To Solve Hacking Case, Feds Get Hacker Of Their Own

The LulzSec icon on Twitter.

The LulzSec icon on Twitter. Twitter hide caption

itoggle caption Twitter

Federal prosecutors have charged five men with responsibility for some of the biggest computer hacks in the past few years. The FBI says the hackers penetrated the computer systems of businesses like Fox Broadcasting and Sony Pictures, stole confidential information and splashed it all over the Internet.

But what's most unusual about the case is how investigators cracked it — with the help of an insider who became a secret government informant.

The Justice Department team relied on Hector Monsegur, a well-known hacker from New York, who uses the online handle Sabu.

Monsegur, 28, secretly pleaded guilty in August 2011 to a dozen criminal charges, including conspiracy, computer hacking and identity theft. Prosecutors say he faces up to 124 years in prison.

To limit his prison sentence, Monsegur has apparently been leading investigators in real time through the hazy world of high stakes computer hacking — helping get around one of the biggest hurdles to a successful prosecution.

"Well the law enforcement challenge posed by these types of online conspiracies generally is that the members of the group likely have never met ... very often don't know each others' true identities," says Mike DuBose, a managing director and leader of the cyber-investigations unit at the Kroll security firm.

DuBose says "proactive cooperation" can be essential to cracking the code.

The court papers don't specify exactly what Monsegur may have done, but they do describe more than two years of high-profile hacks against some of America's largest businesses.

The Justice Department says many of the hackers belonged to a loose group of electronic vigilantes that called itself the Internet Feds, "waging a deliberate campaign of online destruction."

"You might call them a digital lynch mob 'cause they go around sort of randomly attacking people they're unhappy with," says Stewart Baker, a cybersecurity lawyer at the firm Steptoe & Johnson.

According to an investigation that stretched across five U.S. states and all the way to Scotland Yard, the list of attacks grew and grew.

Most of the action dates to early 2011, when the men allegedly conspired to break into a computer security firm known as HB Gary. They took sensitive documents about the firm's clients and exposed them for public view.

Next, they targeted the computer systems of Fox, grabbing information about more than 70,000 contestants who vied to appear on the X Factor music show.

And in May 2011 they formed a new high-profile group — Lulz Security — which targeted PBS after its show Frontline broadcast a story about the website WikiLeaks. The collective retaliated by posting a bogus story on the PBS website claiming the rapper Tupac Shakur was actually alive and living in New Zealand.

The campaign raged on this year — this time, targeting law enforcement. In January, Donncha O'Cearrbhail, a member of the hacking group based in Ireland, allegedly broke into the personal email account of an Irish policeman.

He learned the FBI and international authorities were planning to discuss ongoing investigations of computer hackers. Then, prosecutors say, the hacker secretly recorded the call and shared it with others.

"This group was unrepentant enough and did enough damage and became prominent enough that I think the book's going to get thrown at them," Baker says.

The other defendants include Ryan Ackroyd, Jake Davis and Darren Martyn, who each face up to 10 years in prison; and Jeremy Hammond, who's charged with hacking into Strategic Forecasting Inc. in December 2011 and stealing credit card information about some of the Austin, Texas, company's clients.

Comments

 

Please keep your community civil. All comments must follow the NPR.org Community rules and terms of use, and will be moderated prior to posting. NPR reserves the right to use the comments we receive, in whole or in part, and to use the commenter's name and location, in any medium. See also the Terms of Use, Privacy Policy and Community FAQ.