Database hacking spree on US Army, NASA, and others cost gov’t millions

Marcus W

Federal prosecutors have accused a UK man of hacking thousands of computer systems, many of them belonging to the US government, and stealing massive quantities of data that resulted in millions of dollars in damages to victims.

Lauri Love, 28, was arrested on Friday at his residence in Stradishall, UK following a lengthy investigation by the US Army, US prosecutors in New Jersey said. According to prosecutors, the attacks date back to at least October 2012. Love and other alleged hackers are said to have breached networks belonging to the Army, the US Missile Defense Agency, NASA, the Environmental Protection Agency, and others, in most cases by exploiting vulnerabilities in SQL databases and the Adobe ColdFusion Web application. The objective of the year-long hacking spree was to disrupt the operations and infrastructure of the US government by stealing large amounts of military data and personally identifying information of government employees and military personnel, a 21-page indictment said.

“You have no idea how much we can fuck with the US government if we wanted to,” Love told a hacking colleague in one exchange over Internet relay chat, prosecutors alleged. “This… stuff is really sensitive. It’s basically every piece of information you’d need to do full identity theft on any employee or contractor” for the hacked agency.

Read 6 remaining paragraphs | Comments


    




Ars Technica » Technology Lab