British man accused of hacking US military servers, planting backdoors

Graham Cluley

HackerA joint investigation by the UK’s National Crime Agency and the FBI has culminated with the arrest of a British man, alleged to have hacked US government and military computer systems.

28-year-old Lauri Love from Stradishall, Suffolk, is suspected of hacking into systems on servers belonging to – amongst others – the Pentagon’s Missile Defence Agency, NASA and the Environmental Protection Agency.

US prosecutors have filed an indictment in a federal court in Newark, New Jersey, which reveals more details of the case.

Love is accused of working with at least three other individuals based in Sweden and Australia who are, as yet, unnamed. The alleged hackers are said to have exploited vulnerabilities on US government and military systems, planting backdoors which allowed them to return at a later date to steal sensitive information.

The intrusions identified in the indictment are as follows:

DateOrganizationLocationType of attackData involved
Oct. 2-6, 2012Army Corps - Engineer Research and Development CenterVicksburg, Miss.ColdFusiondemolition and disposal of military facilities
Oct. 6, 2012Army Corps

Vicksburg, Miss.

ColdFusionnatural resource management
Oct. 6-9, 2012

U.S. Army – Network Enterprise Technology Command

Aberdeen Proving Ground, Md.

SQL Injection

PII (more than 1,000 individuals)

Oct. 7,8, 2012

U.S. Army – Army Contracting command

Redstone Arsenal, Ala.

SQL Injection

nonpublic competitive acquisition bid data and attachments

Oct. 9, 2012

U.S. military – Plans and Analysis Integration Office

Aberdeen Proving Ground, Md.

ColdFusion

defense program budgeting data

October 2012

U.S. Department of Defense – Missile Defense Agency

not specified in indictment

ColdFusion

PII (more than 4,000 individuals)

Dec. 23, 2012

Army Corps - Engineer Research and Development Center

Vicksburg, Miss.

ColdFusion

not specified in indictment

Jan. 11, 2013

U.S. Army War College – Strategic Studies Institute

Carlisle, Pa.

ColdFusion

not specified in indictment

July 10, 2013

National Aeronautics and Space Administration

not specified in indictment

ColdFusion

PII of numerous NASA employees

Jan. 3, 2013

Environmental Protection Agency - Federal Facilities Environmental Stewardship and Compliance Assistance Center

Newark, Del.

ColdFusion

non-PII personnel data

Budget information and the personal information of thousands of military personnel are said to be amongst the information accessed by Love.

“Computer intrusions present significant risks to national security and our military operations,” said Daniel Andrews, director of the U.S. Army Criminal Investigation Command’s Computer Crime Investigative Unit. “The borderless nature of Internet-based crime underscores the need for robust law enforcement alliances across the globe. We appreciate the bilateral support of the National Crime Agency in bringing cyber criminals to justice.”

Love has been released on bail until February 2014.

There’s no doubt that the American authorities are still smarting after their 10-year battle to extradite British hacker Gary McKinnon, who broke into Pentagon systems after 9/11 searching for secret files detailing UFOs extraterrestial life, ended in failure.

In the wake of that high-profile legal fight, it’s a very brave (or foolhardy) person who targets the US military with a hacking attack. If the US crime fighters believe that they have caught a hacker who has stolen secret information, and embarrassed them by exposing weaknesses on their systems, they are likely to do everything they can to come down like a ton of bricks.

Graham Cluley Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Never miss a thing. Sign up for the free GCHQ newsletter from Graham Cluley.
GET EMAIL UPDATES