MERIT Solutions Blog

MERIT Solutions has been serving the Chesapeake area since 1982, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Three Cybercrimes Have Ended in Guilty Pleas

Three Cybercrimes Have Ended in Guilty Pleas

When so much of what we write is about the threats and attacks that exist (and are carried out) in cyberspace, it is particularly refreshing when we can discuss those responsible for these attacks in the context of their legal proceedings. For example, today we are able to discuss how actors in some of the biggest recent cybersecurity events have entered guilty pleas.

As a malware strain that leveraged Internet of Things devices to create a zombified botnet and launch Distributed Denial of Service attacks, Mirai was responsible for no small amount of trouble on the Internet. Its developers, 20-year-old Josiah White and 21-year-old Paras Jha, have pled guilty to developing and leveraging Mirai to their own ends.

The two established a company called Protraf Solutions LLC, which was dedicated to mitigating DDoS attacks. Using this company in tandem with their creation, White and Jha would launch a DDoS attack against a company and then sell their solutions to that company, or would collect money through the other side, accepting payment from their victims to stop the attack. White and Jha also teamed up with an accomplice, 21-year-old Dalton Norman, to leverage Mirai as the driving force behind a click fraud scheme. This scheme alone brought them around 200 Bitcoin, with 30 going to Norman.

Mirai was also responsible for powering the DDoS attack on Dyn, one of the largest data centers east of the Mississippi River.

The trio was charged with click fraud conspiracy, each being sentenced to a five year stay in prison and a fine of $250,000. Jha and White were also charged with conspiracy for writing and using Mirai, to which they pled guilty. This added another five years to their time in prison, another $250,000 fine, along with three years of supervised release.

NSA Data
On December 17, 2017, an employee of the National Security Agency pled guilty to “willful retention of national defense information.” According to the United States Justice Department, Nghia Hoang Pho was hired as a developer for the Tailored Access Operations, or TAO, unit in 2006. The TAO unit was tasked with creating hacking tools to be used to collect data from overseas targets and their information systems.

In the time between 2010 and March of 2015, Pho took classified data and stored it on his home system. This system had antivirus software from Kaspersky Lab installed on it. There are suspicions that Russian hackers have exploited Kaspersky Lab in order to steal documents, quite possibly the ones taken home by Pho. The US Department of Homeland Security issued a directive that disallows the use of software made by Kaspersky Lab in federal agencies.

Pho faces up to 10 years in prison, and will stand for sentencing on April 6.

In March of 2017, four men faced indictment for hacking into Yahoo, effectively exposing the personal account information of one billion users. 22-year-old Karim Baratov has been charged with cooperating with two members of the FSB, or the Federal Security Service of the Russian Federation.

As part of his work for the FSB, the young Canadian hacked into 80 accounts, in addition to the more than 11,000 webmail accounts he had hacked since 2010. Utilizing customized spear-phishing content, Baratov also provided a service that granted access to Google, Yahoo, and Yantex accounts.

Baratov has entered a guilty plea for all nine counts he faces. The first count is for aggravated identity theft, and carries a mandatory sentence of two years. The other eight counts are for violating the Computer Fraud and Abuse Act, and could each carry a sentence of 10 years and a fine of $250,000. Fortunately for Baratov, the United States’ federal sentencing guidelines could shorten the amount of time spent in jail by no small measure.

While seeing those who committed cybercrimes face the music is satisfying, it is even better to know that you’re protected from becoming a victim of some similar plot. MERIT Solutions can help by providing the security solutions and training to help keep your business safe. Give us a call at (757) 420-5150 to get started.



No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Monday, 21 May 2018

Captcha Image

Tag Cloud

Security Tip of the Week Best Practices Technology Privacy Cloud Business Computing Network Security Hackers Malware Internet Software Hosted Solutions Business Management Backup google Productivity Managed IT Services Mobile Devices Microsoft Disaster Recovery VoIP Computer Business Continuity Business IT Support communications Outsourced IT User Tips Windows 10 Cybersecurity Email Productivity Hardware Innovation IT Services Cybercrime Data Backup Efficiency Windows Saving Money Mobile Device Management Managed IT Server Ransomware Small Business Mobility Apps Smartphone Data Recovery Operating System browser Data Law Enforcement Internet of Things Save Money Android Virtualization Telephone Systems Tech Term Smartphones Hosted Solution Quick Tips Phishing Cloud Computing Passwords BDR Money Data Security Chrome Recovery Communication VPN Microsoft Office BYOD Automation Password Holiday Information Technology Office 365 upgrade Collaboration Social IT Support Budget Data Management App Two-factor Authentication Wireless Network Vulnerability Risk Management Facebook Unsupported Software Government Google Drive Hacking Avoiding Downtime Data Breach Update Alert Health Work/Life Balance Miscellaneous Cost Management Gadgets Managed Service Provider Computers Wi-Fi Social Media Best Practice Personal Information The Internet of Things search Politics Employer-Employee Relationship Cleaning Windows 10 USB Save Time User Error Spam Wireless Technology Identity Theft Managed IT Services Flexibility Telephony Shortcut Workplace Tips Firewall Office tips Applications Private Cloud Application History Antivirus Current Events Proactive IT Audit Social Engineering Streaming Media Data Protection Compliance Redundancy Humor WiFi Disaster Project Management Automobile Going Green Value Commerce Bandwidth eWaste Cortana Saving Time Sports Patch Management Office Computer Care Tech Support Phone System Hacker Legal Solid State Drive Internet Exlporer Users Encryption Wireless Charging Excel Blockchain Data Storage Gmail iPhone OneNote Artificial Intelligence Big Data Mobile Security Mobile Computing Devices Transportation IT solutions DDoS Data Loss Robot Marketing SaaS Fraud End of Support Google Docs Remote Computing Samsung Content Filtering Television Battery HaaS Apple Ciminal Wearable Technology Professional Services Point of Sale Reputation Advertising Proactive File Sharing hp Company Culture HIPAA Safety Windows 10s Black Market Smart Tech Consultant IT Management Travel domain Smart Technology Nanotechnology Avoid Downtime Websites Storage Data storage Hard Disk Drive Shadow IT Connectivity Credit Cards WIndows Server 2008 Administration MSP Tablets Chromecast remote Root Cause Analysis Document Management Data Theft Yahoo Experience Content Filter FAQ Colocation intranet Running Cable NFL Server 2008 Augmented Reality Video Games Hard Drives Computing Lifestyle Ali Rowghani Business Intelligence Touchscreen Files Virtual Reality Monitoring Trending Charger Outlook IT budget Word Administrator Scam Lithium-ion battery Analysis Legislation Managed IT Service Music iOS Management Maintenance Relocation Windows Ink Access server installation dvd "cannot install required files" Employer Employee Relationship App store Comparison stock Analytics Regulation Keyboard Computer Fan Instant Messaging Financial Technology Evernote Device Security Identities Google Maps Computer Accessories Worker Commute PDF Specifications tweet Mobile Device Screen Mirroring Sync Dark Web Managing Stress Printing Networking IoT Software as a Service calculator Meetings Books Emails Scalability Text Messaging Identity Sales Twitter Cast Adobe control Hiring/Firing Education Google Assistant Workers Spyware Router Language Vendor Management Settings How To Data Privacy Retail WSJ Licensing Exchange Benefits WannaCry Computer Forensics Updates Distributed Denial of Service altivista Webinar Hard Drive Conferencing Laptop Unified Threat Management HBO Uninterrupted Power Supply Edge Mobile SBS Microsoft Word Virus Microsoft Excel compaq Training Entertainment Electronic Medical Records IT solutions Chromebook Gifts Touchpad Upgrades Emergency Worker CrashOverride Thank You Congratulations Cache Monitors Remote Monitoring

Mobile? Grab this Article!

QR-Code dieser Seite

Recent Comments

Anna Jackson 5 SEO Tools To Get a Google-Eye View of Your Website
15 September 2017
Hello Randall! I was doing very important work but due to your subject I felt better to stay at you...
David Miller Not all project-management tools are right for all businesses
25 August 2017
All the points depicted by you in this blog is v.apt. I love the title of this blog because it says ...