informa
News

Navy Nuclear Carrier Sysadmin Busted For Hacking Databases

Boredom cited as excuse for alleged hack campaign that may have compromised more than 30 government and private sites.

to help Navy families move their possessions whenever they're relocated, in what the service calls a change of "permanent duty station."

NCIS launched its related investigation in June 2012 and confirmed that the Navy's Smart Web Move website and database, located on servers in Tulsa, Okla., had been breached. The system, which was storing information on approximately 220,000 service members -- including their names, dates of birth, passwords, and Social Security numbers -- was immediately and permanently shut down by the Navy.

"The Navy quickly identified the breach and tracked down the alleged culprits through their online activity, revealing an extensive computer hacking scheme committed across the country and even abroad," said US attorney Danny C. Williams in a statement released this week.

Knight appears to have still been serving on the nuclear aircraft carrier when he was identified by NCIS. "While aboard the USS Harry S. Truman, Knight conducted unlawful Team Digi7al activities on the Navy's computer and was discharged by the Navy after he was caught trying to hack into a Navy database while at sea," reads the indictment, which also says that Knight had boasted to fellow hackers that he hacked the Navy database "out of boredom."

Team Digi7alhas also been accused of using SQL injection attacks, among other techniques, to steal 4,000 usernames and 200 partial credit cards from Autotrader.com; the "most wanted list" from the City of Montgomery and Alabama Police Department; the entire contents of the email account for the Peruvian ambassador in Bolivia; personal information pertaining to more than 1,000 customers of the website of musician Rashod Holmes; and more than 7,500 usernames and mobile phone numbers of AT&T U-verse customers. According to the indictment, the group also hacked into systems at Los Alamos National Laboratory, but the intrusion was spotted by a system administrator, and they "managed to steal only a small amount of information."

After NCIS executed a search warrant on Knight's house in Virginia in February 2013, according to the indictment, he admitted to some Team Digi7al activities and agreed to cooperate with investigators. But he allegedly then told one of his co-conspirators -- a minor, who wasn't named -- to delete all related data from the co-conspirator's PC hard drive. Likewise, according to the indictment, Krueger attempted to delete related data from his PC hard drive using what's known as a three-pass wipe, which makes the deleted data more difficult to recover.

If convicted of the charges filed against them, Knight and Krueger face up to five years in prison and a $250,000 fine, plus the cost of restitution to victims of the alleged crime. No trial date has been set.

NIST's cyber security framework gives critical-infrastructure operators a new tool to assess readiness. But will operators put this voluntary framework to work? Read the Protecting Critical Infrastructure issue of InformationWeek Government today.

Recommended Reading: