DoJ Indicts 4 In Old Yahoo Breach

Today the Department of Justice announced the indictment of 4 in the 2013 Yahoo breach – three years after it happened.

Two of the people indicted are members of the Russian FSB.  Under Russian law, the FSB is part of the Russian military and responsible for, among other things, counterespionage.

The other two indicted are Russian hackers, hired, the DoJ says, by the FSB to do some of the dirty work.

As has already been reported, once a hacker has access to a user’s Yahoo mail credentials, that also gives them, similar to GMail, access to all of the other Yahoo services such as Flickr, Tumbler and others.

The FSB, the successor to the KGB, is responsible for counterespionage, among other responsibilities.

The DoJ says that the FSB wanted access to the Yahoo accounts of journalists, dissidents and U.S. Government Officials So that they could find out what they are up to and alternatively, to blackmail them.

I wasn’t aware of this, put apparently the FSB has a bit of a capitalist leaning, even though they are Russian.  The FSB took what they wanted from the hack and allowed the hackers to use the rest of the data for their own thieving purposes.

One of the hackers was arrested in Moscow in December.  Needless to say, the Russians are not likely to turn him over to us.

One of the other people charged was in custody in Greece for some time but managed to make his way back to Russia.

The other hacker-mercenary was born in Kazakhstan but is a Canadian citizen.  He was arrested in Canada yesterday.  The Canadians will likely turn him over to the U.S. authorities.  He is likely the only one of the four that the U.S. will get their hands on.  UNLESS, one of them is stupid and decides to travel to a country more friendly to the U.S. than Russia.  Believe it or not, that has occurred on more than one occasion.

It is certainly possible that President Trump could add additional sanctions against Russia as President Obama did last year.  That is an option available to the U.S. if it chooses.

The indictments are also useful to let people know that even if the U.S. cannot capture the bad guys, they do have the ability, in a few very high profile cases, to spend the resources to identify the bad guys.  That might dissuade at least a few hackers who think that they might be caught.

In the grand scheme of things, most hackers understand that in 99.9% of the cases, unlike a case where 500 million accounts were hacked and another 1 billion accounts at the same company were later hacked, the FBI is HIGHLY unlikely to spend the resources to find the culprit, so they are reasonably safe.

As it is said, pigs get fat but hogs get slaughtered – in other words, keep your hack small enough to be below the interest level of the law enforcement establishment.

Since a large percentage of the bad guys hail from countries that are not terribly friendly with us – ones which whom we do not have extradition treaties – the FBI likely calculates the odds of being able to actually lay their hands on the bad guys as part of the calculus of how much of their limited resources to expend tilting at windmills.  And the bad guys know this.  Of course, some of the hackers are in America and some of them do get caught.  However, as is the case with many other crimes, the crooks make a calculated assumption that THEY are not going to get caught, even if other crooks will get caught.

Unfortunately for us, in many cases the crooks are right and the odds are in the crook’s favor.  And definitely, the odds are, almost always, against the FBI.

Information for this post came from the Washington Post.

by