Bitcoin kingpin Alexander Vinnick, in Thessaloniki. (AP / Giannis Papanikos)
The United States has carried out a largely unheralded roundup of big Russian hackers over the last year, grabbing them on vacation in Barcelona, Prague and Greece, per the AP.
- The arrests come as Russia's security services have struck a strategic agreement with the country's cyber criminals, allowing them to work as long as they also conduct state-ordered missions, experts tell Axios.
- By the AP's count, at least five Russian hackers have been arrested, including Alexander Vinnick, the operator of one of the world's largest bitcoin exchanges, who was picked up July 25 while vacationing with his family in northern Greece on charges of allegedly helped criminal syndicates launder money.
- Why it matters: None of those picked up has any publicly known connection to the most notorious of Russia's cyber-led hybrid war — the hacking of the U.S. and European elections over the last 18 months. But the arrests are intended as a U.S. message that Russia's increasingly intelligent cyberwar cannot be carried out with impunity, Jim Lewis, of the Center for Strategic and International Relations, told Axios.
The culmination of three years of investigation: Lewis said that starting in 2014, the U.S. began to comb its various threads of intelligence for clues as to who was responsible for the wave of cyber attacks, visible most conspicuously at the time in Russia's invasion of Ukraine.
- The U.S. and private cyber consultants concluded that the cyber attacks were carried out largely by private hackers, but were coordinated through Russia's security services, Robert Morgus, a cyber specialist at the New America Foundation, told Axios.
Lewis said the big question for U.S. law enforcement was "how do you deal with a state when they are a proxy for a criminal?" So emerged the arrest plan. "We are still not really good at it," he said. "But one tactic that works is snatching Russians when they are dopey enough to take a vacation."