Velocity Technology Partners Blogs

Three Cybercrimes Have Ended in Guilty Pleas

Three Cybercrimes Have Ended in Guilty Pleas

When so much of what we write is about the threats and attacks that exist (and are carried out) in cyberspace, it is particularly refreshing when we can discuss those responsible for these attacks in the context of their legal proceedings. For example, today we are able to discuss how actors in some of the biggest recent cybersecurity events have entered guilty pleas.

Mirai
As a malware strain that leveraged Internet of Things devices to create a zombified botnet and launch Distributed Denial of Service attacks, Mirai was responsible for no small amount of trouble on the Internet. Its developers, 20-year-old Josiah White and 21-year-old Paras Jha, have pled guilty to developing and leveraging Mirai to their own ends.

The two established a company called Protraf Solutions LLC, which was dedicated to mitigating DDoS attacks. Using this company in tandem with their creation, White and Jha would launch a DDoS attack against a company and then sell their solutions to that company, or would collect money through the other side, accepting payment from their victims to stop the attack. White and Jha also teamed up with an accomplice, 21-year-old Dalton Norman, to leverage Mirai as the driving force behind a click fraud scheme. This scheme alone brought them around 200 Bitcoin, with 30 going to Norman.

Mirai was also responsible for powering the DDoS attack on Dyn, one of the largest data centers east of the Mississippi River.

The trio was charged with click fraud conspiracy, each being sentenced to a five year stay in prison and a fine of $250,000. Jha and White were also charged with conspiracy for writing and using Mirai, to which they pled guilty. This added another five years to their time in prison, another $250,000 fine, along with three years of supervised release.

NSA Data
On December 17, 2017, an employee of the National Security Agency pled guilty to “willful retention of national defense information.” According to the United States Justice Department, Nghia Hoang Pho was hired as a developer for the Tailored Access Operations, or TAO, unit in 2006. The TAO unit was tasked with creating hacking tools to be used to collect data from overseas targets and their information systems.

In the time between 2010 and March of 2015, Pho took classified data and stored it on his home system. This system had antivirus software from Kaspersky Lab installed on it. There are suspicions that Russian hackers have exploited Kaspersky Lab in order to steal documents, quite possibly the ones taken home by Pho. The US Department of Homeland Security issued a directive that disallows the use of software made by Kaspersky Lab in federal agencies.

Pho faces up to 10 years in prison, and will stand for sentencing on April 6.

Yahoo
In March of 2017, four men faced indictment for hacking into Yahoo, effectively exposing the personal account information of one billion users. 22-year-old Karim Baratov has been charged with cooperating with two members of the FSB, or the Federal Security Service of the Russian Federation.

As part of his work for the FSB, the young Canadian hacked into 80 accounts, in addition to the more than 11,000 webmail accounts he had hacked since 2010. Utilizing customized spear-phishing content, Baratov also provided a service that granted access to Google, Yahoo, and Yantex accounts.

Baratov has entered a guilty plea for all nine counts he faces. The first count is for aggravated identity theft, and carries a mandatory sentence of two years. The other eight counts are for violating the Computer Fraud and Abuse Act, and could each carry a sentence of 10 years and a fine of $250,000. Fortunately for Baratov, the United States’ federal sentencing guidelines could shorten the amount of time spent in jail by no small measure.

While seeing those who committed cybercrimes face the music is satisfying, it is even better to know that you’re protected from becoming a victim of some similar plot. Velocity Technology Partners can help by providing the security solutions and training to help keep your business safe. Give us a call at (800) - 983 - 5765 to get started.

4 Skills Needed for IT Project Management Success
MSPs Face Many of the Same Problems Your Business ...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Saturday, August 18 2018

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Google Maps Audit Small Business The Internet of Things Social Media Cloud Computing Data Loss VPN Workers Malware Outsourced IT Big Data Law Enforcement Value Best Practices Apple Windows Ink HBO Hardware Analysis Outlook Charger MSP Identity Theft Business Continuity Operating System Business Management Monitoring Money Flexibility Proactive IT Retail NFL Connectivity Risk Management Evernote Redundancy Microsoft Communications Networking Proactive WiFi Updates Data Recovery Tech Support Encryption BYOD IT Support Edge Productivity Antivirus Wireless Charging Politics Storage Softphones Browser Legal Government Social Engineering Device Security Students Data Storage File Sharing Server IT budget Managed Service Provider IT support Tablets PowerPoint Websites Comparison Application Computer IT Services Hosted Solution Hosted Solutions Memory Project Management Identity Alert Word Emergency Data Theft Applications Security Bring Your Own Device Content Filter Hackers Employer-Employee Relationship Communication Managed IT Marketing Cast Spam Smart Tech WIndows Server 2008 FAQ Efficiency History Streaming Media Thank You Update Privacy Windows Automation Data Management Wi-Fi Microsoft Word Compliance IT Management Saving Money Excel Smartphone Mobile Devices Two-factor Authentication Google Assistant App store Data Backup Specifications Hybrid Cloud iPhone Computers Patch Management Financial Technology Data Breach Google Drive Best Practice Twitter Android Lifestyle Tip of the Week Management Smartphones Disaster Recovery Microsoft Excel VoIp App Financial Identities Computer Forensics Google Software as a Service Education Phishing Conferencing Data Protection Adobe Cloud Vulnerability Chromebook Legislation Backup Shortcut Managing Stress Ransomware Remote Monitoring Data Security Screen Mirroring Remote Computing Printing Passwords Congratulations Chrome Router Microsoft Office Virus Sports Commerce Gadgets Company Culture Managed IT services Network Security Unsupported Software Internet of Things Artificial Intelligence Innovation Software Windows 10 Cleaning Spyware SaaS Unified Communications Business intranet Content Filtering Mobile Device Management Mobility Cortana OneNote Regulation Apps eWaste Holiday Virtualization Tech Term Internet User Error Wireless Internet Telephone Sales Data BDR Credit Cards Gifts Technology Travel Managed IT Services Email WannaCry Gamification Work/Life Balance Devices Vendor Management Business Computing Language IoT Cybersecurity Safety Office 365 Telephone Systems Gmail Personal Information Google Docs Collaboration Sync Ciminal Fraud Wireless Technology Data Privacy Computing User Tips Licensing Mobile Security Maintenance Blockchain IT Solutions Cybercrime Hard Drive Cost Management Network