British 15-year-old gained access to intelligence operations in Afghanistan and Iran by pretending to be head of CIA, court hears

15-year-old gained access to plans for intelligence operations in Afghanistan and Iran by pretending to be the head of the CIA to gain access to his computers, a court has heard.

From the bedroom of the Leicestershire home he shared with his mother, Kane Gamble used “social engineering” – where a person builds up a picture of information and uses it manipulate others into handing over more – to access the personal and work accounts of some of America's most powerful spy chiefs .

The teenager persuaded call handlers at an internet giant that he was John Brennan, the then director of the CIA, to gain access to his computers and an FBI helpdesk that he was Mark Giuliano, then the agency’s Deputy Director, to re-gain access to an intelligence database.

He also targeted the US Secretary of Homeland Security and Barack Obama's Director of National Intelligence from his semi-detached council house in Coalville.

Gamble taunted his victims online, released personal information, bombarded them with calls and messages, downloaded pornography onto their computers and took control of their iPads and TV screens, a court heard.

Cyber attack damage could cost as much as Hurricane Katrina
Mr Justice Haddon-Cave noted: “He got these people in his control and played with them in order to make their lives difficult.

John Lloyd-Jones QC, prosecuting, said that Gamble founded Crackas With Attitude (CWA) in 2015, telling a journalist: “It all started by me getting more and more annoyed about how corrupt and cold blooded the US Government are so I decided to do something about it.”

Mr Lloyd-Jones said that it was a common misconception that the group were hackers when in fact they used “social engineering” to gain access to emails, phones, computers and law enforcement portals.

“It involves manipulating people, invariably call centre or help desk staff, into permitting acts or divulging confidential information,” the prosecutor said.

Gamble, who has pleaded guilty to ten offences under the computer misuse act, first targeted Mr Brennan and gained access to his Verizon internet account by pretending first to be employee of the company and then Mr Brennan himself, building up an increasingly detailed picture.

At first he was denied access to his computers as he could not name Mr Brennan’s first pet, but on later calls the handler changed the pin and security questions.

He used similar methods to access Mr Brennan’s AOL account and eventually Gamble was able to access his emails, contacts, his iCloud storage account and his wife’s iPad remotely.

 Former CIA director John Brennan was one of the officials targetted by Gamble
Former CIA director John Brennan was one of the officials targetted by Gamble
Mr Lloyd-Jones QC said: “He accessed some extremely sensitive accounts referring to, among other things, military operations and intelligence operations in Afghanistan and Iran.”

Gamble, who is now 18, later posted sensitive information on Twitter and Wikileaks and taunted officials about his access, sometimes using the tag #freePalestine and claiming it was because the US Government was “killing innocent people”.

Gamble used similar techniques to hack the home broadband of Jeh Johnson, the Secretary of Homeland Security, and was able listened to his voicemails and send texts from his phone.

He bombarded Mr Johnson and his wife with calls, asking her: “Am I scaring you?” and left messages threatening to “bang his daughter”, the court heard.

Around October 2015, when Gamble turned 16, gained access to Mr Giuliano’s home accounts by pretending to be the FBI boss and using the information gained he accessed the FBI’s Law Enforcement Enterprise Portal (Leap).

Mr Lloyd-Jones QC described it as “a gateway providing law enforcement agencies, intelligence groups and criminal justice agencies access to beneficial resources”.

This included criminal intelligence and details of police officers and government employees, and Gamble boasted: “This has to be the biggest hack, I have access to all the details the Feds use for background checks.”

The FBI had realised that their system was breached and the password was changed, but at one point Gamble managed to change it and regain access by pretending to be Mr Giuliano in a call to the helpdesk.

Bhanu Namikaze

Bhanu Namikaze is an Ethical Hacker, Security Analyst, Blogger, Web Developer and a Mechanical Engineer. He Enjoys writing articles, Blogging, Debugging Errors and Capture the Flags. Enjoy Learning; There is Nothing Like Absolute Defeat - Try and try until you Succeed.

No comments:

Post a Comment