Teenager admits series of global cyber attacks

Updated

A 16-year-old boy has admitted cyber attacks around the world including on Devon and Cornwall Police and Seaworld.

The teenager, who cannot be named, appeared at Plymouth Youth Court to admit three offences under Section 3 of the Computer Misuse Act.

These offences, committed between October 2014 and January 2015, relate to denial of service attacks on numerous websites across the world.

He denied two offences under Section 51 of the Criminal Law Act in connection with bomb hoaxes made to American Airlines and Delta Air Lines.

Prosecuting, Ben Samples told the trial American Airlines received a threat allegedly made by the boy on Twitter at 6.46pm on February 13 last year.

"The tweet posted on American Airlines read: 'One of those lovely Boeing airplanes has a tick, tick, ticking in it. Hurry gentlemen, the clock is ticking'," Mr Samples said.

"It was also tagged to the White House Twitter. The FBI were notified.

"An assessment was made on the credibility of the threat, and given its unspecific nature, no action was taken and the matter was passed to the UK authorities.

"A tweet was also sent at a similar time, 6.40pm, on February 13 to Delta Air Lines Twitter: 'There's a nice tick, tick in one of those lovely Boeing planes, high quality'.

"This was referred to senior management who assessed the level of threat posed. As it was unspecific, the matter was referred to the authorities.

"No other action was taken."

Mr Samples said both tweets had been sent by the same account, which was investigated by the Operation Zephyr Regional Cyber Crime Unit.

Investigators were led to the 16-year-old boy, from the Plympton area of Plymouth, Devon, and his computer was seized.

"The Skype log that was extracted and various parts of the computer provided the planning and the setting up of the account ultimately used to sent the two bomb hoaxes," Mr Samples said.

"The prosecution say that these messages were recorded on his computer - a computer that he really only uses."

Mr Samples said the teenager took steps to hide his identity while setting up the account.

During police interview, the boy initially denied but then accepted sending the tweets, the court heard.

In a later interview, he insisted he had not sent the tweets, suggesting that a remote access trojan (RAT) - in which an attacker controls a computer remotely - could be responsible.

Following the interviews, a Twitter account used by the boy tweeted the Operation Zephyr Regional Cyber Crime Unit, Mr Samples said.

One tweet said: "To be fair they caught me red handed", while a second added: "I still maintain the utmost respect for Zephyr".

The teenager was charged with the five offences in November last year following the investigation.

He admitted three charges of committing unauthorised acts with intent to impair operation of or prevent/hinder access to a computer at Plymouth Youth Court on Tuesday.

The first charge, between October 10 2014 and January 27 2015, states he "did a series of unauthorised acts... being reckless as to whether the acts would prevent or hinder access to a program or data held in computers".

This is believed to relate to attacks on approximately 10 websites across the world, including one for a Japanese town that hosts an annual dolphin hunt.

The second charge, between October 29 2014 and November 29 2014, states the boy prevented or hindered access to a computer used to host websites relating to SeaWorld.

The third, on January 26 2015, states the boy prevented or hindered access to a computer used to host a website relating to Devon and Cornwall Police.

It is understood the force website was affected for 45 minutes. The trial continues.

Advertisement