Ahead of Trump-Putin meeting, Russian Embassy protests arrest of hacker
Russia’s foreign ministry on Wednesday accused the U.S. of “kidnapping” Yury Martyshev, a Latvian man with Russian citizenship who is accused of committing cybercrime. Former U.S. law enforcement officials, however, say that what Russia considers kidnapping is in reality a legitimate and legal effort to arrest a criminal.
Martyshev was arrested overseas and extradited to the U.S. late last month to face charges in a Virginia court. He is accused of helping run one of “the largest” hacking marketplaces on the dark web, where customers could trade and purchase illegal penetration, vulnerability and malware testing tools, according to unsealed court documents. He was originally indicted in October 2016. Some experts believe Martyshev was behind the infamous Scan4You service, which went down earlier this year.
In a statement posted to the Russian Embassy’s Facebook page, a spokesperson called for the U.S. to return Martyshev, who is also known as Jurijs Martisevs, in order to recognize the “legitimate rights and interests of the Russian citizen.”
Russian, state-controlled news outlet Sputnik similarly decried Martyshev’s arrest in a short article Wednesday.
“It’s high irony that the Russians are criticizing the U.S. for this one. The fact they’re calling it ‘kidnapping’ is ridiculous,” said Edward McAndrew, a former federal cybercrime prosecutor in the U.S. Attorney’s Offices for the Eastern District of Virginia and for the District of Delaware. In this instance, a mutual legal assistance treaty worked as intended, he said.
“It looks like the Latvians complied with a request,” said McAndrew, who reviewed the arrest warrant and indictment documents for Martyshev. “It’s that simple.”
Former U.S. law enforcement officials say Russia often relies on a mix of cybercriminals and intelligence officers to conduct offensive cyber operations. A situation that only complicates the work of law enforcement, according to David Hickton, the former U.S. attorney for the Western District of Pennsylvania who brought the celebrated 2014 indictments against Chinese military officers for online theft of intellectual property from U.S. firms.
Hickton is now the director of the University of Pittsburgh Institute for Cyber Law, Policy, and Security. Before joining academia, he led the legal team that first indicted Russian master-hacker Evgeniy Bogachev. During his time in government, Hickton interfaced with Russian law enforcement officials.
The problem for Russia, Hickton observed, is that cybercriminals “represent one of the central elements in their online strategy … they use this little band of contractors to give them some deniability … and then when we arrest them, they cry foul.”
The embassy’s kidnapping claim has “no merit,” he said.
The backlash by the Russian Embassy follows shortly after the publication of an unsealed indictment naming Martyshev and two other accomplices, including Latvian citizen Ruslans Bondars and an American only identified as Z.S. in charging documents. There is some evidence to suggest that Z.S. is Zachary Shames, a U.S. student who plead guilty in January for developing and selling spyware online.
Wednesday’s Facebook post is not the first time Moscow has criticized Washington for its pursuit of a foreign hacker through the help of allies.
The Justice Department maintains relationships with foreign law enforcement agencies in order to pursue criminals, terrorists and other individuals, internationally, who are planning to or have done harm to American citizens. In recent years, these partnerships have become critical in the FBI’s effort to combat a variety of different computer crimes, including economic espionage, credit card theft and fraud, according to Leslie Caldwell, a former assistant attorney general for the Criminal Division.
On Friday, U.S. President Donald Trump will meet his Russian counterpart, Vladimir Putin, in Germany for the 2017 G20 Summit. It’s unclear if or to what extent cybercrime will be discussed. Russia is commonly described by intelligence officials as one of the U.S.’s primary adversaries in cyberspace in addition to Iran, North Korea and China.
“The timing of this indictment is at the very least interesting,” McAndrew said. In some situations, a court may wait to unseal an indictment or publish a criminal complaint depending on extraneous circumstances, like a signifiant political event, McAndrews explained. It appears as if the G20 Summit either did not meet this criteria or wasn’t considered.
Martyshev is currently in custody in Northern Virginia. He appeared at a sealed court hearing last week, according to The Washington Post.
U.S. law enforcement were able to move from indictment to arrest in less than 12 months in the Martyshev case, which represents a major accomplishment for investigators and prosecutors as cybercrime-related cases are often more complex and difficult to close, said McAndrew, a now co-practice leader with global law firm Ballard Spahr LLP.
Some alleged cybercriminals, meanwhile, remain untouchable by U.S. law enforcement. A combination of freelance hackers and Russian intelligence officers were previously indicted for hacking into Yahoo and siphoning off customer information, according to a high-profile indictment released by the Justice Department earlier this year.
Some of the suspects in that case remain at large, including Alexsey Belan, who is one of the most wanted hackers in the world. It’s widely believed that Belan is being sheltered by the Russian government.