From the U.S. Attorney’s Office for the Northern District of Ohio, an update on a previously disclosed prosecution:
An Akron man was sentenced to six years in prison for launching denial of service attacks that shut down web sites for the city of Akron and the Akron Police Department.
James Robinson, 33, previously pleaded guilty to damaging protected computers. U.S. District Judge Christopher Boyko also ordered Robinson to pay $668,684 in restitution.
According to court documents filed in the case:
Servers hosting web sites belonging to the city of Akron were victims of an active distributed denial of service (DDoS) attack on Aug. 1, 2017. Two website domains appeared to be the target of the attacks: akronohio.gov and akroncops.org.
The DDoS attack ultimately overwhelmed the web sites with network traffic and rendered them unavailable to users.
A tweet that same day from @AkronPhoenix420 took credit for targeting the Akron web sites, including a link to a youtube video and a screenshot showing akronohio.gov was not accessible. The tweet included hashtags #Anonymous and #TangoDown.
The video showed a static image of an individual in a Guy Fawkes mask making statements including “it’s time we teach the law a lesson,” “Akron PD abuses the law” and “this week the city of Akron experienced system failures on multiple domains including their emergency TCP ports.”
The subsequent investigation identified attacks coming from an Internet connection registered to James Robinson and that Robinson’s phone was associated with the Twitter account @AkronPhoenix420.
@AkronPhoenix420 also claimed credit for many other DDoS attacks including many in 2018 that bore similar characteristics to the Akron attacks. Targets of those attacks web site domains and servers hosted by the Ohio Department of Public Safety, the National Institutes of Health, the Defense Information Security Agency, the Department of Defense, the Department of Treasury and others. Multiple DDoS attacks have been claimed by AkronPhoenix420, including many in 2018.
Law enforcement authorities got a search warrant for Robinson’s house on Edison Avenue in Akron in May 2018. Agents located a Guy Fawkes mask and a cell phone with a cracked screen similar to a phone seen in tweets by @AkronPhoenix420. Robinson stated he was responsible for the DDoS attacks against the Department of Defense, city of Akron and others, according to court documents.
The Federal Bureau of Investigation, Defense Criminal Investigative Services, Akron Police Department, Ohio State Highway Patrol, Department of Health and Human Services and Department of Treasury investigated the case. It was prosecuted by Assistant U.S. Attorneys Om Kakani and Daniel J. Riedl.