Russian LinkedIn Hacker Faces Charges in the U.S.

A Russian man accused of hacking numerous American companies was extradited from the Czech Republic to the United States in March 2018. Yevgeniy Nikulin, who allegedly hacked LinkedIn, Dropbox, and Formspring in 2012, used employee credentials for improper activity and also conspired to illegally sell the obtained data. Mr. Nikulin is facing a nine-count indictment in US court. His case embodies the increasingly tense relations between Russia and the United States and represents a further US acknowledgment and repudiation of Russian hacking campaigns.

Ratcheting-Up the Tension

Getting Mr. Nikulin to the US to face charges was a significant challenge. He was arrested by Czech authorities in Prague on October 5, 2016, while vacationing with his girlfriend. Nikulin did not resist arrest, but he did experience unspecified medial issues, resulting in a brief hospital stay. The New York Times reported that Russian Embassy officials in Prague immediately called for his release, arguing that they held jurisdiction over Nikulin’s case because of a 2016 arrest warrant issued in a Moscow court after an alleged theft from another website. A Czech judge rejected the notion, ordering Nikulin to remain in custody while a court evaluated both parties’ extradition requests.

The Obama administration launched the opening salvo of a now ongoing, Cold War-esque political drama by formally accusing Russia of stealing and disclosing Democratic National Committee emails two days after Nikulin’s arrest. Both the Kremlin and Nikulin’s lawyer have argued that the charges brought against him are a politically-motivated attempt to “extend the jurisprudence of American law to the territory of third countries” – a characterization that American officials, like House Speaker Paul Ryan, dispute. “The United States has the case to prevail on having him extradited, whether it’s the severity of the crime, which is clearly on the side of US, or the timing of the request for the extradition,” Ryan told reporters during a visit to Prague in March.

The court action in Prague was uncharacteristic of a country that Jakub Janda, deputy director of the European Values Think-Tank, says is “considered a safe base for Russian intelligence and influence activities focused on Western targets…Prague is unofficially considered to be a springboard for some Kremlin activities inside Europe, also using huge Russian diplomatic presence of approximately 140 staff,” said Janda. Mr. Nikulin’s arrest could be seen as a warning shot designed to deter or curb other actors engaged in targeting the US.

Extradition and Charges

The Czech Ministry of Justice officially ordered Nikulin’s extradition at the end of March, and he was in the US the next day for his first court appearance. Mr. Nikulin has pleading not guilty to a range of charges: three counts of computer intrusion, two counts of aggravated identity theft, two counts of causing damage to a protected computer, one count of trafficking, and one count of conspiracy.

Nikulin’s defense attorney noted to US Magistrate Elizabeth Laporte that Nikulin was continuing to deal with medical issues and was “hoping to go to the hospital,” but a court-ordered medical examination was hampered by what prosecutors described as confrontational and defiant behavior. Prosecutors then accused Nikulin of trying to escape, delaying a bail hearing and all but ensuring Nikulin’s lawyer’s request to have his shackles removed would not be granted.

What’s Next?

US Attorney General Jeff Sessions made the government’s stance towards hackers clear in a statement to reporters, calling hacking “not just a crime, [but] a direct threat to the security and privacy of Americans.” John F. Bennett, the FBI Special Agent in Charge of the case, reiterated that cyberattacks were firmly on the government’s radar screen. “The FBI will not allow international cyber criminals to operate with impunity,” he said. “This extradition is a success for US law enforcement and our partners overseas.”

Underscoring Sessions and Bennett’s statement, the US crackdown on Russian hacking has spread to other countries. Spain has extradited two Russian suspects to the US in 2018, while another suspect is being held in Greece, in limbo between competing Russian and American extradition requests.

Sessions pledged that the US “will make it a priority to investigate and prosecute these crimes, regardless of the country where they originate.” The United States’ renewed commitment to mitigating “deeply troubling behavior once again emanating from Russia” appears to just be getting started.

Quandary Peak Research

Based in Los Angeles, Quandary Peak Research provides software litigation consulting and expert witness services. We rapidly analyze large code bases, design documents, performance and usage statistics, and other data to answer technical questions about the structure and behavior of software systems.

Leave a Reply