Hacker charged with selling access to Energy, other networks

The Justice Department has a charged a 23-year-old Philadelphia-area man with hacking into networks run by the Energy Department, the University of Massachusetts and other organizations, and selling access to those networks.

An indictment unsealed June 14 alleges that Andrew James Miller, 23, of Devon, Pa., and others broke into computer networks belonging to Energy, UMass, RNK Telecommunications, advertising agency Crispin Porter and Bogusky, and other institutions and companies between 2008 and 2011, according to DOJ.

At one point, he allegedly tried to sell an undercover FBI agent access to a DOE supercomputer for $50,000, ThreatPost reported.

Related stories:

Cyber threats in 2012: 5 pain points

Energy lab releases open-source tool for tracking cyberattacks

According to the indictment, Miller and his co-conspirators stole users’ credentials when he hacked into the systems and used them to sell access. Dealing with the undercover FBI agent, he received two payments of $500 each via Western Union for a list of RNK user names and passwords, requested two payments of $600 for UMass data, and sought $1,000 for access to the advertising agency, ThreatPost reported.

The alleged attempt to sell access to a supercomputer involved networks at Energy’s National Energy Research Scientific Computing Center.

Miller, who was arrested June 14, is charged with one count of conspiracy, two counts of computer fraud and one count of access device fraud. If convicted, he faces up to five years in prison for the conspiracy count and one of the computer fraud charges, and up to 10 years on the other computer fraud counts and the access device fraud count.

Hackers selling access to compromised systems, even government systems, isn’t entirely new. In January 2011, security company Imperva reported that access to dozens of compromised government, military and education networks in the United States and Europe was up for sale.

Access was being offered for between $55 and $499 per site, Imperva said, and some hackers were offering personally identifiable information from the sites at a rate of $20 per 1,000 records.

The apparently compromised sites included the Defense Department’s Pharmacoeconomic Center, the Army’s Communications-Electronics Command, and the main website of the Italian government.

One twist with the sites Imperva found for sale, however, was that some of the URLs being offered included typos, leading to speculation that, in some cases at least, the hackers weren’t really selling access but were just trying to rip off other hackers.