Cyber Security Expert weighs in on Yahoo hacking scandal

Two of those individuals - working for the Russian Federal Security Service. "We do not have an extradition treaty with Russian Federation".

The attack on Yahoo, disclosed past year, was one of the largest ever data breaches and at the time was blamed on a "nation-state" attacker. They are Dmitry Dokuchaev and Igor Sushchin.

Hackers got their initial access to Yahoo's network around early 2014, although it's not clear exactly how. That's where one of the hackers conducted reconnaissance work and discovered the key assets the attackers needed to be able to break into specific user accounts.

With access to the technology, the hackers spied on the contents of more than 6,500 individual users, according to the indictment.

The FSB officers "directed, facilitated and paid criminal hackers to collect information through computer intrusions", acting U.S. assistant attorney-general Mary McCord told reporters.

Two Russian spies and two notorious cybercriminals hacked Yahoo and used the stolen information for targeted attacks, according to indictments the Justice Department announced on Wednesday.

"These FSB officers used criminal hackers to gain information that clearly, some of which, has intelligence value", said McCord. The unit within the FSB where the two defendants work, known as Center 18, is the main "point of contact in Moscow for cyber-crime matters", according to McCord.

The Russian government had no official comment on the charges in the Yahoo case. It's a first for the US, which has never before indicted anyone from the FSB for cyber-crimes, said Edward McAndrew, a former federal cybercrime prosecutor and now co-chair of the privacy and data security group at the law firm Ballard Spahr LLP. Yahoo has said it believed it was the victim of a "state-sponsored" attack. In exchange for protection, Humpty Dumpty handed the FSB compromising material from hacked email accounts.

"As this indictment demonstrates, regardless of what methods are employed or where the criminal actors live, if you illegally target US citizens or American companies, you will be identified, pursued, and held to account wherever you are". Increasingly, it's a system that capitalizes on a vast and talented pool of Russian-speaking cyber criminals, blurring the lines between profit and intelligence gathering.

Though born in Kazakhstan, Mr. Baratov has Canadian citizenship and was taken into custody in Canada on Tuesday, the Justice Department said.

Recent events at the FSB only add to mysteries.

Among those named in the indictment, filed February 28 in the U.S. District Court for the Northern District of California, are FSB officer Dmitry Aleksandrovich Dokuchaev, 33; FSB officer Igor Anatolyevich Sushchin, 43; Alexsey Alexseyevich Belan, 29; and Karim Baratov, 22.

United States intelligence chiefs said in a report issued in January that their investigations showed Putin oversaw the effort that included hacking Democratic computers and communications and releasing embarrassing documents via WikiLeaks in order to hurt the campaign of Trump's rival Hillary Clinton.

Two Russian intelligence agents have been charged by the United States for orchestrating the 2104 Yahoo hack that led to 500 million user accounts being compromised. Belan allegedly targeted anyone searching for erectile dysfunction medication.

Targeted accounts are said to have included those belonging to "Russian journalists, Russian and USA government officials, employees of a prominent Russian cybersecurity company, and numerous employees of other providers whose networks the conspirators sought to exploit".

The announcement of the charges came shortly after the U.S. officials said they continue to investigate Russian interference in the 2016 presidential election through hacking.

An indictment reveals four people face charges which include conspiracy to commit computer fraud, economic espionage, theft and other related counts in connection to a massive Yahoo breach.

Police arrested Baratov under the extradition act.

It's unlikely that Russian Federation will extradite the men for trial in the US.

You can read the entire Department of Justice's announcement at the link below. In November or December of that year, according to the indictment, he copied and exported a backup of Yahoo's User Database.

Neighbours say they do not know Baratov well.

One mistaken click. That's all it took for hackers aligned with the Russian state security service to gain access to Yahoo's network and potentially the email messages and private information of as many as 500 million people.

The company has provided a knowledgebase article containing security recommendations on how users can better protect their accounts. Following the DNC hacks, the anti-secrecy group WikiLeaks published thousands of emails from Democratic Party officials and from John Podesta, the campaign chairman for Hillary Clinton.