Navy sysadmin hacked 220,000 sailors from inside nuclear carrier

8 May, 2014 01:00 / Updated 11 years ago

A former systems administrator who worked for the US Navy’s nuclear reactor department is accused of infiltrating government networks using the Navy’s own computers and posting links to the materials he found on Twitter.

Nicholas Paul Knight, 27, was allegedly the leading member of a blackhat hacker group, along with Daniel Trenton Krueger, 20, that called itself Team Digi7al. The group, according to court papers obtained by The Register, was a “criminal association organized to hack protected computers, steal sensitive and private information, make unauthorized public disclosures of that stolen…information and commit various others crimes related to its hacking activities.”

Prosecutors say the pair, with help from other members of Team Digi7al, hacked the Navy’s SWM database, which held information about 220,000 Navy sailors. Others alleged targets included the US National Geospatial-Intelligence Agency, a military mapping agency, and the Los Alamos National Laboratory, a government-run developer that build the atomic bombs dropped during World War II.

Knight, a Virginia native, has been portrayed as the group’s ringleader in part because of the prosecution’s claim that he attacked a Navy database during while on active duty serving aboard the USS Harry S. Truman, one of the Navy’s ten nuclear-powered aircraft carriers.

Knight called himself a ‘nuclear black hat’ who fought for the people of the United States, not the government,” prosecutors said, adding that Knight said he led the hack “out of boredom” while another said they did so because it was “fun, and we can.”

Along with the aforementioned institutions dozens of organizations were hacked, including Harvard University, the Library of Congress, the Peruvian Ambassador’s email in Bolivia, the World Health Organization, Kawasaki, the Department of Homeland Security, and a plethora of colleges and universities.

Investigators have reportedly identified three other members of Team Digi7al, although only Knight and Krueger, a community college student in Illinois, were arrested. Since his arrest Monday Knight has been discharged from the military and plans to plead guilty on May 20, according to the Virginian-Pilot. One of the pair’s accomplices is said to have used three-pass wiping to delete incriminating data from his device.

The industry must acknowledge what is so painfully obvious – privileged account security is a critical layer of security that enables organizations to respond to malicious activity and mitigate potential damage, far more effectively than focusing on the perimeter alone,” Ufi Mokady, CEO of security firm Cyber Ark, told TechWorld.com.

As Symantec recently stated, the perimeter is dead – the threats are occurring on the inside of businesses. It only makes sense that this is where preventative security measures should start as well.

If convicted, both Krueger and Knight could be sentenced to five years in prison and a fine of $250,000.