A 28-year-old man from Stradishall, England has been charged in the United States with hacking into US government and military computers, stealing sensitive data and causing millions of dollars in damages.
The New Jersey US Attorney’s Office announced on Monday that Lauri Love of the United Kingdom was indicted with breaching thousands of computer systems, including those belonging to the Army, the Pentagon’s Missile Defense Agency and NASA. A separate complaint filed in the Eastern District of Virginia also accuses Love of participating in an operation earlier this year spearheaded by the hacktivist movement Anonymous.
An arrest warrant for Love was signed last week and he was detained on Friday by investigators with the UK’s Cyber Crime Unit of the National Crime Agency (NCA) in connection with an ongoing probe conducted by that agency, US Attorney for the District of New Jersey Paul Fishman said Monday.
Fishman’s investigative team say Love and unnamed co-conspirators hacked into those computers during the last year, installing hidden “shells” or “backdoors” within the networks allowing them to return at later times and pilfer private data.
The indictment accuses Love of stealing personally identifiable information for thousands of military servicemen and government employees.
In July 2013 chat logs monitored by federal investigators, Love allegedly told his co-conspirators he had obtained “basically every piece of information you'd need to do full identity theft on any employee or contractor” for the government agency that he had last hacked.
Conversations earlier that year with co-conspirators reveal that Love announced in the IRC channel, “we might be able to get at real confidential shit” after compromising US networks.
“Collectively, the hacks described herein substantially impaired the functioning of dozens of computer servers and resulted in millions of dollars of damages to the Government Victims,” US prosecutors claim.
In New Jersey, Love was charged with one count of accessing a US department or agency computer without authorization and one count of conspiring to do the same.
A separate criminal complaint filed in US District Court for the Eastern District of Virginia is ripe with testimony from a Federal Bureau of Investigation officer who says Love also accessed without authorization protected computers belonging to the United States Department of Health and Human Services, the US Sentencing Commission, Regional Computer Forensics Laboratory, and US Department of Energy.
Prosecutors say Love masterminded the hacks over Internet Relay Chat, or IRC, where he discussed with co-conspirators vulnerabilities discovered in American networks and ways to exploit servers using a method called a SQL injection.
According to the complaint filed in Virginia, Love and his conspirators targeted the website of the US Sentencing Commission beginning in late 2012, and in January of this year they altered the website to display a video that criticized the guidelines with respect to Internet-related crimes.
“As a result of the intrusion and defacement, the USSC website was unavailable to the public for roughly three weeks,” prosecutors say, causing more than $5,000 in damage and again damaging a US government computer.
The defacement occurred in early 2013 shortly after the death of computer prodigy Aaron Swartz, who committed suicide days earlier while awaiting trial over his own high-profile hacking trial. The international hacktivist group Anonymous authored a statement on the hacked Sentencing Commission website in honor of the activist and coder, and as part of “Operation Last Resort,” a larger movement that cited the treatment of Swartz as well as the “erosion of due process, the dilution of constitutional rights [and] the usurpation of the rightful authority of courts by the ‘discretion’ of prosecutors,” as the catalyst for an attack.
“This website was chosen due to the symbolic nature of its purpose — the federal sentencing guidelines which enable prosecutors to cheat citizens of their constitutionally-guaranteed right to a fair trial, by a jury of their peers — the federal sentencing guidelines which are in clear violation of the 8th amendment protection against cruel and unusual punishments. This website was also chosen due to the nature of its visitors. It is far from the only government asset we control, and we have exercised such control for quite some time,” in part reads the messaged posted on the Sentencing Commission’s website earlier this year.
The court documents unsealed this week allege that Love participated in the government intrusions using a handful of Internet aliases, including “nsh,” “route,” “peace” and “shift.” During one of those hacks, prosecutors say the attack originated out of a domain purchased with a PayPal account registered to “email@example.com.”
After Love’s arrest was announced on Monday, the evidence unsealed began to partially reconstruct the last few years of the mysterious alleged cybercriminal. A cursory Google search for the email address uncovered by authorities tie Love to a “Reclaim the Streets” demonstration scheduled for the British Election Day in May 2011.
“It may be the most important election in our lifetimes; it certainly looks to be the closest. Many are disillusioned, many are apathetic, many believe it's a contest between clowns for the lesser of a few feebles. Whatever you believe, we can all agree that the election could do with being a hell of a lot more FUN,” the flyer for the event reads. “RECLAIM THE SEATS aims to turn the election into a festival, and bring the people together instead of dividing them.”
A Google search also revealed chat log from 2005 and 2008 hosted publically online in which an IRC participant named “nsh” divulged his email address as being the same cited five years later by US prosecutors. RT has also discovered a Twitter account registered to @LauriLove that advertised the same email address in public tweets.
@Morarduncan Could I get in touch re today's photos? email firstname.lastname@example.org
— Smedley Butler (@laurilove) August 25, 2011
http://collateralmurder.com/ - the video from wikileaks showing US apache gunmen killing unarmed civilians including 2 reuters journalists
— Smedley Butler (@laurilove) April 5, 2010
The Twitter account believed to belong to Love ceased making posts two years ago, but dispatches from throughout 2011 suggest Love was involved in the Occupy Glasgow movement at Glasgow University in Scotland.
“We have retaken the university,” Love told the Herald Scotland in a March 2011 article about the growing school protests.
RT has also located video on YouTube of a speech presented at a University of Glasgow protest in May 2011 by a Lauri Love.