​UK cops nab man accused of hacking US DoD to threaten Lizard Squad

Police have arrested a 23-year-old British man accused of hacking the US Department of Defense in an apparent effort to threaten the Lizard Squad hacking group.
Written by Liam Tung, Contributing Writer

The UK National Crime Agency (NCA) this week arrested 56 suspected hackers including one man accused of hacking the US Department of Defense (DoD).

The NCA's National Cyber Crime Unit said it had arrested an unnamed 23-year-old man in the West Midlands on suspicion of hacking the DoD in June last year.

According to the NCA, the man accessed the names, titles, email addresses, and phone numbers of around 800 people as well as the unique IMEI numbers for over 34,000 devices during the intrusion on DoD's network. The data was used as part of the DoD's global satellite messaging system for internal communications with staff via email or phone.

Despite the hacker later bragging he'd gained control of the DoD's satellites, the agency said the breach didn't compromise US national security interests and didn't result in the loss of sensitive data.

Following the breach, the hacker posted a threat on social site Pastebin to the LizardSquad, a hacking group that has claimed responsibility for denial of service attacks on Sony's PlayStation Network and and Xbox Live among dozens of recent targets.

The accused man wrote: "We smite the Lizards, LizardSquad your time is near. We're in your bases, we control your satellites. The missiles shall rein upon thy who claim alliance, watch your heads, ** T-47:59:59 until lift off. We're one, we're many, we lurk in the dark,we're everywhere and anywhere. Live Free Die Hard! DoD, DISA EMSS : Enhanced Mobile Satellite Services is not all, Department of Defense has no Defenses."

The NCA teamed up with the US Department of Defence Criminal Investigative Service (DCIS) to make this week's arrest.

"This arrest underscores DCIS commitment and the joint ongoing efforts among international law enforcement to stop cyber criminals in their tracks, DCIS Special Agents will use every tool at their disposal to pursue and bring to justice those that attack the Department of Defence," DCIS special agent in charge Jeffrey Thorpe said.

The arrest came as part of a major sweep of suspected hackers across the UK, which resulted in the arrest of 56 people through 20 separate operations.

The raids also resulted in the arrest of a 21-year-old suspected of partaking in the D33ds Company attack on Yahoo! in 2012. The group stole 400,000 email addresses and posted them online.

A 22-year-old was also arrested for allegedly developing and distributing malware, while other arrests were related to suspected involvement in phishing attacks, DDoS attacks, deploying malware against banks, and theft of IP from a financial services firm.

Announcing its role in this week's arrests, the South East Regional Organised Crime Unit said five people had been arrested in Kidlington on Wednesday. The five men aged between 34 and 40 were arrested on suspicion of four offences, including conspiracy to commit a computer misuse, unauthorised access, conspiracy to acquire criminal property.

All five men have been given bail until the first week of May when they're required to appear at Banbury police station.

In January, UK authorities arrested an 18-year-old from Southport in connection with its investigation to the attacks on Sony Playstation and Xbox systems over Christmas. The Lizard Squad had claimed responsibility for these attacks. Last year, the group caused an American Airlines flight to make an unscheduled landing after tweeting that the flight, which was carrying a Sony executive, had explosives on board.

Alongside this week's arrest, the police across the UK took a novel approach to the threat of malware running on company servers by physically visiting companies and assessing their computers for malware. The NCA says it identified "5,531 compromises on servers" within the UK. They were identified after 10 Regional Organised Crime Units, Police Scotland, and Police Service of Northern Ireland visited approximately 60 businesses across the country.

Read more on cybercrime

Editorial standards