Top tech crimes of 2013
Prisons around the world this year made way for techie criminals alongside the more garden variety murderers, thieves, and schemers.
Here’s a rundown of those who got sent to the slammer this year for tech-related crimes (based on a compilation of reports from the IDG News Service and sister sites):
Hacking the government
A Pennsylvania man who hacked into multiple corporate, university, and government computer networks and tried to sell access to them, including supercomputers from a U.S. national security laboratory, was sentenced in December to 18 months in prison.
Andrew Miller, 24, pleaded guilty in August to one count of conspiracy and two counts of computer fraud for actions committed between 2008 and 2011, when he was part of the Underground Intelligence Agency hacking group, the U.S. Department of Justice said. Miller asked an undercover FBI agent in 2011 for $50,000 in exchange for access to two supercomputers at the Lawrence Livermore National Laboratory, according to the DOJ.
Celebrity email bust
A man who admitted to illegally accessing email accounts belonging to more than four dozen celebrities to steal their private photos and confidential documents was sentenced in December to 10 years in federal prison by a U.S. District Court judge in Los Angeles.
Christopher Chaney, 36, of Jacksonville, Florida was also ordered to pay a fine of more than $66,000 as restitution for his crimes. Chaney was arrested in November 2011 and has been in custody since March, when he pleaded guilty to nine felony counts, including unauthorized access to computers and wiretapping. He faced a maximum of more than 120 years in prison.
Anonymous members sentenced
A man from Wisconsin was sentenced in December for participating in a DDoS (distributed denial-of-service) attack by hacker group Anonymous on a Kansas company.
Eric J. Rosol, 38, is said to have admitted that on February 28, 2011, he took part in a denial-of-service attack for about a minute on a Web page of Koch Industries—Kochind.com, using software called a Low Orbit Ion Cannon Code, which was loaded on his computer. LOIC is a popular DDoS tool used by Anonymous and other online attackers to overload websites with requests and disrupt the target server.
Also, a member of the hacker group Anonymous was sentenced in November to ten years in prison for hacking into the computers of a geopolitical analysis firm. Jeremy Hammond, 28, in May pled guilty to one count of conspiracy to engage in computer hacking under the Computer Fraud and Abuse Act. He was sentenced by Chief U.S. District Judge Loretta Preska during a hearing at the federal district court for the Southern District of New York in New York.
Hammond, of Chicago, was arrested in March 2012 and charged with hacking into the computer system of analyst company Strategic Forecasting, also called Stratfor, and obtaining subscriber and credit-card information and emails, among other data. Ultimately, credit-card details, emails and cryptographic representation of passwords were leaked. The credit cards were used to make $700,000 in purchases.
Payment card hackers caught
Two Romanian men were sentenced in September to serve prison sentences for remotely hacking into hundreds of U.S. merchants’ computers and stealing payment card data, the U.S. Department of Justice said.
Adrian-Tiberiu Oprea, 29, of Constanta, Romania, was sentenced to serve 15 years in prison, and Iulian Dolan, 28, of Craiova, Romania, was sentenced to serve seven years in prison during proceedings in U.S. District Court for the District of New Hampshire. The two men were charged with hacking into hundreds of point-of-sale (POS) computer systems and stealing payment card data, with co-conspirators compromising cards belonging to more than 100,000 customers, the DOJ said in a press release. The compromises caused losses of more than $17.5 million in unauthorized charges and remediation expenses, the DOJ said.
Pirate Bay hacker sentenced
Pirate Bay co-founder Gottfrid Svartholm Warg was sentenced in June to two years in prison by a District Court in Sweden for multiple data intrusions, attempted aggravated fraud and aggravated fraud. An appeal reduced the sentence to one year.
The data intrusion charge is related to the hacking of a mainframe belonging to Logica, now CGI, an IT firm that provided tax services to the Swedish government, and a mainframe of Nordea bank. The fraud charges stem from a number of attempted money transfers from accounts at Nordea, of which one was successful. Two of the attempts that were part of the case were dismissed. The receiving bank couldn’t find a record of one transfer attempt, and the other transfer was interrupted, according to prosecutor Henrik Olin.
Phishing gang convicted
A heartless phishing gang that stole and frittered a British woman’s entire $1.6 million life savings on items including “gold and cheeseburgers” was handed heavy sentences in May by a judge at London’s Southwark Crown Court.
Nominal ringleader, Nigerian national Rilwan Adesegun Oshodi, was sentenced to eight years in prison and ordered to pay back $1.6 million under the Proceeds of Crime Act, although this might prove difficult given that the stolen money has reportedly already been spent.
The man who phished the victim’s bank account details and then sold the information to Oshodi, Egyption Tamer Hassanin Zaky Abdelhamid, was sentenced to six years and ordered to pay a heavy fine under the Proceeds of Crime Act.
LulzSec members imprisoned
Four British men associated with the LulzSec hacker collective received prison sentences in May for their roles in cyberattacks launched by the group against corporate and government websites in 2011.
Ryan Cleary, 21; Jake Davis, 20; Ryan Ackroyd, 26; and Mustafa Al-Bassam, 18; were sentenced in December in London’s Southwark Crown Court after previously pleading guilty to charges of carrying out unauthorized acts with the intention of impairing the operation of computers.
Davis, who was known online as “Topiary,” received a two-year prison sentence. He acted as a spokesperson for LulzSec, writing some of the hacker group’s announcements and managing its website and Twitter account.
Sony Pictures hacker jailed
Cody Andrew Kretsinger, a 25-year-old man from Decatur, Illinois, was sentenced in April to one year in federal prison for his role in a May 2011 breach of a Sony Pictures website and database.
At the time of the intrusion Kretsinger, who used the online alias “recursion,” was a member of a hacker group called Lulz Security, or LulzSec, that went on a hacking spree during the first half of 2011. The group was affiliated with the international Anonymous hacktivist collective.
Expose an iPad flaw, go to jail
Alleged hacker Andrew "weev" Auernheimer in March was given an unforgiving prison sentence of 41 months for his part in the hugely embarrassing 2010 compromise of 114,000 iPad-using AT&T customers.
Found guilty in November of 2012, 26-year-old Auernheimer’s prison sentence is likely to become only the latest contentious chapter in complex story that has sharply divided opinion. As part of the "Goatse Security" group, Auernheimer styled himself as a security researcher who did nothing more untoward than reveal a weakness on AT&T’s website that was of its own making.
Jobs' house burglar sentenced
The man who broke into the Palo Alto, California home of late Apple CEO Steve Jobs and stole laptops, iPads and other possessions was sentenced in January to seven years in a California state prison.
Kariem McFarlin, 35, was arrested in August last year by officers from the Rapid Enforcement Allied Computer Team, a Silicon Valley-based high-tech crime unit formed by local, state and federal law enforcement agencies.REACT officers found McFarlin with help from Apple security, which tracked where the stolen devices were being used by matching their serial numbers with connections to Apple iTunes servers. The IP address in use matched a line in McFarlin’s apartment in nearby Alameda that was also being used by an Apple device registered to a member of his family, according to a police report.