Brit Charged with Hacking Federal ITMilitary, NASA, EPA Systems Breached
Prosecutors have charged a 28-year-old resident of Great Britain with hacking thousands of U.S. government computers, including those at the U.S. Army and a number of federal agencies, to steal massive amounts of confidential information.
See Also: The Power and Scale of XDR
On Oct. 25, British authorities arrested Lauri Love of Stradishall, a village about a 90-minute drive north of London. Love, working with others, illegally accessed U.S. government computers, including those of the U.S. Army, Missile Defense Agency, Environmental Protection Agency and NASA, according to allegations in an indictment from a federal district court grand jury in Newark, N.J.
The indictment, which also includes a charge of conspiracy, says the breaches resulted in millions of dollars in losses, but prosecutors didn't explain how they calculated those damages. Prosecutors in Virginia also charged Love with attacks on other computers in the United States.
"As part of their alleged scheme, [Love and others] stole military data and personal identifying information belonging to servicemen and women," U.S. Attorney Paul J. Fishman says in a statement. "Such conduct endangers the security of our country and is an affront to those who serve."
Love faces a maximum potential penalty of five years in prison and a $250,000 fine, or twice the gross gain or loss from the offense, on each of the two counts. Officials did not provide a specific amount of the loss.
According to reports in the British media, U.K. authorities were holding Love in connection with an investigation by Britain's National Crime Agency. British authorities charged Love under the Computer Misuse Act, which allows individuals to be arrested for launching cyber-attacks from within the U.K. against computers anywhere in the world. The reports say information accessed by Love included budgeting data and the disposal of military facilities.
Attacks Occurred Over Past Year
The indictment unsealed in Newark federal court says Love and his cohorts hacked thousands of computer systems since last October. Once inside the compromised networks, Love and his conspirators placed back doors within the networks that allowed them to return to the compromised computers to steal confidential data, including the personally identifying information of thousands of individuals, some of whom serve in the U.S. military, as well as other nonpublic material.
Authorities say Love and his conspirators planned the attacks in secure online chat forums, where they identified vulnerable computer networks and decided what type of information to pilfer with the goal to disrupt the operations of the U.S. government.
Citing prosecutors, the Associated Press says the indictment includes parts of instant message conversations that Love allegedly had with his partners, including one boasting about hacking the space agency's networks: "ahaha, we owning lots of nasa sites." In another exchange, Love marvels at the information the group has accessed, writing "this ... stuff is really sensitive," according to prosecutors.
Authorities allege the conspirators, who reportedly also include an Australian and a Swede, implemented SQL injection attacks and exploited vulnerabilities in the ColdFusion web application platform, which some of the targeted agencies employed. Once they infiltrated the networks, Love and his conspirators placed malware on the systems, creating back doors and leaving the systems vulnerable for later access.
Authorities say the conspirators used proxy and Tor servers to launch the attacks to mask their IP addresses and frequently changed their nicknames in online chat rooms, using multiple identities to communicate with each other.
AP reports authorities charged Love in New Jersey because he allegedly used a server in Parsippany, N.J.