Undercover FSB Officer Indicted By U.S. Worked For Moscow Investment Bank
Mike Eckel, Carl Schreck March 18, 2017
WASHINGTON -- One of the two Russian FSB agents indicted by U.S. officials this week worked as an undercover officer at Renaissance Capital, a Moscow investment bank owned by billionaire Mikhail Prokhorov.
The officer, identified in the Justice Department indictment as Igor Sushchin, was fired from the bank on March 16, the day after U.S. officials announced the charges related to the massive 2014 hack of Yahoo.
Sushchin's firing, first reported by the Russian newspaper Kommersant, was confirmed to RFE/RL by an executive familiar with the matter but who was not authorized to speak publicly about internal company decisions.
Sushchin, who worked for a division of the bank called Renaissance Broker, was believed to still be in Moscow, though his whereabouts were not immediately clear, and there has been no public comment from him.
U.S. officials have formally requested his extradition and that of two other Russians named in the indictment: Aleksei Belan, who was indicted in the United States four years ago on hacking charges, and Dmitry Dokuchayev, an officer, like Sushchin, at the FSB, or Federal Security Service, Russia's lead security and intelligence agency.
Another man, Karim Baratov, was arrested in Canada this week and held pending a U.S. extradition request.
The Justice Department did not immediately respond to a request for comment on March 18.
Responding to the U.S. announcement, a Kremlin spokesman denied that the government had ever been involved in any cyberattacks and referred further questions to the FSB.
The U.S. indictment paints a picture of the FSB officers overseeing or being directly involved in computer hacking, including stolen e-mail accounts, and other secret programs designed to manipulate a user's account.
Yahoo said the 2014 breach affected 500 million user accounts.
The indictment identified Sushchin as the "head of information security at the Russian financial firm, where he monitored the communications of Russian financial firm employees."
Renaissance Capital is a major Moscow investment bank owned by Onexim group, a holding company that manages the assets of Prokhorov. A billionaire who made his wealth investing in Russia's nickel industry, Prokhorov challenged Vladimir Putin for the presidency in 2011 running as a liberal, pro-business opposition candidate.
He earned just 8 percent of the vote, however, and many political observers concluded that the Kremlin allowed him to run as a safe liberal option for voters disenchanted with the government. Prokhorov has disputed that.
Prokhorov has also drawn official scrutiny for his ownership of his media group RBK, which published articles investigating the assets of Putin's son-in-law. Onexim's offices were raided by FSB officials in April 2016. Later, a number of journalists either resigned or were fired, including the media group's editor in chief.
The U.S. charges appear to be unconnected to alleged Russian hacking of the Democratic National Committee and the FBI's ongoing investigation into alleged Russian interference in the 2016 presidential election.
But the charges do add to the mystery surrounding the arrest in December of two FSB officers who worked in the agency's Center for Information Security. One of those arrested was Dokuchayev, and he and his supervisor, Sergei Mikhailov, have been charged with high treason, reportedly for leaking classified information to U.S. intelligence.
Mikhailov does not appear in the newly announced U.S. indictments, though there is mention of another supervisor, called "FSB Officer 3."
The news that two FSB officers were arrested and charged with treason sent ripples through intelligence watchers and experts on cybersecurity.
The growing number of arrests, and a steady stream of leaks in Russian media over the past several weeks, offered potential glimpses into Russia's formidable security apparatus and its ties to shadowy underground hacking networks.
Belan, the hacker, had been indicted in 2012 and 2013, named a top wanted criminal by the FBI, and an arrest warrant was issued by Interpol in 2013. He was arrested in an unnamed European country but then escaped to Russia.
Belan's name appeared again in December when then-U.S. President Barack Obama announced the expulsion of 35 Russian diplomats and new sanctions against nine top officials and entities associated with the FSB and with Russia's military intelligence agency, the GRU.
Belan was one of two hackers also sanctioned in the order.
Copyright (c) 2017. RFE/RL, Inc. Reprinted with the permission of Radio Free Europe/Radio Liberty, 1201 Connecticut Ave., N.W. Washington DC 20036.
|Join the GlobalSecurity.org mailing list|