LulzSec Members Confess To DDoS Attacks

Ryan Cleary and Jake Davis admit to participating in hacktivist group's 2011 online attack spree which hit the CIA, Sony, HBGary Federal, and numerous other organizations.

Mathew Schwartz

June 26, 2012

4 Min Read
Network Computing logo

Four alleged members of the LulzSec hacktivist group had their day in British court Monday.

Two of the people charged--Ryan Cleary, 20, and Jake Leslie Davis, 19--appeared at Southwark Crown Court in England to enter guilty pleas against some of the charges against them, including hacking the public-facing websites of the CIA and Britain's Serious Organized Crime Agency (SOCA). All told, Cleary, who's from England, pleaded guilty to six of the eight charges lodged against him, including unauthorized access to Pentagon computers controlled by the U.S. Air Force. Meanwhile, Davis--who hails from Scotland's Shetland Islands--pleaded guilty to two of the four charges made against him.

The pair pleaded not guilty to two charges of violating the U.K.'s Serious Crime Act by having posted "unlawfully obtained confidential computer data" to numerous public websites--including, PasteBin, and the Pirate Bay--to encourage or assist in further offenses, including "supplying articles for use in fraud."

They did, however, confess to launching numerous botnet-driven distributed denial-of-service (DDoS) attacks under the banners of Anonymous, Internet Feds, and LulzSec. According to authorities, the pair targeted websites owned by the Arizona State Police, the Fox Broadcasting Company, News International, Nintendo, and Sony Pictures Entertainment. The pair have also been charged with targeting, amongst other organizations, HBGary, HBGary Federal, the Atlanta chapter of Infragard, Britain's National Health Service, the Public Broadcasting Service (PBS), and Westboro Baptist church.

[ Learn about another hacker indictment. See Feds Bust Hacker For Selling Government Supercomputer Access. ]

The two other alleged LulzSec members charged Monday are England-based Ryan Mark Ackroyd, 25, as well as a 17-year-old London student who hasn't been named by authorities since he's a minor. Both also appeared at Southwark Crown Court and pleaded not guilty to four charges made against them, including participating in DDoS attacks, as well as "encouraging or assisting an offense."

All four of the LulzSec accused are due to stand trial on the charges leveled against them--for offenses that allegedly took place between February and September 2011--on April 8, 2013. According to news reports, the court heard Monday that reviewing all of the evidence just for the charges facing Cleary will require 3,000 hours.

Three of the accused have been released on bail. Cleary was not released; he had been released on conditional bail in June 2011, but violated his bail conditions by attempting to contact the LulzSec leader known as Sabu at Christmastime.

LulzSec--at least in its original incarnation--was a small, focused spinoff from Anonymous, which itself sprang from the free-wheeling 4chan image boards. LulzSec was short for Lulz Security, with "lulz" (the plural of LOL or laugh out loud) generally referring to laughs gained at others' expense.

According to U.S. authorities, Davis often operated online using the handles topiary and atopiary, while Ackroyd was known online as lol, lolspoon, as well as a female hacker and botnet aficionado dubbed Kayla.

What might be read into Ackroyd allegedly posing as a female hacker? According to Parmy Olson's recently released book, We Are Anonymous, such behavior isn't unusual in hacking forums, given the scarcity of actual women involved. "Females were a rare sight on image boards and hacking forums; hence the online catchphrase 'There are no girls on the Internet,' and why posing as a girl has been a popular tactic for Internet trolls for years," wrote Olson. "But this didn't spell an upper hand for genuine females. If they revealed their sex on an image board ... they were often met with misogynistic comments."

In related LulzSec prosecution news, Cleary last week was also indicted by a Los Angeles federal grand jury on charges that overlap with some of the ones filed by British prosecutors. At least so far, however, U.S. prosecutors have signaled that they won't be seeking Cleary's extradition, leaving him to face charges in the United Kingdom.

The shuttering of LulzSec both in the United States and Great Britain was facilitated by the efforts of SOCA, as well as the FBI, which first arrested Anonymous and LulzSec leader Sabu--real name, Hector Xavier Monsegur--in June 2011, then turned him into a confidential government informant before arresting him again, earlier this year, on a 12-count indictment. As revealed in a leaked conference call earlier this year, British and American authorities were working closely together to time their busts of alleged LulzSec and Anonymous operators on both sides of the Atlantic, apparently using evidence gathered by Monsegur.

Black Hat USA Las Vegas, the premiere conference on information security, features four days of deep technical training followed by two days of presentations from speakers discussing their latest research around a broad range of security topics. At Caesars Palace in Las Vegas, July 21-26. Register today.

About the Author(s)

Stay informed! Sign up to get expert advice and insight delivered direct to your inbox

You May Also Like

More Insights