A British man has been charged with hacking into U.S.
government computers and stealing personal data about thousands of employees,
then bragging about it on Twitter.
Over the past year, Love and three unnamed
co-conspirators—two living in Australia and one in Sweden—allegedly planted
malware on government computers in order to steal data, according to an
indictment filed in District Court in New Jersey.
The group, which planned their attacks over IRC instant
messaging, compromised agencies including NASA, the U.S. Defense Department’s
Missile Defense Agency, the U.S. Army’s Network Enterprise Technology Command
and the Environmental Protection Agency, among others.
They are alleged to have obtained personal information of
more than 4,000 employees for the Missile Defense Agency and “numerous” NASA
employees, according to the indictment. The group allegedly publicized their
attacks on Twitter.
Government databases were attacked using SQL injection
techniques, which involves probing back-end databases. The attackers also
gained access to government computers by exploiting vulnerabilities in
ColdFusion, Adobe Systems’ Web application development platform.
In an attempt to avoid detection, the group allegedly
channeled its attacks through proxy servers and used TOR, a network that
provides greater privacy by routing encrypted Web traffic through servers
around the world.
The indictment alleges the attacks “collectively resulted in
millions of dollars in damages to the government victims.”
Love could face up to five years in prison and a US$250,000
fine for the two New Jersey charges. He has also been charged in U.S. District
Court for the Eastern District of Virginia for related intrusions, prosecutors
said.
0 comments:
Speak up your mind
Tell us what you're thinking... !