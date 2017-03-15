Hacker News new | comments | show | ask | jobs | submit login
Justice Department charging Russian spies and criminal hackers in Yahoo intrusion (washingtonpost.com)
Could someone with better forensic understanding help explain this a little better please? How does one not only trace back the hack to originating computer, but also figure out who was sitting behind that machine. Also, who hired that person to sit behind that machine and perform said hacks. Is this possible within the realms of digital forensics? Or does this imply alternate sources of intel?

Just curious as to why these hackers are competent enough to hack multi-billion dollar industries but not competent enough to at least hide their employer if not themselves?

> Particularly galling to U.S. officials is that the men worked for the cyber investigative arm of the FSB - a rough equivalent of the FBI's Cyber Division. That the agency that is supposed to investigate computer intrusions Russia is engaged in hacking is "pretty sad," one official said.

This is why the FBI not engaging in their own grey-area shady offensive cyber techniques is so important, if they plan on making statements like these and expect to be taken seriously. Even if the FBI always find ways to get away with it legally, it still doesn't help their case when claiming moral high ground.

There is nothing Russia loves better than to dismiss claims against them because the US does it too - and the Russian public eats this "US double standard" up every time. They just see what Russia does as more explicit. Without giving Russia this easy out I don't see how enforcement like this is going to be effective. They show no signs of slowing down. Unless some new sanctions are planned?

Finding legal avenues instead of hiring shady Russian criminal hackers might seem like a big difference but the end results are hard to distinguish.

Last week the FBI let a pedophile who ran a hugely popular darknet CP site go instead of revealing the full details of their own hacking: https://www.wired.com/2017/03/feds-rather-drop-child-porn-ca...

Consistency really does matter...

Indeed:

https://motherboard.vice.com/en_us/article/fbi-hacked-over-8...

Indeed. Many years ago a treaty was made against the militarisation of space - which has largely been kept. There was an opportunity some time back to try to regulate the use of ""cyberwarfare"" against civilians, but it wasn't taken. The US was quite happy to use it against other countries.

Unfortunately, like biological weapons, these techniques don't go back in the box very easily. We're entering an era where economic and political sabotage by hostile intelligence agencies - in both directions, and occasionally between "allies" or even in the same country - is becoming increasingly common.

The traditional channels between the U.S. and Russia for pushing back against each other are evidently not working. What's remaining is doing the same thing, over and over again expecting different results.

>The indicted FSB officers are Dmitry Dokuchaev and Igor Sushchin, his superior. Particularly galling to U.S. officials is that the men worked for the cyber investigative arm of the FSB — a rough equivalent of the FBI’s Cyber Division. That the agency that is supposed to investigate computer intrusions Russia is itself engaged in hacking is “pretty sad,” one official said.

>Dokuchaev, whose hacker alias was “Forb,” was arrested in December in Moscow, according to the news agency Interfax, on charges of state treason for passing information to the CIA. He had reportedly agreed to work for the FSB to avoid prosecution for bank card fraud.

The interesting bit here is that Dokuchaev is a part of Humpty Dumpty (Shaltai-Boltai) saga:

https://krebsonsecurity.com/2017/01/a-shakeup-in-russias-top...

https://www.bloomberg.com/view/articles/2017-01-30/how-russi...

http://www.bbc.com/news/world-europe-38930627

https://themoscowtimes.com/articles/tinker-tailor-hacker-spy...

Hacking is "sexy" and sensational, but if you really wanted a corporation's data, wouldn't it be easier to just get your agent hired as an Ops person at your target?

Identifying individuals in an enemy's secret services sounds to me to be a tactic to say:

> "You tried to hide from us, but not only do we know it was you, we also know exactly which operative did it. We have fully infiltrated your intel agency, you might as well give up now".

One of the key tasks of your contra espionage Is to identify who your opposition is - having an avowed FSB officer with a public day job do naughty stuff is just amateur night - let alone getting caught.

Oh and employing criminals as officers FFS Beria must be spinning in his grave at that incompetence

Um, read closely... one of those accused by the FBI was arrested in Russia for passing information to the CIA.

Why Yahoo and not any other email providers? Do we presume they went after, say, Google, but were unsuccessful? Or was Yahoo simply the most juicy target due to its age and number of email accounts.

