23-year-old hacker obtained IMEI codes for 34,400 devices

Mar 6, 2015 18:17 GMT  ·  By

An individual suspected to have stolen data from the global communication system used by the US Department of Defense (DoD) has been arrested by the officers of the National Crime Agency in UK.

The hacker, 23, allegedly breached the computer network of DoD on June 15, 2014, and exfiltrated information from the Enhanced Mobile Satellite Services, a communication system used for contacting DoD employees around the world via email or phone.

Hacker boasted about the unauthorized intrusion

Although the incident did not result in loss of sensitive information, it seems that the hacker managed to obtain contact details (names, titles, email addresses and phone numbers) of 800 individuals as well as the IMEI (International Mobile Station Equipment Identity) codes for about 34,400 devices; the code identifies both mobile and satellite phones.

It appears that the hacker boasted about the intrusion and published on Pastebin images of the database administration console. Apart from this, a message addressed to Lizard Squad hacker outfit was included saying:

“We smite the Lizards, LizardSquad your time is near. We’re in your bases, we control your satellites. The missiles shall rein upon thy who claim alliance, watch your heads, ** T-47:59:59 until lift off. We're one, we're many, we lurk in the dark,we're everywhere and anywhere. Live Free Die Hard! DoD, DISA EMSS : Enhanced Mobile Satellite Services is not all, Department of Defense has no Defenses.”

Law enforcement cracked down on multiple suspects

NCA did not identify the hacker by name. In the post announcing the arrest on Friday, the British law enforcement agency said that officers from its National Cyber Crime Unit (NCCU) took the suspect into custody on March 4 in Sutton Coldfield, West Midlands.

The operation was carried out with the help of West Midlands Regional Organised Crime Unit (NCUU) and was part of a larger action that targeted cybercriminals across the UK and resulted in arresting 56 other individuals on suspicion of cyber-offenses ranging from distributed denial-of-service (DDoS) attacks, fraud, development of malicious software to network intrusion and data theft.