Yahoo hack traced to Russian operatives

binary code

Half a billion Yahoo accounts were compromised back in 2014 as part of a hack which continues to have major ramifications across the IT sector. Now the Department of Justice in the US has charged two agents of Russia’s FSB for their involvement with the attack, according to BBC News.

Yahoo itself claimed at the time the hack was made public that the incident had been state-sponsored, rather than carried out solely by cybercriminals with the intent of making money by selling the stolen information. And if the DoJ’s indictments are upheld then it seems that this initial accusation will be proven accurate.

In addition to the 500 million affected accounts, the DoJ’s allegations also cover an additional 30 million, which were apparently breached in order to be harnessed as part of a separate scam involving the distribution of spam.

Acting attorney general, Mary McCord, spoke out about the charges, stating that the US would not accept actions aimed at compromising national security, individual privacy or business operations in the digital sphere.

Two other men, not directly linked to the FSB, were charged along with the pair of Russian agents identified as spies by many media outlets. Among them was 29 year old Alexsy Belan, who has been sought by the FBI for cybercrimes since 2014.

FBI spokesperson, Paul Abbate, spoke out about MI5’s involvement in helping with the investigation into the Yahoo hack. He called its contributions substantial and restated the importance of the partnerships between British and American intelligence agencies in combating this type of criminal activity.

When the breach was revealed, many accused Yahoo of waiting too long to admit that user accounts had been compromised and personal details stolen. And while financial information was not included, other information including birthdates and contact numbers were thought to feature.

The DoJ’s statement on the matter now confirms Yahoo’s claims that the hack was sponsored by Russian state organisations. It also pointed out that there was not currently believed to be a link between the men charged with this attack and the successful breach which hit the Democratic National Convention in 2016 and caused controversy ahead of the presidential election.

In response to these charges and accusations, Kremlin representative, Dmitry Peskov, issued a statement in which he refuted the claims of Russia’s involvement, at least in an official capacity. He said that the FSB was not participating in illegal cybercriminal acts, in spite of the apparent evidence that agents colluded with hackers to orchestrate this major incident.

What makes this turn of events even more significant is the fact that this is apparently the first time that the DoJ has indicted Russian officials directly, suggesting that there has been an escalation in hostilities between the two countries, at least in matters related to cybercrime.

Of the vast number of user accounts compromised in the original attack, eight million are estimated to have been linked to customers in Britain. Because Yahoo provides email services for other companies, the impact was felt more widely than might otherwise have been the case.

Big businesses are natural targets for cybercrime, whether enacted by state sponsored perpetrators or by standalone groups with no particular national affiliation or political motivation. This is why IT security is a topic that consistently hits the headlines, sparking debates about what should be done to prevent breaches, detect hacks and recover in the event that one is successful.

Many argue that companies looking to maintain the trust of customers should be more transparent about such issues and report attacks as soon as possible in order to maintain their reputations.