His lawyers claim that their client was only on the “periphery” of a conspiracy to take down UK government and FBI sites, but a UK teen who didn’t mind boasting online about those crimes now faces the possibility of jail time.
Charlton Floate, 19, of Solihull, England, already admitted to three counts of computer misuse under the Computer Misuse Act and three counts of possessing prohibited images at Birmingham Crown Court.
The attacks took place in January 2013, when Floate and a team of other cyber criminals crippled government sites with deluges of digital traffic sent from malware-infected computers.
Such computers are often called zombie computers, and they’re widely used in botnets to gang up on sites with what’s known as a distributed denial of service (DDoS) attack.
The gang managed to knock out the UK’s Home Office site – a heavily used site that provides information on passports and immigration among other things – for 83 minutes. The group also took down an FBI site – that allowed users to report crime – for over five hours.
The prosecutor, Kevin Barry, reportedly said that in November 2012, Floate carried out two test runs, remotely attacking the computers of two men in the US.
Floate uploaded a sexually explicit video to YouTube to “mock and shame” one of his victims, and he “taunted” the other victim about having control of his computer.
Modest, he was not – Floate also reportedly bragged about the government site attacks on Twitter and on a forum frequented by hackers.
Judicial officer John Steel QC rejected Floate’s legal team’s contention that he was on the “periphery” of the cyber gang, saying that evidence pointed to his actually being central to the crimes, including organizing the attacks.
He said Floate was “clearly a highly intelligent young man”, who had become an expert in computer marketing, had written a book on the subject, and succeeded in taking down an FBI.gov website – what he called the “Holy Grail” of computer crime:
A successful attack on the FBI.gov website is regarded by hackers as the Holy Grail of hacking. It was this which he attempted and, indeed, achieved.
He was the person who instituted such attacks and assembled the tools and personnel for doing so.
The Holy Grail it may be but in this case I beg to differ about how successful Floate was in getting his hands on it.
A DDoS attack isn’t a form of sophisticated lock picking, it’s just a noisy way to board the door shut from the outside.
Floate may well be bright but he stumbled once, and that’s all that investigators needed. Namely, he used his own IP address – he worked out of his mother’s home – to check up on how the attacks had gone.
Police traced the address to Floate’s mother’s home, where they seized Floate’s computer and mobile phone.
They also found evidence that he’d tried to recruit others into the gang and that he’d discussed possible weaknesses in certain websites as well as potential future targets – including the CIA and The White House.
Sentencing was adjourned until 16 October, pending a psychiatric report. Floate is currently remanded on conditional bail.
Steel said he hadn’t yet made up his mind about sentencing but added there’s “clearly potential for an immediate custodial sentence” and that Floate “should be mentally prepared for it.’
Image of Black Leather Glove Pressing DDos Enter Key courtesy of Shutterstock.com.