AN IRAQ veteran from South Yorkshire is among a group of computer hackers who were handed prison sentences yesterday for masterminding cyber attacks on major global institutions from their bedrooms.
Ryan Ackroyd, Jake Davis, Mustafa Al-Bassam and Ryan Cleary considered themselves to be “latter-day pirates” when they carried out the attacks on major global institutions including the CIA, Sony, the FBI and Nintendo.
Ex-soldier Ackroyd, 26, from Mexborough, was jailed for 30 months having previously pleaded guilty to one charge of carrying out an unauthorised act to impair the operation of a computer.
He used the online persona of a 16-year-old girl called Kayla.
The four men were “hactivists” with the LulzSec collective, the group behind attacks that stole sensitive personal data including emails, online passwords and credit card details belonging to millions of people.
The NHS and the UK’s Serious Organised Crime Agency (Soca) were also victims of the group, who lived as far apart as London and the Shetland Islands and never met in person.
Sentencing them at Southwark Crown Court in London yesterday, Judge Deborah Taylor said some of their taunting of their victims made for “chilling reading.”
What they considered a cyber game, she said, had in fact had real consequences.
“You cared nothing for the privacy of others, but did everything you could through your computer activities to hide your own identities while seeking publicity,” she said.
Stolen information was posted unencrypted on their website and file-sharing sites such as Pirate Bay in 2011, the court had previously heard.
The group also carried out distributed denial of service (DDoS) attacks, using linked networks of up to a million computers to overpower and crash websites.
Their activities potentially left millions of people at risk from criminals. All four had admitted offences under the Computer Misuse Act 1990.
Cleary, 21, of Wickford, Essex, known as ViraL, pleaded guilty to six charges including hacking into US air force agency computers at the Pentagon. He was jailed for a total of two years and eight months.
Al-Bassam, 18, from Peckham, south London, used the alias tFlow. He was given a sentence of 20 months, suspended for two years, plus 300 hours of community work.
Davis, 20, from Lerwick, Shetland, used the alias Topiary and was LulzSec’s main publicist. He was ordered to serve 24 months in a young offenders’ unit.
He and Al-Bassam had previously pleaded guilty to hacking and launching cyber attacks on a range of organisations, including the CIA and SOCA.
Detective Superintendent Charlie McMurdie, head of the Police Central E-Crime Unit, said the group were “the worst sort of vandals”.
Speaking outside court she said: “Theirs was an unusual campaign in that it was more about promoting their own criminal behaviour than any form of criminal financial profit.
“In essence they were the the worst sort of vandal, acting without care of cost or harm to those they affected, whether this was to cause a company to fold and so costing people their jobs, or to put at threat the thousands of innocent internet users whose logins and passwords they made public.”
Andrew Hadik, the Crown Prosecution Service London reviewing lawyer, said: “Co-ordinating and carrying out these attacks from the safety of their own bedrooms may have made the group feel detached from the consequences of their actions.
“But to say it was all a bit of fun in no way reflects the reality of their actions.
“This case should serve as a warning to other cyber-criminals that they are not invincible.”