Accessibility links

Breaking News

Undercover FSB Officer Indicted By U.S. Worked For Moscow Investment Bank


Igor Sushchin, seen here in an FBI wanted poster, was believed to still be in Moscow, though his whereabouts were not immediately clear.
Igor Sushchin, seen here in an FBI wanted poster, was believed to still be in Moscow, though his whereabouts were not immediately clear.

WASHINGTON -- One of the two Russian FSB agents indicted by U.S. officials this week worked as an undercover officer at Renaissance Capital, a Moscow investment bank owned by billionaire Mikhail Prokhorov.

The officer, identified in the Justice Department indictment as Igor Sushchin, was fired from the bank on March 16, the day after U.S. officials announced the charges related to the massive 2014 hack of Yahoo.

Sushchin’s firing, first reported by the Russian newspaper Kommersant, was confirmed to RFE/RL by an executive familiar with the matter but who was not authorized to speak publicly about internal company decisions.

Sushchin, who worked for a division of the bank called Renaissance Broker, was believed to still be in Moscow, though his whereabouts were not immediately clear, and there has been no public comment from him.

U.S. officials have formally requested his extradition and that of two other Russians named in the indictment: Aleksei Belan, who was indicted in the United States four years ago on hacking charges, and Dmitry Dokuchayev, an officer, like Sushchin, at the FSB, or Federal Security Service, Russia’s lead security and intelligence agency.

Another man, Karim Baratov, was arrested in Canada this week and held pending a U.S. extradition request.

The Justice Department did not immediately respond to a request for comment on March 18.

Responding to the U.S. announcement, a Kremlin spokesman denied that the government had ever been involved in any cyberattacks and referred further questions to the FSB.

The U.S. indictment paints a picture of the FSB officers overseeing or being directly involved in computer hacking, including stolen e-mail accounts, and other secret programs designed to manipulate a user’s account.

Yahoo said the 2014 breach affected 500 million user accounts.

The indictment identified Sushchin as the “head of information security at the Russian financial firm, where he monitored the communications of Russian financial firm employees."

Russian billionaire Mikhail Prokhorov
Russian billionaire Mikhail Prokhorov

Renaissance Capital is a major Moscow investment bank owned by Onexim group, a holding company that manages the assets of Prokhorov. A billionaire who made his wealth investing in Russia’s nickel industry, Prokhorov challenged Vladimir Putin for the presidency in 2011 running as a liberal, pro-business opposition candidate.

He earned just 8 percent of the vote, however, and many political observers concluded that the Kremlin allowed him to run as a safe liberal option for voters disenchanted with the government. Prokhorov has disputed that.

Prokhorov has also drawn official scrutiny for his ownership of his media group RBK, which published articles investigating the assets of Putin’s son-in-law. Onexim's offices were raided by FSB officials in April 2016. Later, a number of journalists either resigned or were fired, including the media group’s editor in chief.

The U.S. charges appear to be unconnected to alleged Russian hacking of the Democratic National Committee and the FBI’s ongoing investigation into alleged Russian interference in the 2016 presidential election.

But the charges do add to the mystery surrounding the arrest in December of two FSB officers who worked in the agency’s Center for Information Security. One of those arrested was Dokuchayev, and he and his supervisor, Sergei Mikhailov, have been charged with high treason, reportedly for leaking classified information to U.S. intelligence.

Mikhailov does not appear in the newly announced U.S. indictments, though there is mention of another supervisor, called "FSB Officer 3."

The news that two FSB officers were arrested and charged with treason sent ripples through intelligence watchers and experts on cybersecurity.

The growing number of arrests, and a steady stream of leaks in Russian media over the past several weeks, offered potential glimpses into Russia's formidable security apparatus and its ties to shadowy underground hacking networks.

Belan, the hacker, had been indicted in 2012 and 2013, named a top wanted criminal by the FBI, and an arrest warrant was issued by Interpol in 2013. He was arrested in an unnamed European country but then escaped to Russia.

Belan’s name appeared again in December when then-U.S. President Barack Obama announced the expulsion of 35 Russian diplomats and new sanctions against nine top officials and entities associated with the FSB and with Russia's military intelligence agency, the GRU.

Belan was one of two hackers also sanctioned in the order.

  • 16x9 Image

    Mike Eckel

    Mike Eckel is a senior correspondent reporting on political and economic developments in Russia, Ukraine, and around the former Soviet Union, as well as news involving cybercrime and espionage. He's reported on the ground on Russia's invasion of Ukraine, the wars in Chechnya and Georgia, and the 2004 Beslan hostage crisis, as well as the annexation of Crimea in 2014.

  • 16x9 Image

    Carl Schreck

    Carl Schreck is an award-winning investigative journalist who serves as RFE/RL's enterprise editor. He has covered Russia and the former Soviet Union for more than 20 years, including a decade in Moscow. He has led investigations into corruption, cronyism, and disinformation campaigns in Russia and Central Asia, as well as on poisoning attacks against Kremlin opponents and assassinations of Iranian exiles in the West. Schreck joined RFE/RL in 2014.

RFE/RL has been declared an "undesirable organization" by the Russian government.

If you are in Russia or the Russia-controlled parts of Ukraine and hold a Russian passport or are a stateless person residing permanently in Russia or the Russia-controlled parts of Ukraine, please note that you could face fines or imprisonment for sharing, liking, commenting on, or saving our content, or for contacting us.

To find out more, click here.

XS
SM
MD
LG