US ramps up Russian cyber hacker arrests despite Trump’s courting of Putin
Seven Russian citizens have been arrested or indicted on US cybercrime charges this year, a significant rise from an average of just two annual extraditions to the country between 2010 and the start of 2017.
The record number of arrests suggests that although President Donald Trump is making gestures to improve relations with Moscow, the United States has not shied away from pursuing Russians suspected of cybercrime.
The prosecutions coincide with intensified scrutiny of Kremlin-backed hacking since US intelligence officials determined that Russia interfered in the 2016 US presidential election, using cyber warfare methods to give Trump a boost over Democratic candidate Hillary Clinton.
The Kremlin has denied accusations it has interfered in any elections.
US opposition lawmakers have questioned whether President Trump is willing to respond forcefully to Moscow over its actions in cyberspace, and the White House has avoided explicit accusing Russia of recent politically-motivated hacking attacks.
Alarmed by President Trump’s proposal to create a joint US-Russia cyber security unit, US lawmakers have also drawn up a draft bill that would require him to notify lawmakers before he does so.
Four anonymous US federal law enforcement officials have said there had been no centralised effort to step up action against Russian cyber criminals under President Trump.
The increase in arrests stemmed from breakthroughs made in investigations before the 2016 presidential election, two of the officials commented. The US Justice Department said it did not track arrests or indictments by nationality and declined further comment.
Some US officials, however, acknowledged that individual agents may now be more motivated to move against Russian cyber criminals following the presidential election hacking scandal.
Russian hackers are active at all levels of cybercrime, from thefts of individuals' online banking details, to bringing down the computer networks of multi-national companies and government departments.
John Carlin, who until last October ran the national security division of the US Justice Department as assistant attorney general, said resources had already been moving towards pursuing Russian nationals before the 2016 election.
But he added: “Their outrageous activity to undermine the integrity of our election, like they did in western Europe before and have done since, can only have added fuel to the fire.”
According to interviews with five people who knew the men arrested this year—all of whom declined to be named for fear of prosecution—the arrests have shaken the Russian cybercrime community.
“Now they are arresting even those who had a super indirect, not even direct connection to what they call influencing their election,” said one.
Used to operating across borders with relative impunity, Russian cyber criminals are now worried the prosecutions will lead to further arrests or harm their operations.
They may be cutting back on trips abroad that were once seen as a calculated risk due to the risk of arrest and extradition, but are now viewed as increasingly foolhardy.
“We have monitored criminals discussing the aftermath (of the arrests) ... and it is clear they are concerned about two things,” said Ilya Sachkov, head of cyber security firm Group-IB, whose Threat Intelligence unit specialises in monitoring and tracking the Russian-speaking cyber crime community.
“First, what the arrested members potentially know about them, but second and more importantly, a disruption in their ability to make money.”
One of those arrested this year was Peter Levashov, charged by US prosecutors with operating one of the world’s largest botnets, or networks, of infected computers used by cyber criminals. He denies the charges.
A person who knew Levashov by his online identity Severa said his arrest in particular had rattled underground cyber criminal circles because he was so well known.