On June 15, the UK’s National Crime Agency announced that a 25-year-old hacker pleaded guilty to hacking the United States Department of Defense. He hacked a DoD satellite communication system in June 2014 and upload evidence two months later. Working with the FBI and DoD, the NCA arrested the hacker, Sean Caffrey, in March 2015.
At Birmingham Crown Court, Caffrey pleaded guilty to violating a law under the Computer Misuse Act. He “accessed and stole the ranks, usernames and email addresses of more than 800 users of a satellite communication system,” the NCA’s statement explained. He also stole information from or of 34,000 satellite phones.
Two months after Caffrey hacked the system, he posted proof of his work on Pastebin. There, he uploaded screenshots of the control panel of the stolen database. He also posted a message to the high-profile hacking group known as “Lizard Squad.” The message threatened, “we smite the Lizards, LizardSquad your time is near. We’re in your bases, we control your satellites. The missiles shall reign upon thy who claim alliance, watch your heads.”
The message continued, “We’re one, we’re many, we lurk in the dark, we’re everywhere and anywhere. Live Free Die Hard! DoD, DISA EMSS : Enhanced Mobile Satellite Services is not all, Department of Defense has no Defenses.”
Close to a year after Caffrey hacked the Pentagon, NCA’s National Cyber Crime Unit (NCCU) and West Midlands Police arrested him in Sutton Coldfield. NCA officials said that he used his home internet connection to cause approximately $628,000 in damage to the Department of Defense systems.
The NCA arrested Caffrey along with 56 other hackers in a “Nationwide Cyber Crime Strike.” Every arrest was recorded and listed on the site, including Caffrey’s.
The NCA announcement titled “57 arrested in nationwide cyber crime strike week” briefly explained his arrest:
“23-year old man arrested on 4 March by NCCU officers, supported by West Midlands ROCU, on suspicion of offences relating to a network intrusion in June 2014 on the US Department of Defence (DoD). This relates to theft of information from the Enhanced Mobile Satellite Services global communication system used by the DoD to communicate with employees internationally.”
Janey Young, investigations manager at the NCA, wrote that the investigation with “the NCA, the FBI and the DoD’s Defense Criminal Investigative Service” yielded “very clear, very compelling evidence against Sean Caffrey.” The details of the investigation were not announced, just like Caffrey’s arrest in connection with the hack. The NCA released one piece of information: that officers found an online messaging account—created by Caffrey on one of his computers—that connected to the DoD hack in some way or another.
Once they identified Caffrey as a suspect, they also found the stolen data on his hard drives, the NCA statement explained. No sensitive data was leaked, according to the NCA. Young made it clear that others ought not replicate what Caffrey attempted. “The NCA has people with skills like Caffrey’s, but they’re doing the opposite to him in detecting cyber criminals and bringing them to justice.
Caffrey was scheduled to be sentenced in August.