FBI, DHS Warn of Hacker Mercenaries Funded by Nation-States

By Joseph Marks

December 1, 2017

Lines between government-backed hackers and cyber criminals are getting fuzzier, top officials told lawmakers Thursday.

That’s one message the FBI wanted to send when it indicted two Russian intelligence officers and two criminal co-defendants for a major breach of the Yahoo email service in March, Director Christopher Wray said.

We are seeing an emergence of that kind of collaboration which used to be two separate things—nation-state actors and criminal hackers,” Wray told the House Homeland Security Committee. “Now there’s this collusion, if you will.”

The Homeland Security Department is also following the trend, acting Secretary Elaine Duke told the committee.

What we’re having to do is really understand, as the director said earlier, the difference between state actors, people [who are] maybe just looking for financial gain and those hybrid actors and that’s become more difficult,” she said.

Homeland Security leads civilian government cybersecurity and helps critical infrastructure providers, such as airports, banks and hospitals, secure their computer networks.

U.S. officials have long feared that cyber criminal networks, which operate with relative impunity in parts of Russia, could be deputized for hacking operations that serve the Kremlin’s interests.

Russian President Vladimir Putin even speculated that “patriotic hackers” in Russia might have been responsible for email breaches at Democratic political organizations that sowed chaos during the 2016 U.S. presidential election. He’s disputed, however, U.S. intelligence agencies’ conclusion that the Russian government ordered those breaches.

Increasingly, however, such hybrid government-criminal breaches are becoming a reality, Wray told lawmakers.

You have the blend of a nation-state actor, in that case, the Russian intelligence service, using the assistance of criminal hackers, which you think of almost like mercenaries, being used to commit cyberattacks,” the FBI director said.

Russia is attempting to assert its place in the world and relying more creatively on a form of asymmetric warfare to damage and weaken this country economically and otherwise,” he said.   

It’s highly unlikely the Russian Yahoo hackers will see a U.S. courtroom because the U.S. does not have an extradition agreement with Russia, Wray acknowledged.

On the other hand, if they travel, that’s going to be a challenge for them because they are now, at that point, fugitives wanted by the FBI,” he said.

Wednesday’s House Homeland Security hearing focused broadly on worldwide threats including domestic and international terrorism, aviation security and border security.

Also during Thursday’s hearing:

By Joseph Marks // Joseph Marks covers cybersecurity for Nextgov. He previously covered cybersecurity for Politico, intellectual property for Bloomberg BNA and federal litigation for Law360. He covered government technology for Nextgov during an earlier stint at the publication and began his career at Midwestern newspapers covering everything under the sun. He holds a bachelor’s degree in English from the University of Wisconsin in Madison and a master’s in international affairs from Georgetown University.

December 1, 2017