A Pittsburgh couple have been sentenced in federal court today on their conviction of recklessly damaging a computer and password trafficking, United States Attorney David J. Hickton announced last week. The defendants had pleaded guilty in June.
United States District Judge David S. Cercone imposed the sentence on Jonathan Cunningham, 29, and Alyson Cunningham, 26. Each were sentenced to 3 years probation; each to pay restitution of $2,445.96 to the victim law firm; 300 hours community service; computer monitoring; and must notify any employer of this conviction.
According to information presented to the court, on Nov. 28, 2011, Alyson Cunningham had been fired from law firm located in Pittsburgh, PA referred to as “VG,” In retaliation for the firing, Matthew West, acting at Alyson and Jonathan Cunningham’s encouragement, logged into VG servers using an internal company password provided to him by Alyson Cunningham over Facebook. West utilized a VPN proxy server located in Germany to use the password to access VG servers, so as to shield his identity. Once West accessed the server, he installed software on the server which could be used to capture passwords of anyone on the firm’s network.
On Nov. 29, 2011, West sent a partner at VG law firm an email from the account [email protected] that stated that the firm’s web servers had been compromised, and that their backup files had been copied and deleted. This email, which was used to notify the victim company of the hack caused by the usage of the illegally trafficked password, electronically traveled from West’s computer in PA, to Google’s servers in California, before arriving back at VG’s server in PA. The email further stated that “we are not interested in ruining your business, but routinely checking that business is fair and just. Our motive is to solely capture and record 100% of Pittsburgh business records and operations and protect it or use it against you as we could if Anonymous had a reason and needed to.” Anonymous is a loosely connected network of computer hacker/activists who are known to intrude upon computer networks for political purposes.
According to the victim company, neither Alyson Cunningham, Johnathan Cunningham, or Matthew West had authority to access their computer server, nor did they have authority to place malware onto VG’s servers.
Internet chats indicate that Jonathan Cunningham was actively communicating with West during the hack into VG’s servers, providing instruction and suggestions, including suggesting the use of specific VPN servers. When IM chatting with West on the night of the hack, Jonathan Cunningham and Alyson Cunningham alternated in their use of Alyson=s Skype account when communicating with West about the hack.
Assistant United States Attorney James T. Kitchen prosecuted this case on behalf of the government.
U.S. Attorney Hickton commended the Federal Bureau of Investigation for the investigation leading to the successful prosecution of the Cunninghams.
SOURCE: United States Attorney’s Office, Western District of Pennsylvania