The raid on Russian hackers began

From left to right: Dokuchaev, Sushchin, Belan, Baratov

Until the mid-2000s, the Americans actively cooperated with the FSB in the search for cybercriminals, but soon discovered a strange thing. If the talented hacker could still be tracked down, he immediately disappeared from the radar and went underground. A few years later, it turned out that he was already working for Russian intelligence. “In calling our goals, in fact, we helped the FSB identify talented guys and recruit them,” laments Milan Patel, a former technology director of the FBI cyber division, and now managing director of the American company K2 Intelligence, which specializes in information security.

It soon became clear that Russian intelligence services drove the Americans by the nose, writes Buzzfeed. Russian intelligence not only recruited hackers, but also hired some of them under a contract to do dirty work, when you need to dig up information on a certain person, for example.
')
But the US intelligence was not going to give up. And the hunt began.

March 14, 2017 came to a logical conclusion a lengthy operation to uncover a criminal gang that may have been involved in hacking Yahoo in 2014 with a leak of 500 million accounts - the largest hack of its kind in history. On this day, a 22-year-old Canadian-Kazakh hacker, Karim Baratov, was detained at his home in Ankaster (Ontario), who is now awaiting trial in a US prison. This guy was performing hacker orders under a contract, including, probably, for the FSB. Such work allowed him to earn by 22 years a good house, Mercedes Benz and Aston Martin DBS cars (these are his cars at the time of his arrest, and on his Facebook page Baratov used to brag about cars like BMW, Audi and Lamborghini).

It is believed that the criminal group included Alexey Belan (29 years old), who is still being sought. Moreover, two full-time intelligence officers, Dmitry Alexandrovich Dokuchaev (33 years old, Forb online nickname) and Igor Anatolevich Sushchin (43 years old) collaborated with these guys.

The official position of Major Dokuchaev is a senior security officer of the 2nd Division of the Operational Directorate of the Information Security Center (CIB) for the FSB of Russia. According to Vedomosti , an operative of the Information Security Center (CIB) of the FSB Dokuchaev in December last year was arrested in the case under Art. 275 (high treason) together with Sergei Mikhailov, head of the department of the CIB, deputy head of the center. As for Sushchina, the Americans consider him the head of Dokuchaev. He was also an undercover agent and head of information security in one of the Russian investment banks.

The identities of those arrested on charges of state treason Russian hackers once again demonstrate that the Russian government uses cybercriminals for their own purposes. In fact, the FSB has many points of contact with the underworld. Recall the BlackEnergy Trojan, which was originally created by hackers for its own purposes, and then used to fulfill government orders, including in cyber attacks on the media and industrial facilities in Ukraine . Recall the use of botnets for DDoS attacks on Russian and foreign "political" targets. For example, a DDoS attack on Estonia in 2007 was organized as part of a public-private partnership, Patel is convinced.

Ruslan Stoyanov, the former top manager of Kaspersky Lab, told about the ongoing cooperation of independent hackers with government services and the implementation of the Kremlin’s state order - this company also participated in many cyber operations. This company was founded by Eugene Kaspersky (pictured), a graduate of the Institute of Cryptography, Communications and Information Technology at the FSB. For example, Kaspersky Lab specialists analyzed American programs that were used for espionage and sabotage (Stuxnet and others).

Stoyanov talks about the cooperation of cybercriminals and government customers.

“Also recently there have been evidences of the“ imperialization ”of Russian-speaking cybercrime, attempts to reach an agreement between cyber frauds and state officials. The essence of the deal is that the state gets access to the technologies and information of “cybervors” in exchange for allowing them to steal with impunity abroad, the cooperation of Stoyanov describes. “The most terrible scenario is to give cybercriminals immunity from retaliation for stealing money in other countries in exchange for intelligence.” If this happens, a whole layer of “patriotic thieves” will appear, violating the principles of the rule of law and the inevitability of punishment. ”

The arrest of Baratov and his accomplices in the FSB gave the go-ahead for a mass raid on Russian hackers, which the American special services immediately began. It seems that now it is just beginning. In early April 2017, Peter Levashov was detained in Spain (known online as Peter Severa). The 36-year-old resident of St. Petersburg led a free-living lifestyle and freely traveled the world. According to the wife of Levashov, at night, law enforcement agencies broke into the apartment in which the Levashov family lived while on holiday in Barcelona, ​​and detained her husband. It is assumed that Levashov is related to the notorious hacker group Fancy Bear, which hacked the servers of the National Committee of the US Democratic Party and others (to find compromising on Hillary Clinton), and generally carried out government orders since the days of the Georgian war.


Deface of the website of the President of Georgia during the armed conflict of August 9, 2008

In early January, another Russian programmer, Stanislav Lisov, was also detained in Barcelona, ​​who, if extradited to the United States, would face up to 30 years in prison. He is suspected of cyber fraud.

“We have reached a boiling point with Russia. They are the closest competitor to the US for cyber espionage and cyber attacks, ”Patel explains. “But Russia plays by other rules, and perhaps without rules at all.” Americans often found it difficult to distinguish the actions of criminal syndicates from politically motivated attacks related to the Kremlin, because these two worlds are no longer separate from each other.

In an interview, many experienced Russian hackers say that for them, hacking and working on the Internet are inseparable. In the early 90s, Internet access was not sold to individuals. It was possible to get on the Internet only after getting a corporate password on a dial-up of some office.


Russian in the Internet cafe, July 25, 1997, Moscow

That is, only with the help of hacking you could get online, there was no other way. All of us were then little hackers, but someone went further along this path. These guys now just need to reel fishing rods, because the Americans seem to go on the warpath.

In the course of the investigation, BuzzFeed News journalists contacted several Russian hackers and some of them talk about “real panic” in the community. No one knows what will happen next, how far the Americans are ready to go. Who is next in line for the arrest and landing.

Representatives of US law enforcement agencies commented that there are reasons for panic: “Gloves have been dropped,” said one of them. Hide who can.