US faces limits in busting Russian agents over Yahoo breach

Wednesday's indictment is more about naming and shaming Russia over suspected state-sponsored hacking, experts said

In a rare move, the U.S. has indicted two Russian government agents for their suspected involvement in a massive Yahoo data breach. But what now?

Security experts say Wednesday’s indictment might amount to nothing more than naming and shaming Russia. That’s because no one expects the Kremlin to play along with the U.S. indictment.

“I can’t imagine the Russian government is going to hand over the two FSB officers,” said Jeremiah Grossman, chief of security strategy at SentinelOne.

"Even in the most successful investigations, state hackers are still immune from prosecution or retaliation," said Kenneth Geers, a research scientist at security firm Comodo.

The two officers, Dmitry Dokuchaev and Igor Sushchin, work for Russia’s Federal Security Service (FSB), the country’s intelligence agency, according to Wednesday’s indictment. They allegedly recruited a pair of third-party hackers to breach Yahoo and steal information on 500 million user accounts and helped the hackers carry out the crime.

The likelihood Russia would give up either agent is low, given that spies usually know state secrets.

screen shot 2017 03 15 at 5.08.31 pm FBI

Three of the suspects allegedly involved in the Yahoo data breach. 

Wednesday’s indictment is more about sending a symbolic message to Russia, said Mark Kuhr, CTO at security firm Synack and a former U.S. National Security Agency network analyst.

“From Russia’s perspective, it does hurt them a bit,” he said. “We (the U.S.) are embarrassing them in the news.”

It also exposes the FSB agents and hackers allegedly involved in the Yahoo breach, forcing them to tread lightly. The U.S. has issued warrants for their arrest. The fourth suspect, a third-party hacker named Karim Baratov, was already caught in Canada.

In addition, the indictment shows that U.S. investigators can track Russian cyberespionage operations.

“You can try and hide in the corners of the dark web, but we will hunt you down,” said FBI special agent John Bennett at a press conference on Wednesday.

But it’ll take more than just naming and shaming to dissuade the Kremlin from sponsoring future cyberattacks, experts said.

“More needs to be done,” said Edward McAndrew, a former U.S. federal cybercrime prosecutor who now works at law firm Ballard Spahr. “We have to move beyond the indictment stage.”

The next stage might go beyond the legal realm and into geopolitical steps like sanctions or even cyberwarfare, he said.

Of course, two can play at that game. It's possible that Russia might indict U.S. agents it suspects in a hacking case -- not that it would have any more luck prosecuting them.

“I won’t be surprised if that happens,” McAndrew said. “I imagine that our government, and most governments, will not be handing over their intelligence operatives.”

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Michael Kan

IDG News Service
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?