Attribution is difficult and sometimes it seems that cybercriminals are beyond the long arm of the law. But hackers – some even foreign nationals – were increasingly brought to justice on both sides of the Atlantic in 2018 for various cybercrimes. They were indicted, arrested, convicted and, in many cases, sentenced and jailed for a variety of illegal or questionable activities from cyberespionage to politcal shenanigans, fraud, identity theft as well as election and nation-state cyberattacks.
February: The U.K. creator of malware resources Cryptex and reFUD.me, known on the dark web as KillaMuvz, was sentenced to two years in Blackfriars Crown Court in England after pleading guilty to charges under the Computer Misuse Act and Proceeds of Crime Act.
March: The 20-year-old founder of the notorious hacking group Lizard Squad and PoodleCorp was sentenced to three months in prison, after pleading guilty to one count of conspiracy to commit damage to a protected computer in December 2017 in the Northern District Court for the District of Illinois.
April: A Nigerian man pleaded guilty in a Manhattan Federal Court to helping perpetuate business email compromise (BEC) scams aimed at netting millions of dollars.
July: Special Counsel Robert Mueller indicted 12 Russian military officers, part of Russia’s GRU military intelligence unit, for hacking into the Democratic National Committee (DNC) systems in an effort to influence the 2016 presidential election. The fruits of those break-ins – a trove of documents – were spread under the auspices of Guccifer 2.0 and DCLeaks, according to Deputy Attorney General Rod Rosenstein which included 11 counts, after a grand jury handed them down. Rosenstein said Russian operatives also hacked a state election board and nicked data on 500,000 voters. The indictments came as President Trump prepares to meet with Russian President Vladimir Putin in Helsinki July 16.
• A Russian national and gun activist was charged with acting as a Russian agent to develop relationships with U.S. persons and infiltrate organizations that influence American politics to benefit the Russian Federation, according to a criminal complaint unsealed Monday in U.S. District Court for the District of Columbia.
Mariia Butina, 29, came to the U.S. in 2016 on a student visa and worked closely with U.S. citizens, cited as U.S. Person 1 and U.S. Person 2, and Russian officials to establish relationships and build influence prior to and shortly after the 2016 presidential election. An affidavit connected to the complaint recounts an Oct. 4, 2016, email from U.S. Person 1, who wrote “Unrelated to specific presidential campaigns, I’ve been involved in securing a VERY private line of communication between the Kremlin and key POLITICAL PARTY 1 leaders through, of all conduits, the [GUN RIGHTS ORGANIZATION].”
August: Former NSA contractor Reality Winner was sentenced in August 2018 to 63 months in federal prison after pleaded guilty in June to leaking classified defense reports pertaining to Russian election interference to a media outlet.
• Ukrainian national Ruslan Yeliseyev was sentenced to six years in a U.S. prison for trafficking stolen credit cards obtained through computer hacking, resulting in losses of about $31 million to his victims.
• Two individuals were indicted last August for stealing information in 2016 from the LinkedIn training site Lynda.com, and are reportedly the same pair of hackers responsible for the 2016 Uber breach that affected 57 million worldwide users.
• A Somerville, Mass., man was convicted by a federal jury for orchestrating disruptive computer attacks on Boston Children’s Hospital and Wayside Youth and Family Support Network.
September: A Romanian citizen pleaded guilty to federal charges stemming from her role in a ransomware attack, which involved hacking Washington, D.C., police cameras days before the 2017 Presidential Inauguration.
• North Korean officials denounced and denied a U.S. indictment that accuses one of its citizens of helping carry out the 2017 WannaCry global ransomware attack, the 2014 Sony Pictures hack, an $81 cyberheist of Bangladesh’s central bank in 2016, and other cyberattacks on behalf of his government.
According to multiple news outlets, a North Korean Foreign Ministry official issued a statement calling the Sept. 6 legal filing “vicious slander” and a “smear campaign” that could damage relations between his country and the U.S. in the wake of denuclearization negotiations. The official also reportedly referred to Park Jin Hyo, the indicted man, as a “non-entity,” even though the U.S. Department of Justice believes he is a member of the North Korea-sponsored hacking team known as the Lazarus Group.
• A 240-count indictment against 32 member of the BullyBoys and CoCo Boys street gangs in California were levied for a variety of cybercrimes, including stealing retail point of sale terminals to obtain customer personally identifiable information. The charges were brought by California Attorney General Xavier Becerra and included 63 counts of conspiracy to commit grand theft; 54 counts of hacking, computer access and fraud; 56 counts of grand theft; 59 counts of burglary; and eight counts of identity theft, Becerra’s office stated. The gangs used the 40 stolen point of sale devices, taken from medical and dental offices, which were used for a variety of illegal activities, including fraudulent returns and obtaining Social Security numbers and bank information.
October: A French national who was serving at times as an administrator and senior moderator on one of the largest dark web criminal marketplaces was sentenced to 20 years in prison, after previously pleading guilty to the intent to distribute controlled substances and conspiracy to launder money.
• A team of Chinese intelligence agents and their cybercriminal minions were indicted by the Department of Justice for hacking into a U.S. and French company that were jointly developing a new turbofan engine for use on commercial airliners. The intrusions took place between 2011 and 2015 and affected a wide variety of companies in addition to the two engine manufacturers.
• The midterm elections yielded their first criminal case – the Justice Department on Friday charged Russian accountant Elena Khusyaynora with conspiracy to defraud the U.S. for her role in a plan to spend more than $10 million on social media ads and online posts to influence voters. The criminal complaint, brought by prosecutors in Alexandria, Va., claimed that Khusyaynora, who is based in St. Petersburg, Russia, and reportedly works for the firm Concord, named by Special Counsel Robert Mueller in earlier indictments, sought with others to “to sow division and discord in the U.S. political system” and to undermine faith in our democratic institutions,” U.S. Attorney G. Zachary Terwilliger of the Eastern District of Virginia, said in a Justice Department release.
• The U.S. and several key Western Allies have leveled an array of new and damning hacking allegations against Russia, with the Department of Justice announcing federal indictments against seven officers in Russia’s Main Intelligence Directorate (GRU) military intelligence agency. Officials from America, the UK, Australia, New Zealand and the Netherlands over last 24 hours have publicly accused Russia of hacking a myriad of targets, including anti-doping organizations, Ukraine, the U.S. Democratic National Committee, Westinghouse Electric Company and the Organization for the Prohibition of Chemical Weapons (OPCW).
November: It’s not a done deal yet, but it looks like WikiLeaks founder Julian Assange might be in Mueller’s sights. Assange has long justified his self-imposed asylum in the Ecuadorian Embassy in London – even after receiving citizenship – because he feared the U.S. would arrest him.
Now, it seems he’s right, according to an unrelated court filing in Virginia that inadvertently revealed that Justice Department has an indictment ready to go against him, though its not clear if the charges have to do with the email dump of stolen DNC emails during the 2016 presidential election or the earlier publishing of documents provided by Chelsea Manning.
• The FBI dismantled a highly complex fraud network responsible for generating billions upon billions of fake online ad placements. Collectively known as 3ve, the cybercriminal operation fraudulently made millions in ad view revenues since 2014, with the help of machines infected with either Kovter or Boaxxe/Miuref botnet malware.
Charged in Brooklyn federal court, the defendants were identified as Aleksandr Zhukov, Boris Timokhin, Mikhail Andreev, Denis Avdeev, Dmitry Novikov, Sergey Ovsyannikov, Aleksandr Isaev and Yevgeniy Timchenko. Ovsyannikov, Zhukov and Timchenko have already been arrested; the rest remain at large as of November 2018.