It’s been a while since we’ve talked about any hacking related arrests, or in this case, imprisonments. In this case, it’s some ‘ex’ members of LulzSec, for the attacks they perpetrated in 2011.

The longest of the sentences being 32 months, almost 3 years for the guy that operated and managed the botnet used in some of the LulzSec attacks.

I wonder if all these successful prosecutions can be attributed to the former LulzSec leader, Sabu, who flipped and informed for the FBI.

Four British men associated with the LulzSec hacker collective received prison sentences Thursday for their roles in cyberattacks launched by the group against corporate and government websites in 2011. Ryan Cleary, 21, Jake Davis, 20, Ryan Ackroyd, 26, and Mustafa Al-Bassam, 18, were sentenced Thursday in London’s Southwark Crown Court after previously pleading guilty to charges of carrying out unauthorized acts with the intention of impairing the operation of computers. Davis, who was known online as “Topiary,” received a two-year prison sentence. He acted as a spokesperson for LulzSec, writing some of the hacker group’s announcements and managing its website and Twitter account. Ackroyd, who posed as a 16-year-old girl online and used the alias “Kayla,” received a 30-month prison sentence, while Mustafa al-Bassam, who used the online alias “T-Flow,” received a 20-month suspended prison sentence and was ordered to perform 200 hours of unpaid community work. Cleary, who used the online alias “Viral,” received a 32-month prison sentence. He was not one of the LulzSec core members, but was associated with the group and operated a botnet that was used to launch DDoS (distributed denial-of-service) attacks against LulzSec’s targets. LulzSec’s members went on a hacking spree between May and June 2011, targeting various companies and government agencies. They used hacking methods and tools to break into websites and leak the information found in their databases, including the personal details of thousands of users, and also launched DDoS attacks to make websites inaccessible.

The attacks carried out were fairly widespread and included major corporations as well as US and UK governmental organizations. Data was captured and leaked and large scale sustained DDoS sustained were used against prominent sites.

We are still in a fairly immature legal situation for cyberattacks, so we tend to see sentences vary a lot. I’m pretty sure these guys will end up in some cushy white collar prison rather than in with hardcore criminals.

Some of LulzSec’s targets included Sony, Nintendo, News Corp., Bethesda Game Studios, the CIA, the FBI, the Arizona State Police and the U.K.’s Serious Organised Crime Agency (SOCA). Andrew Hadik, a lawyer with the Crown Prosecution Service (CPS) in the U.K., characterized the actions of LulzSec’s members as “cowardly and vindictive.” “The harm they caused was foreseeable, extensive and intended,” Hadik said in a statement published on the CPS blog. “Indeed, they boasted of how clever they were with a complete disregard for the impact their actions had on real people’s lives.” Companies suffered financial losses and serious damage to their reputations, while hundreds of thousands of innocent individuals had their private details exposed as a result of the group’s actions, he said. Another LulzSec member named Cody Andrew Kretsinger, from Decatur, Illinois, who used the online alias “recursion,” was sentenced in April to one year in federal prison for his role in LulzSec’s attack against Sony Pictures. Hector Xavier Monsegur, the former leader of LulzSec, known online as “Sabu,” was arrested in June 2011 and agreed to act as an informant for the FBI. Monsegur pleaded guilty to multiple hacking offenses in relation to the group’s activity and is scheduled to be sentenced in August.

It’ll be interesting to see what else turns up in the LulzSec case, today Jeremy “anarchaos” Hammond announced that he’s pleading guilty after being in prison for 15 months. He pleaded guilty because of the stacked damages figures, with the inflated figures he could face up to 30 years in prison.

Even with the plea bargain he still faces up to 10 years locked up and has agreed to pay $250,000 in restitution.

Source: Network World