British cybercriminal arrested for hacking into US Defence Department network

The UK’s National Crime Agency (NCA) arrested a 23-year old man on March 4th for allegedly hacking into the US Department of Defence (DoD) network in June 2014. The NCA said on Friday the arrest related to theft of data from the DoD’s Enhanced Mobile Satellite Services global communication system, which is used to communicate with employees globally.

Hacker stole DoD staff contact details

The man, who was arrested at Sutton Coldield, West Midlands, is alleged to have stolen contact details of more than 800 of the DoD’s staff worldwide, including phone numbers and email addresses.

While details from 34,400 devices were also taken, the NCA assures that no sensitive data were stolen, i.e. nothing was taken that could identify people personally or undermine US national security interests.

NCA arrests

Fifty-seven people have been arrested across the UK this week, the NCA informs. (Image: NCA)

According to NCA, following the attack, the hacker placed screen shots taken of the dashboard used to control the database, along with the following message.

“We smite the Lizards, LizardSquad your time is near. We’re in your bases, we control your satellites. The missiles shall rein upon thy who claim alliance, watch your heads, ** T-47:59:59 until lift off.”

“We’re one, we’re many, we lurk in the dark, we’re everywhere and anywhere. Live Free Die Hard! DoD, DISA EMSS : Enhanced Mobile Satellite Services is not all, Department of Defence has no Defences.”

US DoD Criminal Investigative Service, Special Agent in Charge, Jeffrey Thorpe said:

“This arrest underscores DCIS commitment and the joint ongoing efforts among international law enforcement to stop cyber criminals in their tracks, DCIS Special Agents will use every tool at their disposal to pursue and bring to justice those that attack the Department of Defence.”

Fifty-seven arrests across the UK

Working with partners in industry, government and law enforcement, the NCA also announced that between March 2nd and 6th, a total of fifty-seven people have been arrested across the country on suspicion of cyber crimes.

The arrests, which resulted from 25 operations, were related to a range of cyber criminality, incuding:

  • Cyber-enabled fraud,
  • Malicious software and virus development,
  • Distributed Denial of Service (DDoS) attacks,
  • Network intrusion and data theft from multinational companies and government agencies.

Arrests were made across England, Scotland and Wales, with officers deployed from the Metropolitan Police, the NCA’s National Cyber Crime Unit, and several Regional Organised Crime Unit’s (ROCUs) linked to local forces throughout the country.

Protecting businesses from cyber crime

The NCA also initiated what it describes as a “pioneering approach” in helping small and medium-sized businesses, hosting companies and ISPs identify threats in the systems.

About sixty businesses were visited by ten Regional Organised Crime Units, Police Scotland, and the Police Service of Northern Ireland, with personalized security data reports that identified 5,531 compromises on servers within Britain.

According to the NCA “The compromises could be used to send out spam email, launch attacks against websites or servers, or install phishing websites to gain access to sensitive information.”

The NCA believes that if organisations act on its advice, up to half of all phishing attacks that typically originate in the UK each month could be cleaned up.

Large police operation

The ACPO (Association of Chief Police Officers) worked with four police regions to hold cyber-security pop-up shops in Manchester, London, Derby and Reading this weekend. People are invited to bring along their PCs, smartphones and tablets for a free health check. They will also receive advice on virus protection, online banking and protecting themselves when online.

Experts from the police, cyber security firms, information services, and banks will be available at the pop-up shops to give advice.

The NCA urges members of the public and businesses to stay up-to-date on online safety at www.getsafeonline.org and www.cyberstreetwise.com, where they can also find tools for cleaning up malware.

If you suspect you have been a victim of online crime, you can report it at www.actionfraud.police.uk.

Partnership between government, industry, and police

NCA’s National Cyber Crime Unit’s Deputy Director, Andy Archibald, said:

“The 56 arrests around the country this week are a result of the essential partnership activity with law enforcement, industry and government that is at the heart of fighting cybercrime.”

“Criminals need to realise that committing crime online will not make them anonymous to law enforcement. We are continuously working to track down and apprehend those seeking to utilise computers for criminal ends, and to disrupt the technical networks and infrastructures supporting international cyber crime.

“It’s imperative that we continue to work with partners to pursue and disrupt the major crime groups targeting the UK, but also, crucially, work to make sure that people have the knowledge and resources to make the UK as inhospitable as possible for cyber criminals in the first place.”

Cyber crime affects the economy

Deputy Chief Constable, Peter Goodman, National Policing Lead for Cybercrime, said:

“Cyber-crime is not victimless. A high-end cyber-attack against financial institutions could have a far-reaching impact on our economy. Small and medium sized businesses can be bankrupted by a cyber-attack with owners and staff losing their jobs. You could be seriously affected by the publication of your personal information.”

“We are transforming our response to cyber-crime. We now have an effective national cyber-crime unit and regional units tackling this crime, who have worked together this week to target those who are using the internet to steal, commit fraud or impact on organisations’ ability to do their business.”

“Please make it harder for these criminals to get away with it by taking simple steps to stay secure online.”

Video – Cyber Security

Cyber security (also: cybersecurity) includes all measures individuals and organizations take to protect their computer system and data from hackers and cyber attacks. The prefix cyber refers to anything related to IT, computers, networks, and virtual reality.