tv Justice Department Indicts Russian Spies in Yahoo Hacking Attack CSPAN March 15, 2017 5:10pm-5:40pm EDT
hearingsf all eight current supreme court justices, starting with justice anthony kennedy in 1987. clarence thomas in 1991. ruth bader ginsburg, 1993. stephen breyer, 1994. john roberts, 2005. samuel alito, 2006. sonia sotomayor, 2009. and elena kagan in 2010. watch thursday at 8:00 p.m. astern on c-span2. earlier today the justice department announced charges were being brought against four people, including two russian intelligence officers, for the 2014 hacking of 500 million yahoo accounts. his is 25 minutes.
>> good morning, thank you for being here today. i'm mary mccord, acting director for the division of the department of jus tuss. with me, executive assistant director paul bayne, us district attorney for the district of california, and the national rector of affairs. we're here t announce a major law enrcent action related to one of the largest data breaches in rites history. we're
the defendants include two officers of the russian federal security service, an agescy of the russian federation and two criminal hackers with whom they conspired to accomplish these intrusions. demetry -- both f.s.c. officers protected, directed, facilitated and paid criminal hackers to collect information through computer intrusions in the united states and elsewhere. they worked with co-conspirators baritov yan and ka rim to hack into computers of american companies providing internet and email related services. to maintain unauthorized access to those computers and to steal information, including information about individual users and the private contents of their accounts. the defendants targeted yahoo! accounts of russian and u.s. government officials, including
cybersecurity diplomatic, and military personnel. they also targeted russian journalists, numerous employees of over providers whose networks the conspirators sought to exploit, and employees of financial services and other commercial entities. bailan has been indicted twice before in the united states for three intrusions into ecommerce companies that victimized millions of customers. and he has been one of the f.b.i.'s most wanted cyber criminals for more than three years. bailan's notorious criminal conduct and a pending interpol red notice did not stop the fsb officers who, instead of detaining him, used him to break into yahoo!'s networks. meanwhile, bailan used his relationship with the two fsb officers and his access to yahoo! to commit additional crimes to line his own pockets with money. specifically, he used his access
to yahoo! to search for and steal financial information such as gift cards and credit card numbers from users' email accounts he also gained access to more than 30 million yahoo! accounts whose contacts he then stole to facilitate an email scam. with these charges, the department of justice is continuing to send a powerful message that we will not allow individuals, groups, nation states, or a combination of them to compromise the privacy of our citizen the economic interests of our companies or the security of our country. for those who may not be familiar with the f.s.b., it is an intelligence and law enforcement agency and a successor to the soviet union's k.g.b. the f.s.b. unit that the defendants worked for, the center for information security, also known as center 18, is also the f.b.i.'s point of contact in moscow for cyber crime matters.
the involvement and direction of f.s.b. officers with law enforcement responsibilities makes his conduct that much more egregious. there are no free passes for foreign state sponsored criminal behavior. through the work of the national security division, the f.b.i., the united states attorneys' officers around the country, we continue to pursue national security cyberthreats using all available tools to investigate malicious activity and attribute it to the country, agency and even the individuals involved. when possible, and supported by the evidence, we intend to charge those individuals and bring them to justice. as i wrap up, i am also pleased to announce that a fourth co-conspirator charged in the dwimet, ka rim baritov, was arrested just yesterday in canada on a u.s. government provisional arrest warrant. i'd like to thank all of those who worked diligently to bring the investigation to this point,
including the men and women of the national security division, the f.b.i., and the u.s. attorney's offices for the northern district of california and the criminal divisions office of international affairs for their tireless work. i'd also like to extend a special thanks to yahoo! and google, whose customers were targeted and who cooperated with law enforcement. it is very important for corporations around the country to know that when you are going against the resources and backing of a nation state, it is not a fair fight and it is not a fight you are likely to win alone. but you do not have to go it alone. we can put the full capabilities of the united states behind you to make cases like this. but we cannot do it without your help. at this time, i'd like to introduce f.b.i. executive assistant director paula bates -- paul bates
who will aprovide additional details on today's announcement. >> thank you. today's announcement is a tremendous testament to the work and effort that have been done to identify and hold accountable those individuals believed to be responsible for this significant breach of yahoo!'s networks and information technology systems. this indictment details how russian federal security service officers working together with criminal hackers conspired to plan and carry out one of the largest cyber intrusions in u.s. historyful these perpetrators compromised the company's networks along with the accounts and personal information of approximately 500 million yahoo! users and further stole millions of user contacts in order to carry out fraud schemes for their own personal financial gain and enrichment, among other things. i want to note, this is a highly complex, long-term investigation
that is only -- that has only reached this stage sthroiflt relentless and persistent and dedicated efforts of the team. it also further underscores the immense and essential value of early, proactive engagement and cooperation between the private sector and the government. our ability to identify, detect and ultimately hold cybercriminals accountable you should the law while preventing and mitigating harm is contingent upon our ability to work closely and cooperatively with companies and individuals who are targeted and victimized as in this case. as mary noted, yesterday's rest of co-conspirator karim baritov in canada, executed by the canadian fugitive services squad, show ours dedication and commitment to finding and bringing to justice cyber criminals no matter where they operate or reside. the criminal hackers in this
case used a variety of techniques to access the information they sought. including email spearfishing, down loading malicious files and code onto yahoo!'s networks, leasing servers in the u.s. and around the world to carry out their schemes and avoid detection, and registering email accounts using false subscriber information. as this indictment demonstrates, lardest -- regardless of what methods are employed or where the criminal actors live if you illegally target u.s. citizens or american companies you will be identified, pursued and held to account wherever you are. i want to highlight and commend the exceptional work of the f.b.i.'s san francisco field office, the f.b.i. cyberdivision, the u.s. attorney's office for the northern district of california, and our partners here at the department of justice and the national security division. thank you to all of those involved for your outstanding and ongoing contributions to
resolving this case. we are extremely grateful as well to our international partners for their assistance and support leading up to these criminal charges today. those partners include canada's royal canadian mounted police and as mentioned, the toronto police service and their fugitive squad. as well, the united kingdom's mi-5 made substantial cricks to the advancement of this investigation also. i want to thank additionally our f.b.i. legal attache personnel in ottawa and in london for their great work in supporting and moving forward the operations and investigations that undtheerlie chaes today. and it to close by saying that wat the.b.i. together with our partners in the d.o.j. will continue to work hard day in and day out together with our interagency international and private sector partners to one, identify those who conduct cyberattacks against the united states and our allies, two, to
identify and expose them to the world, and three, most importantly, to hunt them down and hold them responsible no matter where they live or where they attempt to hide. thank you all for being here today and with that, i'd like to turn it over to brian, the u.s. attorney for the northern district of california. >> paul, thank you. my name is brian stretch, i'm the u.s. attorney in san francisco. i'm pleased to join the head of national security division and the executive assistant at the f.b.i. to advise you that criminal charges returned in connection with the widely reported yahoo! breach that occurred in 2014. as an important reminder to everybody, the criminal charges and the indictment announced today are allegations only and all four defendants are presumed innocent unless and until proven guilty. we are joined today by the investigating ausa, national
security division lawyers and experienced f.b.i. agents who worked tirelessly with yahoo! and google to identify the responsible parties and their methods and means for perpetrating one of the largest data breaches ever. silicon valley is home to the world's leading technology companies. the valley's computer infrastructure provides the means by which people around the world communicate with each other in business and in their personalives. every day, criminal hackers endeavor to gain unauthorized access to personal and proprietary information for nefarious purposes. the department of justice and the technology companies together share a common goal and responsibility to protect private communications from cybercriminals. the privacy and security of our internet based communications must be governed by the rule of law. people rightly expect that the
government and technology companies both will make every effort to ensure that communications through internet providers will remain private. exceptions to this principle should be few and governed by law. to this end, in recent years, the d.o.j. has made cybersecurity a top priority and has taken a number of steps to protect the public from cybercrime. part of this effort has involved conducting expensive outreach throughout silicon valley and elsewhere to encourage service providers to preare report unauthorized intrusions and the theft of trade secrets. both the d.o.j. and the technology companies throughout the country are beginning to see fruits of this outreach. the benefits of reporting intrusions to the u.s. government include the following. the companies are able to obtain assistance from the government oto determine the scope and extent of the intrusion and to
determine the identity of the hackers. the companies are also able to obtain information about what use the hackers put to the stolen information that has been obtained. and by working with investigators, the companies can target and limit investigator -- investigatory methods so as to prevent unnecessary access to private records of innocent victims and account holders. regardless of -- regarding the hacks we are talking about today, yahoo! and google informed d.o.j. of the data breaches, cooperated extensively with f.b.i. and d.o.j. tearns to investigate the intrusion and by leveraging the combined effort of the government and service providers, they assisted in effectuating a targeted, streamlined, an effective investigation. the update to this type of responsible
parties have been identified, charges have been returned, one defendant has been arrested, and arrest warrants have been issued for the remaining defendants. importantly, the cooperative efforts of the government and the private sector in this instance allowed the u.s. attorney's office, along with the national security division and the f.b.i. to accomplish these initial results while maintaining the fundamental privacy interests of the account holders who had their information stolen. we commend both yahoo! and google for working with our office, the f.b.i., and the national security division lawyers to identify and seek justice for the perpetrators of these intrusions. i'll turn it back to mary. >> we'll take a few questions now. >> i was wondering, what do you see as the purpose of this conspiracy? financeable gain?
intelligence gathering? >> what the indictment aledgetses is the fsb officers used criminal hackers to gain information that clearly some of which has intelligence value but in doing so, in using criminal hackers to do so, the criminal hackers used this opportunity also to line their own pockets and -- for private financial gain. >> you said this morning at "financial times" seminar that the government has a numb of tools at its disposal including prosecution. will the u.s. seek other means other than these indictments to go after the russians, sanctions, trade limitations? >> i think those are things that have yet to be dwerm. -- determine. we have committed to using all tools and we certainly in this case we were able to develop the evidence to the point where we were able to bring criminal charges consistent with the standard required for that. but that doesn't mean we won't look to see if there are other tools that might be available. >> will you look to see if there are other tools? >> i think we will definitely engage in those discussions and considerations. >> this ex--- >> is expulsion of diplomats one
of those? >> for this type of matter, that's something we're not prepared to address today. >> quickly, you talk about two of the indicted are members of the center 18, the f.b.i.'s point of contact in moscow on cyber crime matters. and you described in the press release as beyond the pale. wouldn't it be just natural that people would use that to exploit this? it seems a degree of naivete on the part of the u.s. government. >> i don't think it does. the point is, these are the very people we are supposed to work with, cooperatively , in law enforcement channels. rather than do that type of work they actually turned, you know, sort of against that type of work. and i can certainly pass to paul if he has additional comments on that. >> i would just add, we've had limited cooperation with that element of the russian government in the past. n this case, with respect to
telan, he's been charged previously in one case out of the northern district of california and also in nevada back in 2012. e have asked for his return. in 2014,, through official channels from the russian government and had no response. i think that's reflective of the relationship and the approach we needed to take in term os they have lack of cooperation we've gotten. >> is this the change or end? >> we need and have to have cooperation from all international partners in order to resolve cases like this among many other threats that we face. but when we look at this case, i'm speaking to this case now, we expect and hope for their cooperation here and in fact post this announcement, we're going to go out with another official request, not just for mr. bailan but also the other two individuals who are charged
here and residing in russia now. >> this model you're alleging the officers working with criminal hackers, is this sort of the new normal we're seing in russian? is this a deviation of how you expect these to be carried out? and how were you able to make the link that all four were involved together? >> to take your first question, i'm not going to be specific as to russia on that. we are certainly seeing more and re use by nation states of criminal hackers to carry out some of their intentions. i don't think that's necessarily ewe smoke to russia in this particular case of the fsb. and the indictment, i think, alleges in pretty great detail the conspiracy among these four men. the sharing of infrastructure and hacking techniques and tools and procedures. the sharing of the cookies that were minted to be able to gain access to accounts.
the additional-- things to do intrusions at other email providers such as google. >> guning there's -- do you think there's a connection between this case and russian fsb's interference in the lection and can you speak to the president's claim that he was spied on in trump tow her >> our indictment doesn't aloge any interference between this and intrusions in the d.n.c. and i have no comment on the other. >> f.s.b. was involved in both, was that coincidental? do you think it was coincidence for them to be hacking into google and other parts to be hacking into the election proces >> we don't have anything that suggests in our indictment that there's any relationshi between them. it's an ongoing investigation. >> is there any evidence you've uncovered? the indictment doesn't address
it. did investigators uncover any information, is this the same model you saw? >> i'm not sure i'm fully understanding your question about is this the same model that we saw. and if you're talking about use of criminal hackers, i don't know if that's what you're talking about, that's an ongoing an separate investigation and i don't have any further information on that. >> what about the fsb officers -- your remarks did not specify whether these fmbings sb officers were acting individually or on behalf of the fsb. that's the first question, the second question is, mr. bailan base offend the f.b.i. warrant says he's a latveian national. does the department -- the department of justice statement says he's russian. >> we'll have to get back to you with any collection there on those. >> you have two official
documents with -- can you answer the first question. >> i no longer recall your first question. >> the first question is whether these two fsb officers were acting individually or oen behalf of that agency. >> so when they're -- as our indictment alleges an as we have reason to believe based on our evidence, they were acting in their capacity as fsb officials. >> the attorney general is quoted -- the attorney general, is not recused from this investigation? >> he is not recused from this investigation. >> the authority granted to him in president obama's executive der about malicious hacking, is that a -- an enforcement tool you can use? >> there is as you are aware, there is an executive order that allows for sanction -- sanctioning in certain circumstancesing including circumstances involving economic espionage. again to go back to my response to pete's question, the tools
that are potentially on the table remain though table. >> can you just talk a little bit more about how to maintain, or if it's possible to maintain a trusting working relationship between the f.b.i. and the fsb given these indictments? how does that work? >> i think that's a challenge. something we're going to continue to work at. i think this case is going to be a great test of that so we can gauge the level of cooperation we get from them now having charged these individuals, we would like to see their full cooperation and assistance in bringing those individuals to justice, to justice and further aiding us in expanding the scope of the investigation. chaev, he hadbout a history before going to the fsb of operating in the dark web and using this alias of four. do you have any details about whether he continued using that alias, continued conducting criminal activity once he was
formally part of the f.s.b., and which dark form did he operate on and what criminal activity did he engage in? >> i'm not prepared to talk about those questions, only what we're covering in this indictment. >> to clarify an earlier question, did you see a similar strategy omol that was used in the d.n.c. hack as you saw in this case? >> that's an ongoing investigation so it's not one i'm prepared to discuss what we've seen and how -- what the status of that investigation is. >> is the d.o. -- has the d.o.j. or f.b.i. heard anything about the possibility of extradition? >> we do not have an extradition treaty with rumb. we hope they would respect our criminal justice system and respect that these charges -- respect these charges and what they need to do. >> last question. when can we expect -- [inaudible] >> that's an ongoing, pending matter, which extradition will
be requested but i can't estimate what kind of timeline that would be on. >> back to a previous question do, you and the justice department have any evidence that president trump was wiretapped during his campaign? >> that's not part of this indictment or what we're here to discuss today. >> all right, thanks very much folks. [captioning performed by national captioning institute] [captions copyright national cable satellite corp. 2017] >> the house is in recess but members will return at 6:30 eastern time for votes an speeches. a short time ago, lawmakers debated three bills on the floor including one that redesignates the martin luther king jr. national history site in georgia as a national hist toric park. tomorrow, work on a measure relating to veterans, mental health, and second amendment rights. and another bill that would expand the ability of the v.a. to fire or demote employees based on performance or misconduct.
you can follow the house live here on c-span when members gavel back in in just under an hour at 6:30 eastern time. tonight, watch remarks from president trump as he holds a rally with supporters in nashville, tennessee. you can see those comments live at 7:30 eastern on c-span2. if the senate has gone out of session by then. >> c-span's "washington journal" live every day with news and policy issues that impact you. coming up thursday morning, virginia republican congressman tom garrett discusses the house g.o.p. health care bill. then, wisconsin democratic congressman mark pocan, first vice chair of the progressive caucus, looks at the house democratic agenda, the g.o.p. a.c.a. repeal and replace bill, and the trump budget. and howard schneider talks about the decision by the federal
reserve to raise the short-term interest rate and how consumers could be affected by the decision. watch c-span's "washington journal" live at 7:00 a.m. on thursday morning. join the discussion. >> tomorrow the house budget committee meets to discuss the republic proposal to repeal the health care law. yesterday, the congressional budget office released its report on the bill saying it would save $337 billion in federal spending over the next 10 years. but around 24 million people would lose health coverage by 2026. the bill passed through the house ways and means and energy and commerce committees last week by party line votes. see the house budget committee meeting thursday at 10:00 a.m. astern on c-span2. >> please raise your right hand. >> with the confirmation hearing for supreme court nominee neil gorsuch starting next week, on thursday at 8:00 p.m. eastern, we'll look at the condition
firmation hearings of all eight current supreme court justices. starting with justice anthony kennedy in 1987. clarence thomas in 1991. ruth bader binsgurg -- ginsburg, 1993. stephen breyer, 1994. john roberts, 2005. samuel alito, 2006. sonia sotomayor, 2009. and elena kagan in 2010. watch thursday at 8:00 p.m. astern on c-span2. >> sunday night on "after words,"iochemist lvia tra looks theisryndcice hi by t eroo"t cr le f." shs teied ee codathedalepte f heewortis. >>he's aetoi. atouwehts. esthae y g o
he >>t'ge wacmuteor fa weos l ofa f stgorneth wve h. eyecneitag grthornehat he u reiltiuendepou f e tabalindein wh e. tes to t rn veecne thge bh meanenwe bo he sss ge yocatathayodi wn u re2. it n jt e ve o tns,t'thdiriti th'sffteasel >>uny ghat 90 m. stern. "tewos. tay fer rer cir jat yleanund auarter peeninea ith ncarsht-rmntes ra. rkg s trd iree nc th20 reson me t me llest a inea iboowgos f edit car a oer short-rmoa. iss 5mite