lolloj - Fotolia

US sentences two Russians for huge data breaches

The US has sentenced two Russian cyber criminals who targeted major payment processors, retailers and financial institutions around the world, as the US joins the UK in condemning Russia for the 2017 NotPetya attacks

Two Russian nationals have been given jail terms for their role in a worldwide hacking and data breach scheme, five and a half years after being arrested.

Vladimir Drinkman (37) and Dmitriy Smilianets (34) were part of one of the largest cyber criminal operations prosecuted in the US that targeted major corporate networks, compromised 160 million credit card numbers and resulted in hundreds of millions of dollars in losses.

The pair not only stole over 160 million credit card numbers from credit card processors, banks, retailers and other corporate victims, they also used their bounty to fuel an underground market for stolen information, said acting assistant attorney general John Cronan.

“While mega breaches like these continue to affect millions of individuals around the world, hackers and would-be hackers should know the US Department of Justice will use all available tools to identify, arrest and prosecute anyone who attacks the networks on which businesses and their customers rely,” he said.

Drinkman previously pleaded guilty to one count of conspiracy to commit unauthorised access of protected computers and one count of conspiracy to commit wire fraud, and was sentenced to 12 years in prison.

Smilianets previously pleaded guilty to conspiracy to commit wire fraud in a manner affecting a financial institution and was sentenced to time already served of 51 months and 21 days, which means he is likely to be released from prison soon.

In addition to the prison terms, Drinkman and Smilianets were sentenced to three years of supervised release.

Extradition to the US

Drinkman and Smilianets were arrested while on holiday in the Netherlands on June 28, 2012. This tactic is commonly used by the US and its allies due to the lack of extradition treaties with Russia and other cyber criminal-friendly countries. Drinkman was extradited to the US in February 2015, and Smilianets was extradited in September 2012.

However, three known associates charged at the same time as Drinkman and Smilianets are still at large. They are Russians Alexandr Kalinin (31), Roman Kotov (36) and Ukrainian Mikhail Rytikov (30).

In 2009, Drinkman and Kalinin were charged alongside Florida resident Albert Gonzalez over the Heartland Payment Systems breach and four other cyber attacks. Gonzalez is currently serving a 20-year sentence in federal prison.

Drinkman and Kalinin specialised in penetrating network security, mainly using SQL injection attacks and gaining access to the corporate victims’ systems, while Drinkman worked with Kotov to mine the networks to steal valuable data. The hackers hid their activities using anonymous web-hosting services provided by Rytikov, while Smilianets sold the information stolen by the other conspirators and distributed the proceeds of the scheme.

Organisations targeted by the gang include the Nasdaq, 7-Eleven, Carrefour, Heartland, JetBlue, Dow Jones, Euronet, Visa Jordan, Global Payment, Diners Singapore and Ingenicard.

“These defendants operated at the highest levels of illegal hacking and trafficking of stolen identities,” said acting US attorney William Fitzpatrick.

“They used their sophisticated computer skills to infiltrate computer networks, steal information and sell it for a profit. Perpetrators of some of the largest data breaches in history, these defendants posed a real threat to our economy, privacy and national security, and cannot be tolerated,” he said.

Read more about cyber crime

The number of prosecutions of cyber criminals has been growing since 2013, when the US government announced plans to put diplomatic pressure on other governments over cyber crime and prosecute offenders.

Mark McKevitt, special agent in charge of the US Secret Service Newark Field Office, said the case demonstrated the investigative capabilities of the Secret Service and the collaborative efforts of US law enforcement partners.

“The Secret Service will continue to develop innovative ways to protect the financial infrastructure of the United States and bring to justice cyber criminals who use emerging technologies to conduct business,” he said.

UK and US criticism

The sentencing of these Russian cyber criminals coincided with UK and US criticism of Russia for the NotPetya attacks on Ukraine in June 2017 that had a significant economic impact on companies around the world.

“We call on Russia to be the responsible member of the international community it claims to be, rather than secretly trying to undermine it,” said Tariq Ahmad, UK Foreign Office minister for cyber security.

The White House followed suit in condemning Russia for the attacks. “This was also a reckless and indiscriminate cyber attack that will be met with international consequences,” said White House press secretary Sarah Huckabee Sanders, but gave no indication of what those consequences will be.

Russia has denied it was behind the attack, saying it was part of a “Russophobic” campaign that it said was being waged by some western countries, according to Reuters

Read more on IT for financial services