FBI arrests 16 over cyber attacks

PayPal came under cyber attack after it and others withdrew services from WikiLeaks last year [Gallo/Getty]

US authorities have arrested 16 people on charges they participated in major cyber attacks, including an attempt to cripple eBay’s PayPal website as retribution for dropping WikiLeaks as a client.

FBI agents carried out the arrests in nine states and Washington DC on Tuesday for a cyber assault that took place last December and was allegedly co-ordinated by the hacking group Anonymous.

Also on Tuesday, US authorities executed more than 35 search warrants around the country, as part of the same ongoing federal investigation.

It was the largest response by authorities tied to a recent spate of high-profile cyber attacks.

Financial institutions like PayPal, Visa and MasterCard withdrew services from WikiLeakslate last year after the whistle blower website published thousands of secret US diplomatic reports that have caused strains between Washington and numerous allies.

Hackers responded with so-called distributed denial-of-service revenge attacks that flooded the companies’ websites with requests for information and rendered them unavailable to other users, according to the indictment filed in federal court in San Jose, California.

PayPal suffered attacks for several days last December. Company spokesperson Anuj Nayar said he could not comment on current legal action.

Those arrested were charged with conspiracy, which carries a maximum penalty of five years in prison if convicted, and intentional damage to a protected computer, which carries a maximum sentence of 10 years in prison.

The accused ranged in age from 20 to 42 and lived in Alabama, Arizona, California, Colorado, Washington DC, Florida, Massachusetts, Nevada, New Mexico and Ohio.

The FBI said the operation had been conducted in co-operation with police in the UK and the Netherlands.

The Justice Department said one person had been arrested in the UK and four in the Netherlands on suspicion of cyber crimes related to recent attacks on major companies and organisations.

“The fact that they have been tracked back and that some of them have been arrested is a significant development,” said Mark Rasch, director of cybersecurity firm CSC.

‘Digital lynch mob’

Stewart Baker, a former top official with the US department of homeland security, said the arrests were an attempt to scare hackers from engaging in cyber attacks.

“I think it makes it a lot less likely that that people will join the next digital lynch mob,” he said.

He also said the FBI probably gave the case extra attention because of the public taunting the bureau received from Anonymous and related groups.

Another related arrest came in New Mexico where an employee for a contractor for AT&T’s wireless service faced charges of accessing a computer without authorisation by allegedly downloading thousands of documents related to its 4G data network and LTE mobile broadband network.

The data was subsequently downloaded to a file-sharing website in April and Lulz Security, another hacking collective, subsequently publicised the data breach, the complaint said. AT&T had no comment on the arrest.

One difficulty authorities have had when trying to track down cyber attackers is that they can be launched from anywhere and with digital security knowledge, hackers are able to mask their location.

Anonymous has taken credit for numerous cyber attacks including the digital servers of Bank of America, Sony and the Malaysian government.