The course of events that led to the July 2011 compromise of a computer server used by German authorities for GPS surveillance might have started with a police official monitoring his daughter’s online activities, according to reports in German media.
The man, who is a senior official within the German Federal Police in Frankfurt, installed some type of spyware on his daughter’s computer in order to see what she does online, German weekly magazine Der Spiegel reported on Sunday.
Later, a friend of the girl, who had ties to the German hacker scene, stumbled over the Trojan installed on her computer. To get back at the curious father, the hacker friend decided to break into the man’s personal computer.
Apparently, the police officer had diverted official work-related emails to his private computer, which is most likely a serious violation of data handling policies. “I expect that this is against the rules and is almost always a bad idea,” said Chester Wisniewski, a senior security advisor at security company Sophos.
The emails contained information that helped hackers obtain unauthorized access to the PATRAS system used by police and customs authorities for GPS surveillance. The police official is now being investigated by authorities in Cologne.
A group of hackers calling themselves “n0-N4m3 Cr3w” (No Name Crew) announced in July 2011 that they had obtained access to a PATRAS server, prompting German authorities to temporarily shut down the entire system and launch an investigation.
The group leaked documentation, usernames, passwords, phone numbers, license plates and geographic coordinates related to police investigations that were copied from the compromised server.
The German Federal Police arrested two individuals suspected of being responsible for the security breach. One of them, a 23-year-old man from the North Rhine-Westphalia region, was believed to be the leader of “n0-N4m3 Cr3w.”