Canadian Man's Guilty Plea In Yahoo Hack Offers More Glimpses Of Russian Spy Case
Mike Eckel, Tom Balmforth November 29, 2017
WASHINGTON -- A Canadian man has pleaded guilty to his role in the 2014 hack of Yahoo's e-mail servers, the latest development in a mysterious investigation that has ensnared officers of Russia's main security agency.
Karim Baratov's plea, on November 28 in U.S. federal court in San Francisco, raises the possibility that he will cooperate with U.S. investigators probing not only the Yahoo hack but the role of Russian intelligence agencies in hacking U.S. political party computers during last year's presidential election.
Baratov, who was born in Kazakhstan and immigrated to Canada, was one of four people indicted by U.S. grand jury in February for the 2013 hack, which is one of the largest security breaches at an Internet company ever.
Two others named in the indictment were officers with the Center for Information Security, the main cyberdivision of the Federal Security Service (FSB), Russia's main intelligence and security agency. One was identified as Dmitry Dokuchaev, a deputy chief at the center who, three months earlier, had been arrested in Moscow and charged with high treason.
U.S. prosecutors said Baratov hacked into e-mail accounts of individuals of interest to the FSB and then sent passwords to those accounts to Dokuchaev in exchange for money. As part of his plea deal, prosecutors said, Baratov admitted to working for the FSB, as well as other "customers" looking for hacked e-mail accounts.
Russian officials accused Dokuchaev and his superior, Sergei Mikhailov, of passing classified information to Western intelligence agencies. At least three others are also facing treason and other serious charges, including a former Interior Ministry cybercrime investigator who later worked for Kaspersky Lab, the famed Moscow-based IT company. The head of the center was later reportedly pushed into early retirement.
'Systematic Hacking Effort'
Experts who have followed the case closely say the treason allegations are obscuring a more complicated, and potentially more consequential, series of events stretching back several years, as well obscuring hard evidence that Russian intelligence agencies oversaw a systematic hacking effort aimed at U.S. political parties, government agencies, and other politically influential figures.
The FSB cyberunit and U.S. law enforcement cooperated for many years in investigating international cybercrimes, such as hacking, stolen credit card information, bitcoin theft, child pornography and other crimes.
One of the other Russians indicted in the Yahoo hack was Aleksei Belan, who was wanted for major cybercrimes by the FBI for years. Last December, Belan, who is believed to be in Russia but is not known to be under arrest, was named by the U.S. Treasury Department as one of several individuals and entities involved in hacking the computers of the U.S. Democratic Party and other political organizations.
Since the arrests, the treason case has been shrouded in secrecy with only cryptic anonymous leaks being published in some Russian media.
'Case Of The Century'
Ivan Pavlov, a defense lawyer for one of the Russians charged in the case, told RFE/RL in an interview that his client, whom he requested not be named, had been arrested on the same day as the FSB officers, and was a private citizen.
He said it was unclear when any of the cases might actually go to trial, and he suggested that Russian authorities may not be seeking prosecution, but rather to prevent the release of information that could embarrass or undermine Russian intelligence agencies.
"We believe that the charges that are formulated first of all cannot be understood, and they cannot be understood for the simple reason that it is just a pretext: a piece of paper in order to hold them in isolation," he said.
"I will tell you right away: this is an extraordinary case. Perhaps this is case of the century," Pavlov said.
Copyright (c) 2017. RFE/RL, Inc. Reprinted with the permission of Radio Free Europe/Radio Liberty, 1201 Connecticut Ave., N.W. Washington DC 20036.
|Join the GlobalSecurity.org mailing list|