Sign up to our newsletter
The leader of a gang of who attacked 24 websites in search of personally identifiable information – the bread and butter of ID theft – from the unlikely confines of an aircraft carrier – has pleaded guilty, according to Ars Technica.
The Verge reports that the 27-year old former system administrator turned nuclear aircraft carrier hacker now faces five years in jail and a $250,000 fine. Nicholas Knight and co-defendant Daniel Kreuger were system administrators in the nuclear reactor department.
Prior to his arrest, after naval investigators traced Tweets to the carrier, and captured the hacker using a “sting” operation, he described himself as a “nuclear black hat hacker”, according to ABC News.
He led a team of hackers known as Tea Digi7al, whose attacks targeted high-profile sites such as Harvard and Stanford University websites, plus the Navy’s own Smart Move website, which helps sailors with household moves.
Ars Technica reports that the attack netted Knight details of 220,000 naval staff, including social security numbers dates of birth and addresses. Knight himself downloaded the entire database using a technique known as an SQL injection attack.
An earlier ABC News report claimed that Knight intended to make the data public. His motivations remain unclear – in an interview with ABC, he simply said he had done “dumb things”.
There is no evidence that either Knight or other members of Team Digi7al hacked into systems on the Truman itself. He was caught after Tweets were traced to the network, and naval investigators created a fake database, a trap into which he fell.
Author Rob Waugh, We Live Security