On the heels of a high-profile indictment announced earlier this week by the United States Department of Justice against five Chinese military officers, sources say Russian hackers could be among the next individuals targeted by the DOJ.
The Wall Street Journal, Foreign Policy magazine and the Chicago Tribune all reported this week that officials close to the US government’s hunt for foreign hackers say Russians are on the radar of the Justice Department, and could be named in the next DOJ indictment.
All three outlets hesitated to name their sources, but the Journal reported that people familiar with the government’s investigations said alleged cybercriminals in Russia are likely to be charged soon.
“For several years, the Obama administration has put Chinese and Russian cyber spies and criminals at the top of its list of worst offenders in what officials describe as a relentless campaign targeting American businesses for the benefit of those countries' own industries,” Shane Harris wrote for FP. “Estimates on the true cost of cyber-espionage range widely, but are generally believe by experts and officials to be in the tens of billions of dollars annually.”
As Harris reported, Federal Bureau of Investigation Director James Comey told members of the Senate Judiciary Committee this week that the FBI was aggressively pursuing further criminal investigations pertaining to foreign hacking cases, but fell short of announcing the filing of new charges. Now with Monday’s indictment out of the way and the US officially charging members of the Chinese military for the first time ever, however, multiple sources said that American authorities are gearing up to throw the book at Russian hackers.
Earlier this week, the Justice Dept. said that five Chinese individuals working within a highly-secretive cyber unit inside the People’s Liberation Army have stolen trade secrets and sensitive communications from six American entities, including major metal companies that compete with Chinese businesses and the US Steel Workers union.
“The range of trade secrets and other sensitive business information stolen in this case is significant and demands an aggressive response,” US Attorney General Eric Holder said in a statement on Monday.
“This administration will not tolerate actions by any nation that seeks to illegally sabotage American companies and undermine the integrity of fair competition in the operation of the free market,” Holder added.
Nevertheless, the Chinese government fired back and accused the US of hypocrisy, and its Foreign Ministry demanded a withdrawal of the indictment and called the US “the biggest attacker of China’s cyberspace.” As RT reported earlier this week, leaked National Security Agency documents released by former US government contractor Edward Snowden have revealed that the US does, in fact, conduct economic cyberespionage in order to spy on competitors in Brazil, France, Mexico and, indeed, China. As with China, the Russian government has adamantly denied any involved in cyber spying, and claims to lack the same technical abilities as the NSA.
And although the Justice Dept. declined to name any other targets of investigation while touting their latest cyber indictment on Monday, reports for years have suggested that Russian hackers have targeted US businesses in a similar way to what China’s PLA Unit 61398 are accused of doing.
Most recently, American cybersecurity firm CrowdStrike reported in January that the Russian government spied on hundreds of US, European and Asian companies, which Reuters called the first time ever that Moscow has been linked to conduct economic espionage over the web.
"These attacks appear to have been motivated by the Russian government's interest in helping its industry maintain competitiveness in key areas of national importance," Dmitri Alperovitch, CrowdStrike’s chief technology officer of CrowdStrike, said to Reuters at the time.
"They are copying the Chinese play book," he said. "Cyber espionage is very lucrative for economic benefit to a nation."
In March, researchers in the US also traced a piece of malicious malware known as Turla back to Moscow.
"It is sophisticated malware that's linked to other Russian exploits, uses encryption and targets western governments,” Jim Lewis, a senior fellow at the Center for Strategic and International Studies in Washington, told Reuters then. “It has Russian paw prints all over it.”