© The Financial Times Ltd 2015 FT and 'Financial Times' are trademarks of The Financial Times Ltd.
October 28, 2013 3:44 pm
A British man has been charged in the US for allegedly breaking into thousands of American government computer systems to steal “massive quantities” of confidential data.
Lauri Love, 28, and three unnamed co-conspirators, allegedly infiltrated the systems of the US army, the US Missile Defence Agency, the Environmental Protection Agency and NASA, resulting in millions of dollars in losses, the New Jersey US attorney’s office said on Monday.
Mr Love, from Stradishall, a Suffolk village, was arrested on Friday by officers from the UK’s National Crime Agency’s cyber crime unit, under the Computer Misuse Act, which covers crimes committed from within the UK against computers anywhere in the world.
He has been charged with unauthorised accessing of a US department or agency computer and one count of conspiring to do the same. He has been released on bail until February 2014.
Mr Love was previously charged in New Jersey by federal complaint. He has also been charged in a criminal complaint in the eastern district of Virginia with alleged conduct related to other hacking incidents.
Paul Fishman, the New Jersey US attorney, said: “As part of their alleged scheme, they stole military data and personal identifying information belonging to servicemen and women. Such conduct endangers the security of our country and is an affront to those who serve.”
The arrest represents the latest in a series of instances in recent years where US military computers are believed to have been hacked, including reports that the Chinese were able to download information about a number of sensitive weapons systems.
Earlier this month, US defence secretary Chuck Hagel issued a memorandum that called for stronger protections against cyber theft in order to maintain US military superiority.
The indictment says the hackers’ aim was to “disrupt the operations and infrastructure of the United States government”. If convicted, Mr Love faces up to five years’ imprisonment and a $250,000 fine, or twice the gross gain or loss from the offence, on each count.
The Grand Jury indictment says that Mr Love and his conspirators – one based in Sweden and two in Australia – “placed hidden ‘shells’ or ‘back doors’ within the networks, which allowed [them] to return to the compromised computer systems at a later date and steal confidential data”. The events took place between October 2012 and October 2013.
As part of their alleged scheme, they stole military data and personal identifying information belonging to servicemen and women. Such conduct endangers the security of our country and is an affront to those who serve
- Paul Fishman, New Jersey US attorney
It alleges that the data they stole included budgeting information and personal details on thousands of people including military personnel.
They identified targets, and planned and conducted their attacks in secure online chat forums known as internet relay chats. They allegedly regularly used proxy servers to hide their IP addresses and changed their nicknames in the forums to further conceal their identities. Mr Love, the indictment says, was known as “nsh”, “route” and “peace”.
According to the indictment, Mr Love said in one chatroom exchange that “you have no idea how much we can f*** with the US government if we wanted to. this . . . stuff is really sensitive”. He added: “It’s basically every piece of information you’d need to do full identity theft on any employee or contractor for the [government agency].”
Andy Archibald, the head of the NCA’s cyber crime unit, said the arrest was the result of co-operation between the NCA, Scottish police and “international partners” but the agency declined to give further details.
“Cyber criminals should be aware that no matter where in the world you commit cyber crime, even from remote places, you can and will be identified and held accountable for your actions,” he said.
Copyright The Financial Times Limited 2015. You may share using our article tools.
Please don't cut articles from FT.com and redistribute by email or post to the web.
Sign up for email briefings to stay up to date on topics you are interested in