Some VERY interesting details, some of which will likely be hard to prove. But if they are even true by half, the United States Government (and DoD) may want to reconsider how “secure” they consider their critical networks, and just how ready we are for a major cyber event.
From the Prosecutor’s proffer of charges:
The government’s evidence of the defendant’s guilt of the charged crimes, as well as uncharged criminal activity, demonstrates his position as an extremely sophisticated and dangerous computer hacker. At the time of the defendant’s arrest, Secret Service agents seized a heavily encrypted laptop computer that was in his possession. This computer contained a massive quantity of stolen financial account data and personal identifying information, including more than 400,000 credit card, debit card and bank account numbers, in violation of 18 U.S.C. §§ 1029 and 1028A (Counts One and Two).
In his post-arrest statement, the defendant admitted compromising the computer servers of a number of major financial institutions and companies. For example, the defendant admitted that he compromised a computer network of the Federal Reserve Bank (“FRB”) by exploiting a vulnerability he found within their secure system. The FRB in Cleveland, Ohio has confirmed that an FRB computer network was hacked in approximately June 2010, resulting in thousands of dollars in damages, affecting ten or more FRB computers, and forming the basis for Counts Three and Four.
The defendant’s seized computer also contains evidence of additional and very significant hacking activity. For example, the defendant possessed data illegally obtained from the computer network of FedComp, a data processor for various credit unions in the United States. By hacking into the FedComp system, the defendant had unauthorized access to the data of the Firemen’s Association of the State of New York Federal Credit Union and the Mercer County New Jersey Teachers’ Federal Credit Union, among other victims. The defendant also admitted to compromising the computer networks of several major international banks and companies, and admitted earning money by finding and exploiting network vulnerabilities or trading and selling the information contained therein.
The defendant has not limited his criminal conduct to compromising financial institutions. The government has obtained evidence that his cybercrime activities extend to the national security sector. For example, in approximately August 2010, the defendant hacked into the secure computer system of a major Department of Defense contractor, which provides systems management for military transport and other highly sensitive military operations. These are but a few examples of the government’s evidence of the defendant’s criminal hacking activity targeting the United States’ financial and national security systems.
What was that part about a Defense Contractor and systems management for military transport systems?
Let me say it again. As for the “umbrella” DoD believes they are providing, it has to include myriad Defense Contractors, and everyone that touches those Contractors, and everyone they touch, and everyone who touches them, and in turn, everyone they touch….
One other thing. It may be tricky for the Prosecution in a public trial to provide “proof” without revealing technical, intelligence, and HUMINT capabilities we don’t necessarily want the world to know. Even with multi-source “attribution”, finding the suspect took nearly a year. Which in terms of the damage that can be inflicted with such cyber exploits, might as well be a half-dozen millenia.