Tag Archives: Cyber Security

German military to unveil new cyber command as threats grow

BERLIN (Reuters) – Germany’s military will launch a cyber command next week as part of an effort to beef up online defenses at a time when German spy agencies are warning of increasing cyber attacks by Russia.

The German military remains a high-value target for hackers, with some 284,000 complex and professional would-be attacks registered in the first nine weeks of 2017, a ministry spokesman said. No damage had been reported thus far, he added.

Cyber attacks on militaries are rising worldwide, with many now creating separate commands to tackle the issue.

NATO, which says it has seen a five-fold increase in suspicious events on its networks in the past three years, agreed last June to designate cyber as an official operational domain of warfare, along with air, land and sea.

The new German command will based in Bonn with an initial staff of 260, growing to around 13,500 in July when the military’s current strategic reconnaissance command and centers for operational communication and geo-information are folded in.

By 2021, the command is due to have a total of 14,500 positions, including 1,500 civilian jobs.

“The expansion of cyber capabilities is an essential contribution to the government’s overall security posture, and offers additional opportunities for preventing conflicts and dealing with crises to include hybrid threats,” the ministry spokesman said.

Defence Minister Ursula von der Leyen will name Lieutenant General Ludwig Leinhos to head the new Cyber and Information Space Command – the sixth major wing of the military in addition to the navy, army, air force, medical service and joint forces.

Chancellor Angela Merkel this month said protecting German infrastructure from potential cyber attacks was a top priority.

In December, Germany’s domestic and foreign intelligence agencies cited increasing Russian cyber attacks against political parties, as well as propaganda and disinformation campaigns aimed at destabilizing German society.

Russia denies engaging in such attacks.

(Reporting by Andrea Shalal; editing by Mark Heinrich)

Bangladesh Bank heist was ‘state-sponsored’: U.S. official

Lamont Siller, the legal attache at the U.S. embassy in the Philippines speaks during a cyber security forum in Manila, Philippines March 29, 2017. REUTERS/Karen Lema

MANILA (Reuters) – The heist of $81 million from the Bangladesh central bank’s account at the New York Federal Reserve last year was “state-sponsored,” an FBI officer in the Philippines, who has been involved in the investigations, said on Wednesday.

Lamont Siller, the legal attache at the U.S. embassy, did not elaborate but his comments in a speech in Manila are a strong signal that authorities in the United States are close to naming who carried out one of the world’s biggest cyber heists.

Last week, officials in Washington, speaking on condition of anonymity, blamed North Korea.

“We all know the Bangladesh Bank heist, this is just one example of a state-sponsored attack that was done on the banking sector,” Siller told a cyber security forum.

An official briefed on the probe told Reuters in Washington last week that the FBI believes North Korea was responsible for the heist. The official did not give details.

The Wall Street Journal reported U.S. prosecutors were building potential cases that would accuse North Korea of directing the heist, and would charge alleged Chinese middlemen.

The FBI has been leading an international investigation into the February 2016 heist, in which hackers breached Bangladesh Bank’s systems and used the SWIFT messaging network to order the transfer of nearly $1 billion from its account at the New York Fed.

The U.S. central bank rejected most of the requests but filled some of them, resulting in $81 million being transferred to bank accounts in the Philippines. The money was quickly withdrawn and later disappeared in the huge casino industry in the country.

There have been no arrests in the case.

A Chinese casino owner in the Philippines told that Senate inquiry he took millions of dollars from two Chinese high-rollers in February. He said the two men were responsible for transferring the stolen money from Dhaka to Manila.

Philippine investigators have filed criminal charges against several individuals and a remittance company for money laundering in connection with the heist at the country’s Department of Justice (DOJ).

None of these cases have yet been filed in court, however.

Siller said the FBI was working closely with the Philippines government “to ensure those responsible for the attack do not go unpunished.”

“So for us in the FBI, it is never over. We are going to bring these individuals to justice so that we can show others, that you maybe be able to muster such attacks, even state-sponsored, but you will not get away with it in the end.”

(Reporting by Karen Lema; Editing by Raju Gopalakrishnan)

German parliament foiled cyber attack by hackers via Israeli website

A man types on a computer keyboard in Warsaw in this February 28, 2013 illustration file picture. REUTERS/Kacper Pempel/Files

BERLIN (Reuters) – The German parliament was the target of fresh cyber attacks in January that attempted to piggy-back on an Israeli newspaper site to target politicians in Germany, Berlin’s cyber security watchdog said on Wednesday.

Cyber defenses installed after a 2015 hack of the parliament helped avert the attempted breaches, the Federal Office for Information Security (BSI) said in a statement.

The hackers appeared to use advertising running on the Jerusalem Post website to redirect users to a malicious site, it said.

The BSI looked into unusual activity on the parliament’s network early this year and has just completed a detailed analysis of the incident, which was first reported by the Sueddeutsche Zeitung newspaper on Wednesday.

At least 10 German lawmakers from all parliamentary groups were affected by the attempted hack, the Munich daily reported.

“The technical analysis is complete. The website of the Jerusalem Post was manipulated and had been linked to a malicious third party site,” the agency said in a statement.

“BSI found no malware or infections as part of its analysis of the Bundestag networks.”

The Jerusalem Post confirmed details of the attack with Reuters, but said no malware came from its own site and that it was fully protected against such attacks in the future.

“The Jerusalem Post website was attacked in January by foreign hackers,” the publisher said in a statement. “We immediately took action and together with Israeli cyber authorities successfully neutralized the threat.

Hackers can use infected banner advertisements to attack otherwise safe or secure sites. So-called “malvertising” appeared to be served up to the site via an unidentified third-party advertising network.

There was no suggestion from the German agency of any wrongdoing by the Jerusalem Post.

“SPEAR-PHISHING”

Security expert Graham Cluley said such “spear-phishing” attacks via malicious ads is highly unusual, but possible.

In this instance, the Jerusalem Post site could have served up German language ads to visitors with German internet addresses. However, he said it was unlikely this could be used to target specific politicians in Berlin.

This latest attack comes amid growing concern in Germany about cyber security and reports that Russia is working to destabilize the German government and could seek to interfere in the upcoming Sept. 24 national elections.

The Bundestag lost 16 gigabytes of data to Russian hackers in 2015, after which it revamped its software system with the help of the BSI and private contractors.

“The BSI believes that the defenses of the German Bundestag detected and prevented links to the website. The attack was therefore averted,” BSI President Arne Schoenbohm said in a statement.

A source familiar with the incident said it did not appear to be linked to APT28, a Russian hacking group also known as “Fancy Bear” that was blamed for the 2015 Bundestag hack and the 2016 hack of the U.S. Democratic National Committee.

(Reporting by Andrea Shalal in Berlin, Eric Auchard in London and Luke Baker in Jerusalem; Editing by Tom Heneghan)

London attack a ‘wake-up’ call for tech firms to put house in order: police

Police on horseback patrol near Westminster Bridge in London, Britain, March 29, 2017. REUTERS/Peter Nicholls

By Michael Holden

LONDON (Reuters) – The London attack which left four people dead was a “wake up call” for technology firms to get their house in order over extremist material being circulated on the internet, the acting head of London’s police force said on Wednesday.

The comments from Craig Mackey, acting Commissioner of the Metropolitan Police, come after calls from politicians for tech firms, mainly based in the United States, to cooperate more with the authorities.

“I think these sorts of incidents and the others we’ve seen in Europe are probably a bit of a wake-up call for the industry in terms of trying to understand what it means to put your own house in order,” Mackey told the London Assembly’s Police and Crime Committee.

“If you are going to have ethical statement and talk about operating in an ethical way, it actually has to mean something. That is the sort of thing that obviously politicians and others will push now.”

The British government and a series of well-known British brands such as Marks and Spencer Group Plc had already suspended digital advertising with Alphabet Inc’s before the attack because ads were appearing alongside videos on its YouTube platform with homophobic or anti-Semitic messages.

They have since been joined by U.S. wireless carriers Verizon Communications Inc and AT&T Inc. The action has prompted Google to apologize and review its advertising practices.

London police already have a specialist unit which aims to remove extremist material but Mackey said “the internet was never designed to be policed as such”.

British officials have also demanded tech firms do more to allow police access to smartphone communications after reports that Khalid Masood had used encrypted messaging via WhatsApp before he drove a rented car into pedestrians on Westminster Bridge and stabbed to death a police officer by parliament.

“We work hard with the industry to highlight the challenges of these very secure applications,” Mackey said. “It’s a challenge when you are dealing with companies that are global by their very nature because they don’t always operate under the same legal framework as us.”

Regarding the police’s ongoing inquiry into last week’s attack, Mackey said detectives still believed Masood had acted alone. So far 12 people have been arrested, with two still in police custody.

Mackey also said there had been a “slight uplift” in hate crimes directed at Muslims but not on the scale seen after previous similar incidents.

(Editing by Stephen Addison)

NATO to spend 3 billion euros on satellite, cyber defenses

FILE PHOTO - A NATO flag flies at the Alliance's headquarters in Brussels, March 2, 2014. REUTERS/Yves Herman/File Photo

By Robin Emmott

BRUSSELS (Reuters) – NATO plans to spend 3 billion euros ($3.24 billion) to upgrade its satellite and computer technology over the next three years as the Western military alliance adapts to new threats, a senior official said.

Seeking to deter hackers, and other threats including Iranian missiles, the investments underscore NATO’s recognition that conflicts are increasingly fought on computer networks as well as in the air, on land and at sea.

A senior official at the NATO Communications and Information Agency said the plans include a 1.7-billion-euro investment in satellite communications to better support troops and ships deployed across the alliance, as well as aiding the use of Unmanned Aerial Vehicles (UAVs) or drones.

It was not immediately clear if NATO allies would fund a new military communications satellite to be launched into space or if an increase in broadband capacity could be gained from existing U.S. and other allied satellites.

Non-NATO member Japan launched its first military communications satellite in January.

The proposals, for which some funding must still be approved by NATO governments, also envisage spending about 800 million euros on the computer systems that help command air and missile defenses, said the official, who declined to be named.

Seventy-one million euros will go to improving the protection of NATO’s 32 main locations from cyber attacks.

NATO says it has seen a five-fold increase in suspicious events on its networks in the past three years, while Russian group APT28 is blamed by Western intelligence for the hacking of the U.S. Democratic Party during last year’s U.S. election.

NATO officials have told Reuters they suspect Russia sponsors attacks against their networks before major summits.

Another 180 million euros are to be spent to provide more secure mobile communications for alliance soldiers in the field.

NATO will present its needs in detail at a conference in Ottawa in April and then begin launching the bidding process.

It is likely to attract major Western defense contracts including Airbus Group, Raytheon and Lockheed Martin Corp, the official said, in part because “there cannot be content that does not come from NATO nations.”

NATO rules prohibit Russian or Chinese suppliers unless there is a specific need that allied companies cannot provide.

(Reporting by Robin Emmott; Editing by Janet Lawrence)

U.S. may accuse North Korea in Bangladesh cyber heist: WSJ

Federal Reserve and New York City Police officers stand guard in front of the New York Federal Reserve Building in New York, October 17, 2012. REUTERS/Keith Bedford/File Photo

NEW YORK (Reuters) – U.S. prosecutors are building potential cases that would accuse North Korea of directing the theft of $81 million from Bangladesh Bank’s account at the Federal Reserve Bank of New York last year, and that would charge alleged Chinese middlemen, the Wall Street Journal reported on Wednesday.

The U.S. Federal Bureau of Investigation believes that North Korea is responsible for the heist, an official briefed on the probe told Reuters. Richard Ledgett, deputy director of the U.S. National Security Agency, publicly suggested on Tuesday that North Korea may be linked to the incident, while private firms have long pointed the finger at the reclusive state.

The Journal, citing people familiar with the matter, reported that prosecutors believe Chinese middlemen helped North Korea orchestrate the theft from Bangladesh’s central bank, which was among the biggest bank robberies in modern times.

The current cases being pursued may not include charges against North Korean officials, but would likely implicate the country, the newspaper reported, with the United States accusing a foreign government of orchestrating the heist.

A U.S. Department of Justice spokesman declined to comment.

FBI offices in Los Angeles and New York have been leading an international investigation into the February 2016 incident, in which hackers breached Bangladesh Bank’s systems and used the SWIFT messaging network to request nearly $1 billion from its account at the New York Fed.

The branch of the U.S. central bank rejected most of the requests but filled some of them, resulting in $81 million disappearing into casinos and other entities in the Philippines. A top police investigator in Dhaka told Reuters in December that some Bangladesh Bank officials deliberately exposed its computer systems, enabling the hackers to get in.

The incident exposed bungling and miscommunication between central banks, and left the Fed, Bangladesh, SWIFT, and the Philippine lender that initially received the funds trading blame for months.

SWIFT – or the Society for Worldwide Interbank Financial Telecommunication that serves as the backbone of global finance – has since revealed that its messaging system has been targeted in a “meaningful” number of other attacks last year using a similar approach as in the Bangladesh incident.

Last week, SWIFT said it planned to cut off the remaining North Korean banks still connected to its system as concerns about the country’s nuclear program and missile tests grow.

The Journal reported that federal investigators are focusing on Chinese individuals or businesses who allegedly helped North Korea orchestrate the heist, and that the U.S. Treasury is considering sanctions against these alleged middlemen.

The New York Fed and SWIFT declined to comment.

(Reporting by Jonathan Spicer and Joseph Menn; Editing by Jonathan Oatis and James Dalgleish)

G20 to jointly fight bank sector hacking

A general view shows the G20 Finance Ministers and Central Bank Governors Meeting in Baden-Baden, Germany, March 17, 2017. REUTERS/Kai Pfaffenbach

By Balazs Koranyi

BADEN-BADEN, Germany (Reuters) – The world’s biggest economies will pledge to jointly fight cyber attacks on the global banking system, one of the biggest coordinated efforts yet to protect lenders since an $81 million heist of the Bangladesh central bank’s account last year.

Meeting in the German resort town of Baden-Baden, G20 finance chiefs will agree to fight attacks regardless of their origin and promise cross-border cooperation to maintain financial stability, according to a draft document seen by Reuters.

“We will promote the resilience of financial services and institutions in G20 jurisdictions against malicious use of information and communication technologies, including from countries outside the G20,” it said.

However, it dropped an earlier reference for enhanced security requirements for financial services.

Cyber crime became a top priority after an elaborate heist on the Bangladesh central bank’s account at the Federal Reserve Bank of New York last year, an unprecedented theft that exposed the vulnerabilities of the system.

The agreement, set to be finalised on Saturday, will come just days after the United States charged two intelligence agents from Russia, another G20 member, with masterminding the 2014 theft of 500 million Yahoo accounts.

The indictment was the first time U.S. authorities have criminally charged Russian spies for cyber offences including for computer fraud, economic espionage, theft of trade secrets, and wire fraud.

The charges came amid a swirl of controversies relating to alleged Kremlin-backed hacking of the 2016 U.S. presidential election and possible links between Russian figures and associates of U.S. President Donald Trump.

In the banking world, attacks through the global SWIFT bank transfer system have continued to increase with the network recording a “meaningful” number of attacks with about a fifth of them resulting in stolen funds since the Bangladesh heist, the firm said late last year.

In other highly publicized attacks, retailer Tesco Plc’s banking arm said 2.5 million pounds ($3 million) had been stolen from 9,000 customers last year while hackers also stole more than 2 billion rubles ($34 million) from correspondent accounts at the Russian central bank and from accounts in commercial banks.

The European Union is considering testing banks’ defenses against cyber attacks with concerns growing about the industry’s vulnerability to hacking.

(Editing by Julia Glover)

U.S. authorities charge Russian spies, hackers in huge Yahoo hack

The John Sopinka Courthouse, where Karim Baratov appeared in front of a judge, in connection with a U.S. Justice Department investigation into the 2014 hacking of Yahoo, is pictured in Hamilton, Ontario, Canada March 15, 2017 . REUTERS/Peter Power

By Dustin Volz

WASHINGTON (Reuters) – The United States on Wednesday charged two Russian intelligence agents and two hackers with masterminding the 2014 theft of 500 million Yahoo accounts, the first time the U.S. government has criminally charged Russian spies for cyber offences.

The charges came amid a swirl of controversies relating to alleged Kremlin-backed hacking of the 2016 U.S. presidential election and possible links between Russian figures and associates of U.S. President Donald Trump. This has given rise to uncertainty about whether Trump is willing to respond forcefully to any action by Moscow in cyberspace and elsewhere.

The 47-count Justice Department indictment included charges of conspiracy, computer fraud and abuse, economic espionage, theft of trade secrets, wire fraud, access device fraud and aggravated identify theft. It painted a picture of the Russian security services working hand-in-hand with cyber criminals, who helped spies further their intelligence goals in exchange for using the same exploits to make money.

“The criminal conduct at issue, carried out and otherwise facilitated by officers from an FSB unit that serves as the FBI’s point of contact in Moscow on cyber crime matters, is beyond the pale,” Acting Assistant Attorney General Mary McCord said at a press conference announcing the charges.

Russia’s Federal Security Service (FSB) is the successor to the KGB.

The Kremlin, which denies Russia tried to influence the U.S. election in any way, said on Thursday Moscow had received no official notification of the indictment, but hoped it would.

However, Dmitry Peskov, President Vladimir Putin’s spokesman, dismissed out of hand the idea that FSB employees could have been involved in the Yahoo hack.

“We have said repeatedly that there can be no discussion of any official involvement of any Russian agency, including the FSB…in any unlawful cyber activities,” said Peskov, who has cast U.S. allegations against Russia as part of a political campaign to kill off a U.S.-Russia rapprochement.

Yahoo said when it announced the then-unprecedented breach last September that it believed the attack was state-sponsored, and on Wednesday the company said the indictment “unequivocally shows” that to be the case.

The charges announced Wednesday are not related to the hacking of Democratic Party emails during the 2016 U.S. presidential election. U.S. intelligence agencies have said they were carried out by Russian spy services, including the FSB, to help the campaign of Republican candidate Donald Trump.

The indictment named the FSB officers involved as Dmitry Dokuchaev and his superior, Igor Sushchin, who are both in Russia.

Dokuchaev was arrested for treason in December, according to the Russian news agency Interfax.

Reuters sent a request for comment to the FSB in Moscow on Wednesday evening but there was no response.

The alleged criminals involved in the scheme include Alexsey Belan, who is among the FBI’s most-wanted cyber criminals and was arrested in Europe in June 2013 but escaped to Russia before he could be extradited to the United States, according to the Justice Department.

Karim Baratov, who was born in Kazakhstan but has Canadian citizenship, was also named in the indictment.

The Justice Department said Baratov was arrested in Canada on Tuesday. Mark Pugash of Toronto police later confirmed the Tuesday arrest.

McCord said the hacking campaign was waged by the FSB to collect intelligence but that the two hackers used the collected information as an opportunity to “line their pockets.”

The United States does not have an extradition treaty with Russia, but McCord said she was hopeful Russian authorities would cooperate in bringing criminals to justice. The United States often charges cyber criminals with the intent of deterring future state-sponsored activity.

The administration of former President Barack Obama brought similar charges against Chinese and Iranian hackers who have not been extradited.

In a statement, White House spokesman Michael Anton said the charges “are part of a broad effort across the government to defend the United States against cyber attacks and cyber-related crimes.”

‘RED NOTICE’

Yahoo in December announced another breach that occurred in 2013 affecting one billion accounts. Special Agent Jack Bennett of the FBI’s San Francisco Division said the 2013 breach is unrelated and that an investigation of that incident is ongoing.

The hacks forced Yahoo to accept a discount of $350 million in what had been a $4.83 billion deal to sell its main assets to Verizon Communications Inc <VZ.N>.

At least 30 million of the Yahoo accounts in the 2014 breach were the most seriously affected, with Belan able to burrow deep into their accounts and take user contact lists that were later used for a financially motivated spam campaign, according to the indictment. Belan also stole financial information such as credit card numbers and gift cards, it said.

Yahoo had previously said about 32 million accounts had fallen victim to the deeper attack, which it said leveraged forged browser cookies to access accounts without the need for a password.

According to the indictment, FSB officers Sushchin and Dokuchaev also directed Baratov to use the information gained in the Yahoo breach to hack specific targets who possessed email accounts with other service providers, including Google.

When Baratov was successful, Dokuchaev would reward him with a bounty, the indictment charged.

Examples where Google accounts were targeted include an assistant to the deputy chairman of the Russian Federation, an officer of the Russian Ministry of Internal Affairs, and a physical training expert employed by the Russian government.

Details in the indictment reflect the often murky relationship in Russia between criminal hackers and government intelligence officers.

Interpol issued a “red notice” on Belan in relation to an earlier hacking campaign, according to the indictment. Instead of arresting Belan, however, the FSB recruited him to help with cyber espionage and provided tools to evade detection from other authorities.

Belan later gained unauthorized access to Yahoo’s network that he shared with FSB, the indictment said.

(Reporting by Dustin Volz in Washington and Joseph Menn in San Francisco; Additional reporting by Julia Edwards in Washington and Alexander Winning and Dasha Afanasieva in Moscow; Editing by Jeffrey Benkoe and James Dalgleish)

Global private companies confident, but unprepared for hacking threat: PwC

LONDON (Reuters) – The chief executives of some of the worlds’ leading private companies are confident about their firms’ prospects and plan to recruit more staff, but are ill-prepared for cyber attacks, according to a report by PwC on Thursday.

The “Undaunted, but underprepared?” report found 86 percent of CEOs were confident about their companies revenue prospects in 2017, an increase of 5 percent from last year.

That made it the first time in five years that private company bosses were more confident than public company CEOs.

The report, based on responses from 781 private company CEOs in 79 countries, also found that 41 percent of private company CEOs were not concerned about cyber threats and only 68 percent were concerned about the speed of technological change.

Stephanie Hyde, Global Entrepreneurial and Private Business Leader for PwC UK, said it was worrying that private company CEOs were less concerned about technology and cyber compared to their public counterparts, as they had less resources available to invest in addressing these issues.

“This may make them more vulnerable to cyber attacks, so in theory they should be more concerned about these threats not less,” she said.

“In our view, this is probably the single most worrying finding in our report, especially in light of growing evidence that hackers are now targeting smaller and private businesses, thinking they will not be so well protected.”

(Reporting by Michael Holden)

U.S. indicts Russian spies, hackers over massive Yahoo hack

Acting AAG for National Security Mary McCord speaks in front of a poster of a suspected Russian hacker during FBI National Security Division and the U.S. Attorney's Office for the Northern District of California joint news conference at the Justice Department in Washington, U.S., March 15, 2017. REUTERS/Yuri Gripas

By Dustin Volz

WASHINGTON (Reuters) – The U.S. government on Wednesday unsealed charges against two Russian spies and two criminal hackers for allegedly pilfering 500 million Yahoo user accounts in 2014.

The indictments, announced at a news conference in Washington, represent the first time the U.S. government has criminally charged Russian officials for cyber offenses.

The contents of at least 30 million accounts were accessed as part of a spam campaign and at least 18 people who used other internet service providers, such as Google, were also victimized, the government charged.

The officers of the FSB, Russia’s Federal Security Service, which is a successor to the KGB, were identified as Dmitry Dokuchaev and his superior, Igor Sushchin, the government said.

Both men are in Russia, it said.

Alexsey Belan, who is on the list of most-wanted cyber criminals, and Karim Baratov, who was born in Kazakhstan but has Canadian citizenship, were also named in the indictment.

The Justice Department said Baratov was arrested in Canada on Tuesday and his case is pending with Canadian authorities.

Belan was arrested in Europe in June 2013 but escaped to Russia before he could be extradited to the United States, according to the Justice Department.

“The criminal conduct at issue, carried out and otherwise facilitated by officers from an FSB unit that serves as the FBI’s point of contact in Moscow on cyber crime matters, is beyond the pale,” said Acting Assistant Attorney General Mary McCord.

McCord said the hacking campaign was waged by the FSB to collect intelligence but that the two hackers used the collected information as an opportunity to “line their pockets.”

The United States does not have an extradition treaty with Russia, but McCord said she was hopeful Russian authorities would cooperate in bringing criminals to justice. The United States often charges cyber criminals with the intent of deterring future state-sponsored activity.

The administration of former President Barack Obama brought similar charges against Chinese and Iranian hackers who have not been extradited.

The 47-count indictment includes conspiracy, computer fraud and abuse, economic espionage, theft of trade secrets, wire fraud, access device fraud and aggravated identify theft.

The charges are not related to the hacking of Democratic Party emails during the 2016 U.S. presidential election. Intelligence agencies have said they were carried out by Russia to help the campaign of Republican candidate Donald Trump.

Yahoo said when it announced the then-unprecedented breach last September that it believed the attack was state-sponsored, and on Wednesday the company said the indictment “unequivocally shows” that to be the case.

Yahoo in December also announced a breach that occurred in 2013 affecting one billion accounts, though it has not linked that intrusion to the one in 2014.

The Russian hacking conspiracy, which began as early as 2014, allowed Belan to use his relationship with the Russian spy agency and access to Yahoo’s network to engage in financial crimes, according to the indictment.

The breaches were the latest in a series of setbacks for the Internet pioneer, which has fallen on hard times in recent years after being eclipsed by younger, fast-growing rivals including Alphabet Inc’s Google and Facebook Inc.

Yahoo’s disclosure of the years-old cyber invasions and its much-criticized slow response forced it to accept a discount of $350 million in what had been a $4.83 billion deal to sell its main assets to Verizon Communications Inc.

Shares of Yahoo were down 0.9 percent.

“We’re committed to keeping our users and our platforms secure and will continue to engage with law enforcement to combat cyber crime,” Chris Madsen, Yahoo’s assistant general counsel, said in a statement.

(Reporting by Dustin Volz and Joseph Menn; Additional reporting by Julia Edwards; Editing by Jeffrey Benkoe and James Dalgleish)