A top Justice Department official says there is a “silver lining” in the fact that Russia’s Federal Security Service was reliant on a pair of alleged cybercriminals to hack into Yahoo and collect information.
Two contractors with cybercrime connections were among four individuals indicted in March by the Justice Department in a massive data breach that occurred at Yahoo in 2014. The other two were officers from FSB, which is one of Russia’s top intelligence agencies. Such a “blended threat” can create openings for investigators, said Adam Hickey, deputy assistant attorney general for the National Security Division.
“It’s an advantage to us because those are individuals that are more willing to travel, they are more likely to be less op-sec savvy in certain respects compared to an intelligence officer and that matters because apprehending them can … give us that human intelligence into the state-sponsored hacking,” Hickey said. “That can be very, very valuable in supplementing all-source intelligence.”
Hickey’s comments come at a time when the U.S. government is ratcheting up pressure against a nebulous cohort of hackers linked to Russian cyber-espionage operations.
The Justice Department is currently awaiting the result of an extradition hearing set for June 12 that would see Karim Baratov, a Canadian citizen accused of hacking Yahoo email accounts for the Russian government, be sent to the U.S. for interrogation.
Baratov, a 22-year-old who was born in Kazakhstan, was allegedly paid by Russian intelligence services to hack into 80 different email accounts, some of which belonged to prominent politicians, law enforcement officials and businessmen, according to the Justice Department.
If Baratov is extradited to the U.S., it will represent the first time the U.S. government has captured an active FSB hacker.
“You’re more vulnerable working with criminal hackers than not,” Hickey said while speaking at a cybersecurity conference in Washington, D.C., on Monday. “There’s a reason to be concerned about blended threats but I also think that working with criminals or those who travel or those who are not sworn intelligence officers leaves your organization more vulnerable, because I see we can pick those people up, we can reach those people.”
In early April, following the indictment of Baratov, notorious botnet operator and St.Petersburg resident Peter Levashov was arrested in Spain at the request of the U.S. government. Levashov has been called the “world’s most notorious criminal email spammer.” It remains unclear if or to what extent Levashov was involved with Russian intelligence forces.
The line between being a cybercriminal and intelligence professional in Russia has become increasingly blurred, according to a New York Times investigation.
It is not uncommon for the Russian government to be accused of shielding or otherwise protecting hackers from being prosecuted by foreign nations.