Do Cybercriminals Ever Get Extradited?

Crime across the internet knows no boundaries, yet cybercriminals initiate their act from a physical location within the geographic boundaries of some nation. Therefore, it stands to reason that victims and law enforcement both have a need to identify the miscreant, so the act that took place within the internet plane can be dealt with on the physical plane.

And while pages can be filled on the challenges of attribution today, we’ll assume that when an individual has been arrested abroad based on an outstanding warrant from the United States, the attribution question has been addressed adequately (or will be challenged in the courts).

Do Cybercriminals Ever Get Extradited?

The answer is, sometimes—and it depends.

Peter Yuryevich Levasho (aka Peter Severa and Peter of the North), arrested in Barcelona in early 2017 and extradited to the United State, was arraigned by in the U.S. Federal Court Feb. 2. Those familiar with Levasho will recognize him as the operator of the Kelihos botnet. Levasho’s indictment alleges Kelihos facilitated “malicious activities including harvesting login credentials, distributing bulk spam e-mails, and installing ransomware and other malicious software.”

Yevgeniy A. Nikulin, meanwhile, was arrested in the Czech Republic in October 2016.  An Interpol Red Notice was used as the grounds for his arrest. The United States requested his extradition in November 2016. The Czech Minister of Justice ordered Nikulin’s extradition in March. On March 30, Nikulin was charged with hacking into, damaging and stealing data from LinkedIn, Dropbox and Formspring.

To Extradite or Not

There are countries that don’t have extradition treaties with the United States. A list from 2015 shows 76 or so countries that don’t have extradition treaties with the United States, including China and Russia.

Recently the United States indicted 13 Russian individuals for the cyber shenanigans surrounding the 2016 U.S. presidential election. As Russia does not have an extradition treaty, U.S. law enforcement will be watching for a means to make an arrest and extradition. The likelihood is, arrests will be made when the indicted individuals travel abroad.

The two Russian nationals, Nikulin and Levasho, were both present in countries with which the country had a treaty with the United States.

Now, with the case of the 13 indicted Russians, Russian president Putin exclaimed to the world, “Never. Never. Russia does not extradite citizens to anyone.”

An extradition treaty in place isn’t a guarantee that a U.S. indictment or arrest warrant will be sufficient to extradite an individual. Such was the case of Lauri Love. Love successfully hacked into various U.S. government computer networks associated with U.S. Army, the Missile Defense Agency of the United States, Department of Defense, the Environmental Protection Agency and the National Aeronautics and Space Administration.

Love won his appeal to the British Appeals Court denying an extradition order for Love in February. He successfully claimed that “he could be easily tried in the UK. His family and physicians detailed the debilitating physical and mental health problems he has — including severe depression, Asperger’s syndrome, asthma, and eczema — that has incapacitated him for years.” The court noted the “inability of U.S. prisons to humanely and adequately treat his medical and mental health ailments. Extradition to the U.S. would be oppressive by reason of his physical and mental condition.”

The end result? The Crown Prosecution Service will now handle the case in the UK courts (no doubt with the assistance of the U.S. Department of Justice (DoJ).

Courts Decide

Thus, extradition treaties are simply the framework from which the DoJ may seek the extradition of an individual from crimes in or against the United States. The ultimate decision on whether the extradition will occur is in the hands of the courts of the country in which the individual was arrested.

Featured eBook
The Four Current Threats Enterprises Can’t Ignore

The Four Current Threats Enterprises Can’t Ignore

The changing digital landscape of data and devices is creating a perfect storm of opportunity for cybercriminals. Enterprises today are prime targets, as more users access more data using more—and more varied—devices. In particular, enterprises today must contend with issues including ransomware, IoT security flaws, DDoS attacks and managing mobile devices on the corporate network ... Read More
Security Boulevard

Christopher Burgess

Christopher Burgess (@burgessct) is a writer, speaker and commentator on security issues. He is a former Senior Security Advisor to Cisco and served 30+ years within the CIA which awarded him the Distinguished Career Intelligence Medal upon his retirement. Christopher co-authored the book, “Secrets Stolen, Fortunes Lost, Preventing Intellectual Property Theft and Economic Espionage in the 21st Century”. He also founded the non-profit: Senior Online Safety.

burgesschristopher has 54 posts and counting.See all posts by burgesschristopher