From Russia With . . . No Love for Yahoo


A recent indictment accusing the Russian government of masterminding the hack of more than 500 million Yahoo! Inc. user accounts shows the “connection between criminal groups and the Russian intelligence agencies,” former U.S. Homeland Security Secretary Michael Chertoff told Bloomberg BNA.

“I think obviously you had your state actors involved here. It’s a more sophisticated adversary than you might get in a garden variety criminal attack, although even the Russian criminals are quite capable,” Chertoff told Bloomberg BNA Staff Correspondent Joyce Cutler.

Prosecutors March 15 accused two Russian Federal Security Service agents—Aleksey Alekseyevich Belan and Igor Sushchin—and two hackers—Dmitry Dokuchaev and Karim Baratov—of conspiracy, economic espionage, wire fraud and stealing trade secrets connected to a 2014 breach of Yahoo that compromised at least 500 million user accounts. Belan, who is listed on FBI’s most wanted list for cybercrimes, was sanctioned by the U.S. Treasury Department in December, for compromising the computer networks of “at least three major” U.S.-based e-commerce companies to steal user data belonging to approximately 200 million accounts globally. In addition to the Treasury’s sanctions, President Barack Obama expelled 35 Russian diplomats from the U.S. over government-backed cyberattacks aimed to interfere with the 2016 U.S. election campaign.

The indictment “exposes the fact that the Russians in particular have often had a kind of an unholy alliance between their intelligence services and criminal groups, where criminal groups are basically allowed to operate with impunity as long as they keep it outside of Russia,” Chertoff said.  

“If you look at the indictment here what you see is a criminal group opening up the door to a huge treasure trove of personal data with the cooperation and the tacit encouragement of the intelligence agencies,” he said. The intelligence agencies are looking for certain things and they’re coming in the slipstream of this attack to steal what they want while the criminals get what they want, Chertoff said.

To keep up with the constantly evolving world of privacy and security sign up for the Bloomberg BNA Privacy and Security Update.