WEBVTT - U.S. Government Files Charges in Yahoo Hacking (Audio)

0:00:00.080 --> 0:00:03.040
<v Speaker 1>The US government has accused Russia of directing some of

0:00:03.080 --> 0:00:06.640
<v Speaker 1>the world's most notorious cyber criminals to break into half

0:00:06.640 --> 0:00:10.440
<v Speaker 1>a billion accounts at Yahoo in a sweeping criminal conspiracy

0:00:10.520 --> 0:00:15.080
<v Speaker 1>that married illicit profits with intelligence gathering. The federal indictment

0:00:15.160 --> 0:00:19.640
<v Speaker 1>charges to Russian intelligence officers and two hackers with conspiring

0:00:19.720 --> 0:00:22.520
<v Speaker 1>to carry out one of the largest cyber intrusions in

0:00:22.680 --> 0:00:25.919
<v Speaker 1>US history. The government was sending a clear message to

0:00:26.000 --> 0:00:29.880
<v Speaker 1>Moscow that cyber attacks would not be tolerated. Here's Acting

0:00:29.880 --> 0:00:34.239
<v Speaker 1>Assistant Attorney General Mary McCord. The involvement and direction of

0:00:34.360 --> 0:00:38.479
<v Speaker 1>FSB officers with law enforcement responsibilities makes this conduct that

0:00:38.560 --> 0:00:42.040
<v Speaker 1>much more egregious. There are no four free passes for

0:00:42.040 --> 0:00:46.600
<v Speaker 1>foreign state sponsored criminal behavior. The Russians targeted a diverse

0:00:46.640 --> 0:00:50.080
<v Speaker 1>crew from the White House and military officials, two executives

0:00:50.080 --> 0:00:53.760
<v Speaker 1>at banks and global companies. Our guests are and mckennack,

0:00:53.840 --> 0:00:56.920
<v Speaker 1>professor at Penn State Law School, and John reid Stark,

0:00:57.240 --> 0:01:00.120
<v Speaker 1>founder of John reid Stark Consulting and founder of the

0:01:00.240 --> 0:01:05.240
<v Speaker 1>SEC's Office of Internet Enforcement. John. In the announcement, the

0:01:05.319 --> 0:01:08.480
<v Speaker 1>government made its case to the public that Moscow is

0:01:08.600 --> 0:01:13.360
<v Speaker 1>orchestrating criminal hacks with cyber criminals tell us more about

0:01:13.480 --> 0:01:18.760
<v Speaker 1>the Russian cyber spying regime. Sure, Jean, how are you

0:01:19.040 --> 0:01:22.800
<v Speaker 1>this afternoon? And thanks for inviting me to talk to you. Uh.

0:01:22.920 --> 0:01:25.080
<v Speaker 1>You know, when I read this, I thought, like Captain

0:01:25.080 --> 0:01:28.280
<v Speaker 1>Renault and Casablanca. Remember, I'm shocked, shocked to find the

0:01:28.360 --> 0:01:32.160
<v Speaker 1>gambling is going on. It's this kind of hacking in

0:01:32.200 --> 0:01:34.000
<v Speaker 1>this kind of scheme has been going on for quite

0:01:34.040 --> 0:01:36.840
<v Speaker 1>some time, dating back to when I was at the SEC. Remember,

0:01:36.920 --> 0:01:39.959
<v Speaker 1>there have been cyber attacks on the federal government dating

0:01:40.000 --> 0:01:42.840
<v Speaker 1>back that are documented, dating back to two thousand nine,

0:01:42.880 --> 0:01:47.119
<v Speaker 1>two twelves, all over the place and by various different

0:01:47.120 --> 0:01:52.160
<v Speaker 1>state sponsored terrorist regimes. So I don't know that this

0:01:52.280 --> 0:01:55.520
<v Speaker 1>is anything new. But what's amazing is that these people

0:01:55.520 --> 0:01:58.400
<v Speaker 1>were finally caught, and I think the FBI has really

0:01:58.440 --> 0:02:00.840
<v Speaker 1>got to be commended here. I'm sure this investigation took

0:02:00.920 --> 0:02:03.480
<v Speaker 1>quite some time. It's the first time, as far as

0:02:03.520 --> 0:02:08.600
<v Speaker 1>I can tell, that actual Russian intelligence officials were indicted

0:02:08.680 --> 0:02:11.000
<v Speaker 1>right along with the hackers that they had engaged to

0:02:11.040 --> 0:02:14.640
<v Speaker 1>carry on these arts. On that last point, what what

0:02:14.800 --> 0:02:17.720
<v Speaker 1>is the significance of that The fact that for the

0:02:17.760 --> 0:02:23.280
<v Speaker 1>first time Russian FSB agents were included in an indictment.

0:02:25.040 --> 0:02:28.639
<v Speaker 1>It's thanks for having me, folks. It's really it's significant

0:02:28.760 --> 0:02:31.560
<v Speaker 1>just because we've heard so much in the news. Our

0:02:31.560 --> 0:02:34.280
<v Speaker 1>election cycle was filled with these you know, allegations of

0:02:34.360 --> 0:02:37.840
<v Speaker 1>Russian hacking, um and interference with the election, and so

0:02:37.919 --> 0:02:40.720
<v Speaker 1>to see the FBI and the Department of Justice come

0:02:40.720 --> 0:02:45.400
<v Speaker 1>out so clearly with you know, very strong charges both

0:02:45.480 --> 0:02:49.799
<v Speaker 1>based on economic espionage for foreign as well as our

0:02:49.840 --> 0:02:53.400
<v Speaker 1>federal laws for computer fraud and abuse, UM, it's really

0:02:54.200 --> 0:02:59.040
<v Speaker 1>it's significant, and it shows that, you know, they were

0:02:59.120 --> 0:03:02.760
<v Speaker 1>very careful I'm sure before making these charging documents public.

0:03:03.320 --> 0:03:07.000
<v Speaker 1>It shows that they are really ready to back up

0:03:07.080 --> 0:03:10.080
<v Speaker 1>and and to to prosecute this. You know. What's going

0:03:10.080 --> 0:03:11.680
<v Speaker 1>to be the trick here though, is one of the

0:03:11.880 --> 0:03:15.200
<v Speaker 1>one of the hackers involved has already you know, been

0:03:15.280 --> 0:03:17.880
<v Speaker 1>on the list to be extradited from Russia, and Russia

0:03:17.919 --> 0:03:20.960
<v Speaker 1>of course has not extra extradited that hacker. So what

0:03:21.040 --> 0:03:23.720
<v Speaker 1>remains to be seen now is what's the fallout going

0:03:23.760 --> 0:03:27.919
<v Speaker 1>to be for US Russian relations when US demands extradition

0:03:28.080 --> 0:03:30.799
<v Speaker 1>of these two FSB officers. As I think where we're

0:03:30.800 --> 0:03:33.360
<v Speaker 1>really going to see things get sticky, particularly with you know,

0:03:33.480 --> 0:03:36.880
<v Speaker 1>current presidential politics John that that is one of the

0:03:36.960 --> 0:03:42.080
<v Speaker 1>questions here. What if you've got the Russian government involved,

0:03:42.160 --> 0:03:46.000
<v Speaker 1>and you've got hackers who you can extradite, How effective

0:03:46.000 --> 0:03:48.440
<v Speaker 1>can it be to bring indictments and situations like this.

0:03:49.760 --> 0:03:52.640
<v Speaker 1>It's always effective. I don't think it's obviously not as

0:03:52.640 --> 0:03:55.680
<v Speaker 1>effective as getting someone locking them up. But when I

0:03:55.760 --> 0:03:59.160
<v Speaker 1>was at the SEC for eleven years, we chased after

0:03:59.240 --> 0:04:01.360
<v Speaker 1>people and we Jeff only froze their money, but we

0:04:01.400 --> 0:04:05.480
<v Speaker 1>could never, only on very rare occasions, could we orchestrate

0:04:05.520 --> 0:04:08.120
<v Speaker 1>an actual arrest in a foreign country, because there are

0:04:08.120 --> 0:04:12.200
<v Speaker 1>so many issues of just not just judicial committy, but

0:04:12.320 --> 0:04:16.120
<v Speaker 1>also being able to extradite, being able to execute a

0:04:16.120 --> 0:04:18.920
<v Speaker 1>subpoena on someone in a foreign country is a very

0:04:18.960 --> 0:04:22.240
<v Speaker 1>difficult thing. So I think that these these types of

0:04:22.240 --> 0:04:25.840
<v Speaker 1>actions have a tremendous deterrent effect. I realize it's not

0:04:25.880 --> 0:04:28.240
<v Speaker 1>going to stop a lot of actors from doing what

0:04:28.279 --> 0:04:31.279
<v Speaker 1>they're doing, but I think and is exactly right because

0:04:31.360 --> 0:04:34.960
<v Speaker 1>what's so unique here is this prosecution crosses over to

0:04:35.040 --> 0:04:38.400
<v Speaker 1>the political arena. All the matters that I did when

0:04:38.400 --> 0:04:41.919
<v Speaker 1>I was at the SEC many involved foreign nationals, but

0:04:42.160 --> 0:04:45.240
<v Speaker 1>they were never tied explicitly to the government like this.

0:04:45.320 --> 0:04:50.760
<v Speaker 1>So it was essentially a one dimensional prosecutor prosecutorial exercise.

0:04:51.120 --> 0:04:53.760
<v Speaker 1>But now you're also going to going to be engaging

0:04:53.760 --> 0:04:56.279
<v Speaker 1>in the State Department, the Defense Department, the Pentagon, and

0:04:56.320 --> 0:04:59.640
<v Speaker 1>everyone else in helping to track these people down and

0:04:59.680 --> 0:05:03.800
<v Speaker 1>bring a justice. And they targeted a wide range of

0:05:03.800 --> 0:05:07.240
<v Speaker 1>people and companies both here and in Russia. Do we

0:05:07.320 --> 0:05:13.039
<v Speaker 1>know what information they got, what damage they actually did. Yeah,

0:05:13.200 --> 0:05:17.159
<v Speaker 1>we do from the helpful information provided by the Apartment

0:05:17.160 --> 0:05:21.080
<v Speaker 1>of Justice. UM, It's it's fascinating here because Yahoo, when

0:05:21.120 --> 0:05:23.719
<v Speaker 1>this story initially came out back in the fall of

0:05:24.920 --> 0:05:27.000
<v Speaker 1>that there had been a breach, insisted that there was

0:05:27.040 --> 0:05:30.440
<v Speaker 1>a limited amount of personally identifiable information that had been hacked.

0:05:31.000 --> 0:05:33.599
<v Speaker 1>What's clear from these documents released by the Department of

0:05:33.640 --> 0:05:38.120
<v Speaker 1>Justice is that Yahoo's user database was taken as well

0:05:38.160 --> 0:05:41.120
<v Speaker 1>as Yahoo's account management tool. And if you think about that,

0:05:41.120 --> 0:05:43.640
<v Speaker 1>that's like the keys to the you know, candy jar.

0:05:44.440 --> 0:05:48.480
<v Speaker 1>That it enabled, um, these hackers to not just get

0:05:48.560 --> 0:05:52.840
<v Speaker 1>folks you know, names, email addresses, and that kind of information,

0:05:52.839 --> 0:05:55.919
<v Speaker 1>but actually because of the information that was taken using

0:05:55.960 --> 0:06:00.560
<v Speaker 1>this proprietary information that Yahoo had and Yahoo's database UM

0:06:00.600 --> 0:06:03.560
<v Speaker 1>and account management tools these hackers were actually able to

0:06:03.560 --> 0:06:06.720
<v Speaker 1>get into the content of the communications, which is very

0:06:06.800 --> 0:06:09.760
<v Speaker 1>unusual for a hack in the sense of they were

0:06:09.800 --> 0:06:13.360
<v Speaker 1>actually able to read contents of emails from thousands of

0:06:13.480 --> 0:06:17.240
<v Speaker 1>individuals who's you know, communications were hacked. Not only that

0:06:17.320 --> 0:06:21.280
<v Speaker 1>in this case, um, which is in stark contrast to

0:06:21.320 --> 0:06:23.640
<v Speaker 1>what y'ah who said initially for a very long time

0:06:23.720 --> 0:06:27.000
<v Speaker 1>and continued to repeat, we also know that credit card

0:06:27.040 --> 0:06:30.040
<v Speaker 1>and financial information was actually taken and used by one

0:06:30.080 --> 0:06:33.760
<v Speaker 1>of the hackers. He used Yahoo's own account tools to

0:06:33.920 --> 0:06:37.760
<v Speaker 1>gain individuals financial information and credit card informations. And so

0:06:37.800 --> 0:06:39.640
<v Speaker 1>the flip side of this is that we're seeing a

0:06:39.720 --> 0:06:43.320
<v Speaker 1>flew of lawsuits across the country being filed against Yahoo

0:06:43.400 --> 0:06:46.560
<v Speaker 1>by individuals who are claiming their credit card information was compromised.

0:06:46.720 --> 0:06:50.120
<v Speaker 1>We're talking about the federal indictment charging two Russian intelligence

0:06:50.160 --> 0:06:53.360
<v Speaker 1>officers and two hackers with conspiring to carry out we're

0:06:53.440 --> 0:06:57.000
<v Speaker 1>the largest cyber intrusions in US history. Our guests are

0:06:57.080 --> 0:07:00.120
<v Speaker 1>and mchannic, professor at Penn State Law School, and John

0:07:00.160 --> 0:07:05.080
<v Speaker 1>read Stark, founder of John Reid Stark Consulting, and Assistant

0:07:05.080 --> 0:07:08.960
<v Speaker 1>Attorney General. Mary McCord said the charges are unrelated to

0:07:09.000 --> 0:07:12.320
<v Speaker 1>the hacking of the Democratic National Committee and the FBI's

0:07:12.360 --> 0:07:18.520
<v Speaker 1>investigation of Russian interference in the presidential campaign. But could

0:07:18.560 --> 0:07:22.360
<v Speaker 1>what they learned here through their investigation helped them with

0:07:22.400 --> 0:07:28.080
<v Speaker 1>those other investigations. Well, part of this is speculation, but

0:07:28.960 --> 0:07:32.440
<v Speaker 1>there's you know, when we see the strength of this

0:07:32.600 --> 0:07:39.680
<v Speaker 1>indictment against two known Russian intelligence officers, uh, that that

0:07:40.680 --> 0:07:43.560
<v Speaker 1>is probably going to be a very helpful treasure trow

0:07:43.760 --> 0:07:47.680
<v Speaker 1>of information. You know, we this this Russia has long

0:07:47.720 --> 0:07:51.679
<v Speaker 1>been known to work directly with hackers, um and so

0:07:52.040 --> 0:07:54.040
<v Speaker 1>I think that there's probably a lot more to this

0:07:54.160 --> 0:07:57.960
<v Speaker 1>than well, it may not be directly connected, you know,

0:07:58.080 --> 0:08:02.720
<v Speaker 1>just the activities of state spot INSERTD cyber hacking are

0:08:02.880 --> 0:08:05.880
<v Speaker 1>going to reveal lots of useful data. And I'm sure

0:08:05.960 --> 0:08:08.400
<v Speaker 1>John can add to this, and with what he's seen

0:08:08.440 --> 0:08:11.640
<v Speaker 1>at the sec UM just in terms of you know,

0:08:12.600 --> 0:08:18.840
<v Speaker 1>we're seeing a government that's involved in economic espionage against

0:08:19.200 --> 0:08:23.000
<v Speaker 1>the United States citizens and the information really, you know,

0:08:23.120 --> 0:08:26.200
<v Speaker 1>was personal information about the US government officials as well

0:08:26.240 --> 0:08:31.400
<v Speaker 1>as private citizens. John, can you add to that, sure?

0:08:31.560 --> 0:08:33.280
<v Speaker 1>You know, I I totally agree. I think to what

0:08:33.360 --> 0:08:35.439
<v Speaker 1>it what it does is kind of answers the mysteries

0:08:35.440 --> 0:08:38.280
<v Speaker 1>of data breach response. I do a lot of data

0:08:38.280 --> 0:08:40.560
<v Speaker 1>breach response work where you sort of walked into the

0:08:40.679 --> 0:08:43.040
<v Speaker 1>situation and everyone wants to know, well, what were the

0:08:43.080 --> 0:08:47.080
<v Speaker 1>hacker looking for? What were their goals? But here, based

0:08:47.080 --> 0:08:50.520
<v Speaker 1>on the digital forensics and and other inculpatory evidence, you

0:08:50.520 --> 0:08:53.360
<v Speaker 1>can see that the hackers who were enlisted here had

0:08:53.360 --> 0:08:56.760
<v Speaker 1>a broad range of goals. By the one thing they

0:08:56.800 --> 0:08:59.440
<v Speaker 1>wanted to do was to search Yahoo user mail accounts

0:08:59.440 --> 0:09:02.319
<v Speaker 1>for credit art and gift card account numbers. Another thing

0:09:02.320 --> 0:09:04.679
<v Speaker 1>they did was they set up an online marketing scheme

0:09:04.720 --> 0:09:10.040
<v Speaker 1>by manipulating Yahoo search results for erectile dysfunction drugs. And

0:09:10.040 --> 0:09:13.360
<v Speaker 1>I think that demonstrates the range of the use of

0:09:13.400 --> 0:09:16.120
<v Speaker 1>exceltrated data and in the broad range of the the

0:09:17.200 --> 0:09:20.920
<v Speaker 1>hackers attack factor. In other words, it's just like a

0:09:20.960 --> 0:09:23.959
<v Speaker 1>burglar who comes into a home. They rumage through, grab

0:09:24.080 --> 0:09:27.440
<v Speaker 1>anything they can. It might be targeted, it might be not,

0:09:27.600 --> 0:09:29.680
<v Speaker 1>it might not be. They just grab everything they kind,

0:09:30.000 --> 0:09:32.000
<v Speaker 1>they take it away, and then they see what they

0:09:32.000 --> 0:09:34.640
<v Speaker 1>can do with it to monetize it. So whether that

0:09:34.720 --> 0:09:37.640
<v Speaker 1>sheds light on an actual motive of what these hackers

0:09:37.679 --> 0:09:41.079
<v Speaker 1>were doing, certainly the indictment indicates that they had specific

0:09:41.120 --> 0:09:44.440
<v Speaker 1>targets in mind. But the indictment also indicates that these

0:09:44.440 --> 0:09:46.719
<v Speaker 1>guys just grabbed anything they could and then they went

0:09:47.040 --> 0:09:49.040
<v Speaker 1>wound up doing any kind of scheme they could to

0:09:49.160 --> 0:09:51.920
<v Speaker 1>enrich themselves. And what are some of the things we

0:09:52.040 --> 0:09:54.400
<v Speaker 1>don't know yet based on We learned a lot from

0:09:54.400 --> 0:09:56.360
<v Speaker 1>this indictment, but there are a lot of things we

0:09:56.400 --> 0:09:59.400
<v Speaker 1>don't know. Tell us about some of those. So what

0:09:59.480 --> 0:10:01.959
<v Speaker 1>we don't is and I haven't heard the news today,

0:10:01.960 --> 0:10:04.560
<v Speaker 1>but I know the Canadian hacker. One of the hackers

0:10:05.000 --> 0:10:07.959
<v Speaker 1>was a Canadian citizen, and we are waiting to hear

0:10:08.240 --> 0:10:11.000
<v Speaker 1>if he is going to be extradited by the Canadian courts.

0:10:11.520 --> 0:10:14.880
<v Speaker 1>Um appears the US government has requested that One of

0:10:14.880 --> 0:10:17.480
<v Speaker 1>those things I think we can learn from this is

0:10:18.480 --> 0:10:23.800
<v Speaker 1>going forward, how information can be used by state actors

0:10:24.280 --> 0:10:28.520
<v Speaker 1>in terms of, you know, what who are they targeting,

0:10:28.520 --> 0:10:30.520
<v Speaker 1>and what are they targeting? As John pointed out, they

0:10:30.559 --> 0:10:33.240
<v Speaker 1>went in and tried to grab everything. But we know,

0:10:33.520 --> 0:10:36.920
<v Speaker 1>because of the details provided in the indictment that these

0:10:36.960 --> 0:10:41.040
<v Speaker 1>two Russian intelligence officers had specific targets, and not only

0:10:41.080 --> 0:10:44.720
<v Speaker 1>that this conspiracy was an ongoing, evolving process based upon

0:10:44.800 --> 0:10:48.319
<v Speaker 1>information that was discovered. So going forward, we may learn

0:10:48.520 --> 0:10:52.240
<v Speaker 1>more details about individuals in the United States government as

0:10:52.280 --> 0:10:57.520
<v Speaker 1>well as individuals in private industry who were targeted, specifically targeted.

0:10:57.600 --> 0:11:00.079
<v Speaker 1>And when we see that that was directed by I

0:11:00.640 --> 0:11:03.400
<v Speaker 1>Russian intelligence officers, I think we're going to learn a

0:11:03.400 --> 0:11:05.840
<v Speaker 1>lot more. But we don't know those details. We just

0:11:05.880 --> 0:11:08.520
<v Speaker 1>have this, you know, sort of santalizing figure off oh over.

0:11:09.720 --> 0:11:14.680
<v Speaker 1>Individuals contents of their communications were specifically targeted by these

0:11:15.120 --> 0:11:18.120
<v Speaker 1>Russian intelligence officers. So it's going to be interesting to see.

0:11:18.160 --> 0:11:20.520
<v Speaker 1>We don't know where that's going to lead. It's certainly,

0:11:20.640 --> 0:11:23.680
<v Speaker 1>it certainly will be and we'll be talking about it more.

0:11:23.840 --> 0:11:26.360
<v Speaker 1>Thank you both for being on Bloomberg Law. That's and mccannic,

0:11:26.400 --> 0:11:29.160
<v Speaker 1>professor at Penn State Law School, and John reid Stark,

0:11:29.200 --> 0:11:33.160
<v Speaker 1>founder of John Reid Stark Consulting, coming up on Bloomberg Law,

0:11:33.200 --> 0:11:36.360
<v Speaker 1>first in Hawaii then Maryland. A pair of judges halt

0:11:36.440 --> 0:11:40.280
<v Speaker 1>President Donald Trump's revised travel band before it can be enforced.