White House hacking reports highlight digital cold war between US, Russia

The Obama administration hasn't confirmed reports that Russians hacked into the White House last year. But the news comes amid growing Russian cyberattacks on American interests and US efforts to arrest and extradite the alleged culprits. 

Reports this week about Russian involvement in computer intrusions at the US State Department and White House bring fresh attention to growing tensions between the two nations on cybersecurity matters.

US officials have so far refused to confirm or deny reports claiming that Russian hackers were behind sophisticated attacks on unclassified networks at the White House and State Department last October. A few reports suggest that the hackers were acting on the instructions of the Russian government and that the attacks were likely retaliation for US and European Union sanctions against Russia over its actions in Ukraine.

An aide to Russian President Putin this week brushed aside recent allegations of hacking, insisting that blaming everything on Russia has become a sport for some when it comes to cybercrime.

But beneath the surface there are real tensions between the two countries that could quickly escalate, say experts. US frustration with what it views as Russia’s laissez-faire attitude toward criminal hackers has pushed American law enforcement to direct action in recent years, arresting and extraditing Russian nationals wanted for some of the biggest criminal cyberattacks in recent years. 

State sponsored Russian cybergroups are the greatest threat to US assets on the Internet, says Tom Kellermann, chief cybersecurity officer at security firm Trend Micro. Mr. Kellermann, who was a member of a task force that presented security recommendations to President Obama before his first term, says a cold war with Russia is burgeoning in cyberspace.

“[The Russians] are colonizing our most sensitive government, financial, and energy sector systems, for the purposes of reconnaissance and as a preparatory move in case tensions with NATO take a turn for the worse,” he says.

Most of the US indictments against alleged Russian hackers have been in connection with financial crimes. But security analysts say Russia’s digital capabilities in cyberspace extend well beyond the financially motivated attacks that tend to draw the most attention.

If Russian hackers wanted to attack targets in the US, they could do it, says Tom Chapman, director of the cyberoperations group at the security firm EdgeWave, and a retired Navy intelligence officer. “Russian government hackers are some of the best in the world,” he says. “They realize the power of cybercapabilities and they are willing to use it.”

American law enforcement agencies have been stymied in their efforts to go after cybercriminals in Russia largely due to the lack of cooperation from Moscow, say experts. So their best option has been to issue indictments and wait for their targets to make mistakes such as travelling to countries that either have extradition treaties with the US or good relations with Washington. 

Some time in the next few weeks, for instance, Russian national Vadim Polyakov will be extradited to the US to face charges that he and five others hacked into 1,600 accounts at StubHub, the online ticket vendor owned by eBay, and used credit cards associated with those accounts to purchase and sell tickets to major events in New York. Prosecutors alleged the scheme caused more than $1 million in losses to StubHub.

Mr. Polyakov was seized by Spanish law enforcement outside his hotel in Salou, Spain, last July while he was vacationing there, says his New York-based criminal attorney Arkady Bukh. Spanish authorities agreed to extradite him to the US earlier this year at the American government’s request and over the Russian government’s protests.

Russia has called the pending extradition an illegal and extraterritorial application of US laws to a Russian national. In comments to Russian news agency TASS, Moscow has accused the US of ignoring a 1999 mutual legal assistance treaty and warned that Polyakov could face “ politicized justice and be subject to physical pressure” in the US.

The Russian Embassy in Washington did not respond to a request for comment.

The Polyakov case is a familiar theme, Mr. Bukh says. Polyakov is one of several Russian nationals that the US has managed to nab in similar circumstances in recent years to the increasing fury of the Russian government.

Last July, Russian lawmaker Valery Seleznyov accused the US government of kidnapping his son Roman Seleznyov after authorities in the Maldives arrested the younger Seleznyov at the Malé International Airport at the US government’s request.

Secret Service agents hustled Mr. Seleznyov to a private plane just as he was about to board a flight to Moscow, says Bukh. They flew Seleznyov to Guam, detained him there for several days, and then extradited him to Seattle where he faces charges related to his involvement in a hacking group that stole credit card numbers from US retail systems.

Another example is Vladimir Drinkman, a Russian national accused of participating in a cybercrime group that stole data on 160 million credit and debit cards by breaking into systems at the Nasdaq exchange, 7-Eleven Inc., the Carrefour City supermarket chain, Dow Jones, and JetBlue Airways Corp.

Mr. Drinkman and his alleged partner in crime, Dmitry Smilyanets, were arrested at the behest of US authorities in 2012 while vacationing in the Netherlands. Mr. Smilyanets was extradited to the US in 2012. Drinkman was extradited earlier this year and is set to face trial in a New Jersey federal court later this month in the biggest cybertheft case in US history. He faces up to 20 years in prison if convicted on all counts.

As with the other arrests, Russian authorities have labeled the extraditions of Drinkman and Smilyanets as illegal and warned that Russian nationals face “prejudgement” in US courts.

Because of the threat posed to American interests in cyberspace, US law enforcement has been serious about going after East European and Russian gangs, says Thomas Brown, a senior managing director at the forensic and litigation consulting practice at FTI Consulting.

“US law enforcement is fairly aggressive when it comes to cybercrime,” says Mr. Brown, also former chief of the cybercrime unit at the US Attorney’s Office for the Southern District of New York. “Being able to arrest people no matter where they are has a powerful deterrent effect.”