Search
Vladimir Putin
Russian President Vladimir Putin listens for a journalist's question during a news conference with Slovenian President Borut Pahor after their talks at the Kremlin in Moscow, Russia, Friday, Feb. 10, 2017.  Alexander Zemlianichenko—AP

Why the U.S. Gave Russia Too Much Credit for the Yahoo Hacks

Mar 18, 2017

A version of this post originally appeared in the Cyber Saturday edition of Data Sheet,Fortune's daily tech newsletter.

Blame Russia. In a bombshell indictment, the Department of Justice explained this week how Russian spies worked with common criminals to ransack Yahoo's customer accounts.

The report backs up Yahoo's claim, which many in the hacking community had doubted, that a "state-sponsored actor" was responsible for a breach that compromised hundreds of millions of accounts.

Yet not everyone is satisfied with this explanation. A former prosecutor complained to me over lunch this week that the Justice Department is helping Yahoo avoid accountability. In his view, framing the breach as a global espionage incident is a distraction from the main story, which is ordinary criminals exploiting Yahoo's sloppy security practices for financial profit.

He has a point. The Justice Department account leaves some pretty big questions unanswered, including who carried out an earlier hack at Yahoo, and which corporate officials learned about the breach.

More broadly, the feds risk giving Moscow intelligence too much credit: In this must-read New York Times article, Russia's spies come across not as evil geniuses, but as opportunists who rely on the work of common cyber criminals. That sure seems like the case with the Yahoo breaches.

There's one more drawback to overstating the Russian role in the hacks. Namely, the focus on attribution can draw attention from what some cyber-types think should be the real priority—securing our systems from future intrusions.

"Pointing fingers at foreign individual won't change what happened or stop this happening again. Let's focus on the root cause of problems and get pre-emptive," said Oren Falkowitz, a former NSA employee who now runs the email security firm AreaOne. Sounds like sound advice.

All products and services featured are based solely on editorial selection. FORTUNE may receive compensation for some links to products and services on this website.

Quotes delayed at least 15 minutes. Market data provided by Interactive Data. ETF and Mutual Fund data provided by Morningstar, Inc. Dow Jones Terms & Conditions: http://www.djindexes.com/mdsidx/html/tandc/indexestandcs.html. S&P Index data is the property of Chicago Mercantile Exchange Inc. and its licensors. All rights reserved. Terms & Conditions. Powered and implemented by Interactive Data Managed Solutions