff is just amateur night - let alone getting caught.

Oh and employing criminals as officers FFS Beria must be spinning in his grave
at that incompetence

------
tsomctl
Fortunately for them, we don't have an extradition treaty with Russia. On a
related note, Semion Mogilevich, head of the Russian mafia, and one of the
FBI's most wanted, lives freely in Moscow.

~~~
finid
Where else is he supposed to live freely? How many mafia bosses are living
freely in a US city near you?

------
ENOTTY
Here's the full text of the indictment [https://www.justice.gov/opa/press-
release/file/948201/downlo...](https://www.justice.gov/opa/press-
release/file/948201/download)

There are some rather interesting nuggets of information in it.

------
rodionos
The traditional channels between the U.S. and Russia for pushing back against
each other are evidently not working. What's remaining is doing the same
thing, over and over again expecting different results.

~~~
dragonwriter
This isn't an alternative venue for the US pushing back against Russia. Russia
and the US are working on the same side here; one of these FSB officers was
recently arrested in Russia for treason, and now the US government is piling
on charges.

~~~
_nox_
Treason, most likely, being him talking to the FBI about the charges. I don't
expect Russian media to spin it along the way you suggest.

Even if you entertain the possibility that the two acted on their own, you
can't admit it to the public. Admitting that two of your own officer ran
roughshod over you is too embarrassing. In the prosecution, the authorities
will probably rely on the American angle ( _they tried to sell our secrets to
the FBI, but we caught them_ ).

