It has been a long, winding road that brought Vladimir Drinkman to justice, but the road is now nearing an end.
Back in 2009, the Federal Bureau of Investigation identified Drinkman as Hacker 1 in connection with cyber-attacks that occurred between 2007 and 2009 against Heartland Payment Systems, Hannaford Brothers and 7-Eleven. The attacks affected 160 million credit card numbers.
Drinkman, a Russian National, was first arrested in June 2012 in the Netherlands and appeared in a U.S. courtroom in February of this year. He initially entered a plea of not guilty but has since changed his tone. After negotiating a plea agreement with the Justice Department, Drinkman is now admitting his role in the 2007 to 2009 cyber-attacks.
Under the terms of the agreement, Drinkman is pleading guilty to one count of conspiracy to commit unauthorized access of protected computers and one count of conspiracy to commit wire fraud. As part of the plea agreement, the Justice Department is not initiating further criminal charges against Drinkman. The Justice Department had originally brought 11 counts of criminal misconduct against Drinkman. Sentencing for Drinkman is scheduled for Jan. 15, 2016.
“As demonstrated by today’s conviction, our close cooperation with our international partners makes it more likely every day that we will find and bring to justice cyber-criminals who attack America—wherever in the world they may be,” said Assistant Attorney General Caldwell in a statement. “As law enforcement around the world responds to the cyber-threat that affects us all, I am confident that this type of international cooperation that led to this result will be the new normal.”
While Drinkman is now in custody and awaiting sentencing, it’s important to note that most of his co-conspirators have not yet felt the cold embrace of the U.S. prison system. The Justice Department originally identified Drinkman as Hacker 1 in a 2009 indictment in which Albert Gonzalez was also charged. Gonzalez is currently in a U.S. federal prison, serving a 20 year sentence.
In the 2009 indictment, the Justice Department also lists Hacker 2, who was later identified as Alexandr Kalinin of St. Petersburg, Russia. In the February indictment against Drinkman, the Justice Department also named three other co-conspirators: Roman Kotov of Moscow; Mikhail Rytikov of Odessa, Ukraine; and Dmitriy Smilianets of Moscow.
“Smilianets was extradited on Sept. 7, 2012, and remains in federal custody,” the Justice Department noted in a statement. “Kalinin, Kotov and Rytikov remain at large.”
That means that six years after the first charges were laid for the attacks against Heartland Payment Systems and others, only three of the six who were identified as being involved are in jail.
Justice does take time. It takes time to find those responsible, apprehend them, extradite them to the United States (if required) and time to bring cases before a judge.
However, the message in the Drinkman case is clear: The U.S. will hunt cyber-attackers wherever they are and however long it takes.
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.