Two men — including a sailor aboard a nuclear-powered Navy aircraft carrier — conspired to hack into the computer systems of dozens of government agencies and universities, with much of the cracking done from the ship itself, according to guilty pleas filed Wednesday in federal court.
Why? Because they were "bored" and "because we can," according to charging documents and plea statements filed in U.S. District Court in Tulsa, Okla., in the case against Nicholas Paul Knight, 27, of Chantilly, Va., a former Navy systems administrator aboard the USS Harry S. Truman, and Daniel Trenton Krueger, 20, a computer network engineering student from Salem, Ill.
The pair were caught in June 2012 when they tried to sneak into the Navy's Smart Web Move database — which stored Social Security numbers, names and dates of birth for almost a quarter-million service members. The records were stored on servers in Tulsa, which is why Knight and Krueger were charged there.
That single incursion cost the Navy more than $500,000 to repair and left 700 overseas service members without systems access for almost three months, prosecutors said.
Knight admitted in his plea statement that he and Krueger knew the hack would "damage NAVY-SWM in many ways, including that, by revealing the database schema, the website would be more vulnerable to future attacks."
Likewise, Krueger admitted in his statement that he and Knight knew the attack "would impede and obstruct the Navy's ability to effectively and efficiently manage the logistics of Service Members' transfers to new duty stations."
Knight, who prosecutors said was the brains of the outfit, was drummed out of the Navy after he was nabbed in that investigation, according to the court documents.
Knight and Krueger are scheduled to be sentenced Aug. 27 for that escapade and similar hacking and ID-fishing expeditions against targets as diverse as the Department of Homeland Security, AT&T U-verse, Harvard University, the Toronto Police Department, Los Alamos National Laboratory, the World Health Organization and the National Geospatial-Intelligence Agency (the Pentagon office in charge of collecting and analyzing national security-related satellite imagery).
The duo boasted about their exploits under the name Team Digi7al on a Twitter account that abruptly went dead when they were arrested: