DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Individual Pleads Guilty to Participating in Internet-of-Things Cyberattack in 2016

Posted on December 9, 2020 by Dissent

There’s an update to a case previously reported on this site in 2016. From the U.S. Department of Justice:

An individual, formerly a juvenile, pleaded guilty to committing acts of federal juvenile delinquency in relation to a cyberattack that caused massive disruption to the Internet in October 2016.

Acting Assistant Attorney General Brian C. Rabbitt of the Justice Department’s Criminal Division, U.S. Attorney Scott W. Murray of the District of New Hampshire, and Special Agent in Charge Joseph R. Bonavolonta of the FBI’s Boston Division made the announcement.

According to the plea agreement, the individual conspired to commit computer fraud and abuse by operating a botnet and by intentionally damaging a computer.  Because the individual was a juvenile at the time of the commission of the offense, the individual’s identity is being withheld pursuant to the Juvenile Delinquency Act, see 18 U.S.C. § 5031, et seq.  The guilty plea took place in a closed proceeding before Chief Judge Landya B. McCafferty in the District of New Hampshire.  Judge McCafferty scheduled the individual’s sentencing for Jan. 7, 2021.

According to unsealed court documents, from approximately 2015 until November of 2016, the individual conspired with others to create and operate one or more online botnets to launch cyberattacks against victim computers (specifically targeting those belonging to online gamers or gaming platforms) in order to take those computers offline altogether or otherwise significantly impair their functionality.  These attacks are often referred to as “Distributed Denial of Service” or “DDoS” attacks.

In general, a DDoS attack is a type of cyberattack in which a malicious actor directs a large volume of Internet traffic to a victim computer or network, overwhelming it and rendering it unable to function as intended.  Successful DDoS attacks can take individual computer users, websites, or entire computer networks offline altogether or otherwise slow their performance.  DDoS attacks are often conducted through the use of botnets (short for “robot networks”), that is, large numbers of compromised computers under the control of an individual or group of actors.

According to court documents, in September and October of 2016, the individual and others created a botnet, which was a variant of the so-called “Mirai” botnet, for use in launching DDoS attacks.  Mirai infected “Internet-of-Things” devices, such as Internet-connected video cameras and recorders, and turned them into bots to be used to launch DDoS attacks.

According to court documents, on Oct. 21, 2016, the individual and others used the botnet they created to launch several DDoS attacks in an effort to take the Sony PlayStation Network’s gaming platform offline for a sustained period.  The DDoS attacks impacted a domain name resolver, New Hampshire-based Dyn, Inc., which caused websites, including those pertaining to Sony, Twitter, Amazon, PayPal, Tumblr, Netflix, and Southern New Hampshire University (SNHU), to become either completely inaccessible, or accessible only intermittently for several hours that day.  As a result of the individual’s DDoS attacks, Dyn, Sony, SNHU, and other entities and individuals suffered losses including lost advertising revenues and remediation costs. Sony estimated that its resultant losses included approximately $2.7 million in net revenue.

This case was investigated by the FBI with assistance from the National Crime Agency and Police Service of Northern Ireland.  The case is being prosecuted by Senior Trial Attorney Mona Sedky of the Criminal Division’s Computer Crime and Intellectual Property Section and Assistant U.S. Attorney Georgiana MacDonald of the District of New Hampshire.  Former Assistant U.S. Attorney Arnold H. Huftalen provided substantial assistance.

The year 2020 marks the 150th anniversary of the Department of Justice.  Learn more about the history of our agency at www.Justice.gov/Celebrating150Years.

Source: Department of Justice

Related posts:

  • Who is on TEKsystems Intel Leak
  • Seven Iranians Working for Islamic Revolutionary Guard Corps-Affiliated Entities Charged for Conducting Coordinated Campaign of Cyber Attacks Against U.S. Financial Sector
  • LulzSec the time line, history, information links, images videos and haters
  • Justice Department Announces Five Cases as Part of Recently Launched Disruptive Technology Strike Force
Category: Breach IncidentsU.S.

Post navigation

← World’s largest manufacturer of machines and systems for solid wood processing hit in cyberattack.
Cyberattack cost UVM Medical Center $1.5 million a day →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Texas Centers for Infectious Disease Associates Notifies Individuals of Data Breach in 2024
  • Battlefords Union Hospitals notifies patients of employee snooping in their records
  • Alert: Scattered Spider has added North American airline and transportation organizations to their target list
  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data
  • Sacred Secrets: The Biblical Case for Privacy and Data Protection
  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.