Earlier this month, Tripwire published its final installment of 10 Notorious Cyber Criminals Brought to Justice, a series that sought to demonstrate how law enforcement frequently catches up with individuals who use cyberspace for malicious purposes. Although our series has concluded, we as information security professionals realize that law enforcement will always be working to counter the efforts of cyber criminals. This work, especially its successes, deserves to be recognized on an ongoing basis. We have therefore decided to create “Cyber Criminals Brought to Justice.” This new series will seek to remind us that despite the persistence of black hat hackers, security professionals and law enforcement authorities will always be striving to protect users online.
For our first installment of this series, we explore the story of a yet unnamed gentleman who was recently arrested by UK authorities for having hacked the U.S. Department of Defense (DoD) last year. Back in June of 2014, our subject successfully breached a server located at the Department of Defense and stole data that pertained to military satellite communication systems. The information included the contact details of 800 people as well as the unique codes used to identify approximately 34,000 different servicemen and women. No sensitive information was compromised in the attack. Following the breach, the hacker responsible for the intrusion then took several screenshots of the database control panel and posted them to Pastebin in a message that taunted Lizard Squad, the hacker group responsible for the Christmas 2014 DDoS attacks against PlayStation Network and Xbox Live.
“We smite the Lizards, LizardSquad your time is near. Were in your bases, we control your satellites. The missiles shall rein upon thy who claim alliance, watch your heads,” the message reads.
But the DoD hacker will not be taunting anyone anymore. On Friday, Britain’s National Crime Agency (NCA) arrested the hacker, a 23-year-old man (who has yet to be named), as part of a series of stings against wanted cyber criminals. In addition to apprehending the DoD hacker, the operation apprehended 55 other individuals, including a suspected member of Lizard Squad and a former member of the hacking collective D33Ds Company that launched an attack against Yahoo in 2012. “This week, and this operation in particular, illustrates that cyber crime has no national boundaries,” the NCA said in a statement. “That is why we’re working tirelessly with our partners across the UK and internationally as part of an intensive week of action targeting cyber criminals.” As of this writing, charges against the young man for his crimes are pending.
