US Indictment of 4 Alleged Russian Cyber Attackers
The US District Court of the Northern District of California issued an indictment against 4 alleged Russian cyber attackers. In this briefing, we will take a look at the current facts surrounding the indictment, the indictment itself and its potential impact.
A US district court issued an indictment against Dmitry Dokuchaev, Igor Sushchin, Alexsey Belan and Karim Baratov on February 28th, which has now become publicly available.
Dmitry Dokuchaev and Igor Sushchin are reported to be employed by the FSB.
Wether the Mr. Dokuchaev indicted here and the one arrested by Russian authorities in early February on charges of treason are the same person remains to be confirmed.
Of the accused, only Mr. Baratov has so far been captured. The other men appear to currently reside within Russia, making an extradition to the US very unlikely.
The indictment alleges that the four accused were behind a number of hacks against Yahoo. It further alleges that information acquired during the hacks was then used in further attacks against governmental and private targets.
Indictments must adhere to defined formats and must list in detail what criminal behavior the indicted are accused of performing. The indictment is therefore a lot more verbose and detailed than the US governmental reports on alleged Russian hacking issued in late December 2016 and January 2017. A preliminary review of the indictment presents a realistic attack scenario. Wether or not the attacks took place as described and were indeed carried out by the accused will have to be decided by a court.
It is very unlikely that all four accused will appear in court to stand trial. Russia and the US do not share an extradition treaty and since the charges imply an involvement of the Russian government, neither country has an incentive to cooperate with the other. Trial in Absentia is rare in the US meaning that a court will likely only decide on the guilt of Mr. Baratov.
Both the US and Russia are likely to use this indictment as PR fodder against the other. Any tangible consequences however appear unlikely at this point in time. Wether or not the Mr. Dokuchaev indicted here and the one arrested in February are the same person is unlikely to change the overall severity of the charges. Both countries accuse one another of hacking and interfering with their respective electoral process. The default position of either country will thus be to dismiss any evidence brought forward against it by the other.