A British teenager has been jailed for three years for making hoax bomb threats that closed hundreds of schools up and down the UK.
In March 2018, George Duke-Cohan emailed more than 1700 schools, colleges, and nurseries from the bedroom of his home in Watford, warning that explosives had been planted. The emails said that unless US $5,000 was paid within three hours into the account of US-based Minecraft server VeltPvP, buildings would be blown up.
Although the police said that the emails were not believed to represent any genuine threat, hundreds of schools were still evacuated.
Two days later, 19-year-old Duke-Cohan was arrested on suspicion of blackmail and making malicious communications, following an investigation by the National Crime Agency (NCA).
VeltPvP, the Minecraft server named in the emails, had nothing to do with the threats. The only reason its name appeared to have been used was that Duke-Cohan had had a disagreement with them.
Normally you would expect Duke-Cohan’s wrong-doing to end there, but sadly that wasn’t to be the case.
Just one month after the initial wave of threats, and despite knowing that the authorities were investigating his activities, Duke-Cohan sent a further wave of 24,000 hoax bomb emails to schools in the UK and United States. The emails claimed that pipe bombs had been hidden on school premises, and a car would be driven at students at home-time.
One such email read:
“Student Report (STAFF ONLY). Hello, a male student will be sent into your campus as you start the day, he will look normal but what is in his bag is a bomb. The explosive that is in the two plastic bottles is called ANFO it is a very powerful explosive. The point is that when you put the school on lockdown this student will set off the bomb, and will kill EVERY student in the room and maybe the rooms next to it.”
Duke-Cohan was arrested again, and under his bail conditions prohibited from using any electronic devices.
Duke-Cohan has been sentenced to three years in prison for a series of hoax bomb threats. In addition to causing real concern and worry amongst thousand of parents and children, he now has a criminal record that will harm his future career prospects. @NCSC @GCHQ pic.twitter.com/0CodL2lTeA
— NationalCrimeAgency (@NCA_UK) December 7, 2018
Again, this didn’t stop the teenager who used online aliases such as “7R1D3N7”, “DoubleParallax”, and “optcz1”, and was thought to be connected to the Apophis Squad DDoS and hacking group.
Duke-Cohan’s next trick was to make a phone call, pretending to be a worried father. His daughter, he claimed was on a United Airlines flight from London to San Francisco. Duke-Cohan claimed that his daughter had contacted him mid-flight to say that the plane had been hijacked by gunmen one of whom had a bomb.
When United Airlines flight 949 ultimately landed in San Francisco there was, understandably, a significant security presence waiting for it. The plane was placed in a quarantined area of the airport, and all 295 passengers ordered to remain on board while investigations took place, causing disruption to onward journeys and financial loss to United Airlines.
When police arrested Duke-Cohan for the third time at his home in Watford on 31 August 2017, they found numerous electronic devices in his possession that were banned under the terms of his bail agreement.
The news of the arrest was welcomed by encrypted email service ProtonMail, which had been targeted by Apophis Group through DDoS attacks.
Duke-Cohan was jailed for one year for the email threats and two years for the airport security scare
As BBC News reports, in sentencing Judge Richard Foster told the teenager:
“You knew exactly what you were doing and why you were doing it, and you knew full well the havoc that would follow. You were playing a game for your own perverted sense of fun in full knowledge of the consequences. The scale of what you did was enormous.”
Apophis Squad has not posted a single tweet since Duke-Cohan’s third and final arrest on August 31st 2018.
For more discussion of this topic, be sure to listen to this episode of the “Smashing Security” podcast: