A US Navy systems administrator stationed on the nuclear aircraft carrier USS Harry S. Truman acted as ringleader for a gang of anti-government cyber crooks, prosecutors alleged last week.
According to a charging document filed in federal court in Tulsa, Oklahoma on 5 May, the enlisted serviceman, 27-year-old Nicholas Paul Knight, was an alleged hacker since the age of 16.
He was also the self-professed leader of the gang, which called itself Team Digi7al.
Team Digi7al broke into networks belonging to more than 30 governments, companies and individuals from about April 2012 up until about June 2013.
The group stole personal information about employees and customers, some of which it then published.
The team took to Twitter to brag about upcoming online escapades, including a 22 May 2012 warning about a “rampage across Canada”. Accordingly, the team tweeted the next day that it would soon reveal Toronto Police Department’s database.
Other targets included the World Health Organization and the US Department of Homeland Security.
The charging document describe the group as being motivated by a mix of anti-government politics, boredom and the desire to prove itself to the hacking community.
That’s not hard to see when you read the charging document’s list of Twitter transcriptions, littered as they are with “lulz”, insistence that the group get the credit for exploits others tried to claim, and one defensive tweet about how hacking the Toronto Police Department’s database still counts, even if it was, apparently, old and crusty:
The people saying #TPD was fake can stfu now, it was an old DB apparently but still we DID #hack them
Knight, the gang’s publicist and Twitter mouthpiece, was a systems administrator in the nuclear reactor department until the Navy discharged him after catching him allegedly trying to break into a Navy database while at sea.
The charging document was filed in federal court in Northern Oklahoma, given that that’s where at least one of the Navy’s servers is located.
Also named in the court filing was Daniel Trenton Krueger, whom prosecutors credited with much of the heavy technical lifting for Team Digi7al, and for doxing information finagled out of the team’s targets. Krueger is a student at an Illinois community college, studying network administration.
The US Attorney also knows about, but hasn’t charged, three other Team Digi7al members who were all minors when they first joined the team.
The team’s targets included Navy-SWM, a website and database that stored the personal information of some 220,000 active duty members of the Navy, including Social Security numbers, full names, dates of birth, encrypted passwords, and password reminders such as mothers’ maiden names, children’s names, and additional personal account passwords.
Another target was the US National Geospatial-Intelligence Agency (NGA), which supports the Defense Department by collecting, analysing and distributing geospatial intelligence.
They also targeted the US Department of Homeland Security Transportation Worker Identification (DHS-TWIC) – which contains biometric and other personal information of transportation workers who travel to secure areas of maritime boats and facilities – and the Los Alamos National Laboratory (LANL) – a government lab that designs nuclear weapons, among other security and energy technologies.
Knight and Krueger have each been charged with one count of conspiring to break into networks.
They were charged in a type of document that usually signals a defendant intends to plead guilty – known as a criminal information – according to the Wall Street Journal.
Knight, for his part, says that what prosecutors are calling a conspiracy of hackers was just him and his buddies being dumb and doing dumb things.
Here’s what Knight told ABC News in an email on Thursday:
Essentially I am in trouble for posting all of the stuff on Twitter. ... Although a lot of people are saying I was the leader of some crime organizations that was out to get people which wasn’t true. Just a group of people that were dumb and did dumb things.
Yep, that sounds about right.
Breaking into a bizarre mix of targets that included Toronto police, national security sites, and a Defense Department agency responsible for maps does indeed sound dumb.Follow @NakedSecurity