A 25-year-old British man was arrested for hacking into the United States Department of Defense system.
Sean Caffrey, a resident of Sutton Coldfield in the West Midlands, pleaded guilty to hacking into the U.S. military communications system and stealing IMEI numbers for the DoD from over 30,000 satellite phones on June 15, 2014.
According to the United Kingdom National Crime Agency, he stole ranks, login credentials and email addresses of more than 800 users of one satellite communication system, plus information from a great number of satellite phones.
The NCA’s indictment stated that Caffrey had broken into the Short Burst Data System of the Enhanced Mobile Satellite System of the U.S. DoD.
They did not give details as to how he was arrested but noted that the hacking activities originated from his internet connection’s IP address.
After that, a thorough examination was done, revealing all the stolen data from his computer.
The Pentagon uses the International Enhanced Mobile Satellite System to communicate with their employees across the world via email or phone.
Due to the delicate nature of the stolen data, the U.K. National Crime Agency launched their investigation into the hacking immediately.
Caffrey was arrested a year later in March 2015. NCA investigation manager Janey Young stated that the strong partnership between the FBI, the NCA and the DoD had gathered compelling evidence regarding Caffrey’s hacking crime.
This arrest was a major crackdown on cybercrime in the U.K. Apart from Caffrey’s arrest, the NCA was able to apprehend more than 56 hacking perpetrators at this time.
In Caffrey’s case, crime agents found an online messaging account that linked to the hacking activities.
The account was being operated using Caffrey’s computer, and it was reported that he had claimed responsibility for the attack via a message in the text-sharing application Pastebin.
Caffrey’s arrest was a major crackdown on cybercrime in the U.KOn this messaging app, Caffrey reportedly shared screenshots of the stolen data online.
He was conducting this activity under the pseudonym “ISIS Freedom Fighters.” Afterward, he published a message that he would strike the LizardSquad and that their time was up.
He was taunting the infamous hacking group Lizard Squad, which is famous for high-profile cyber attacks including hacking Xbox Live and other online gaming services.
The message went further to tell the hacking group that he was in their bases.
He threatened them to watch their heads for T-47:59:59 until lift off, for missiles would rein the heads of those who claimed alliance.
He went on to threaten that he had a whole team lurking in the dark waiting to attack.
While performing this hacking series, Caffrey seems to have paid little mind to covering his tracks. He didn’t use a VPN or proxy and, eventually, the authorities were led to his home.
By the time he was arrested, his message to Lizard Squad was still up.
Caffrey claimed himself to be affiliated with ISIS, and even shared a few screenshots that contained full names and contact details, including phone numbers and email addresses.
The screenshots also had the usernames of service members.
Caffrey’s hacking menace caused damages costing more than $628,000 to the DoD. However, there isn’t a report to show how he managed to access the data.
Caffrey pleaded guilty at the Birmingham Crown Court, to the Computer Misuse Act under the U.K.’s anti-hacking law.
The FBI and the DoD’s Defense Criminal Investigation Services collaborated in the investigation that led to Caffrey’s hearing.
In a NCA statement, Young cautioned other hackers not to assume that cybercrime does not do harm to anyone or that they can get away with it—going on to say that the NCA had people with hacking skills like those of Caffrey, but their job is to detect cyber criminals and anyone involved in hacking activities and bringing them to justice.
Young added that the agency is working to ensure the internet is a safe place for people who use it legitimately.