Arrest in the US after data deletion spree by state employees during termination
Two 34-year-olds in the US have been in prison for cyberattacks and still gained access to state data. Their termination got out of hand.
(Image: Maksim Kabakou/Shutterstock.com)
In the US, two twin brothers have been arrested who are alleged to have deleted numerous databases of US authorities as employees of a technical service provider. The 34-year-olds are accused of having deleted around 96 databases of various US government agencies in February, including the US Department of Homeland Security. Among other things, files and documents from proceedings under the US Freedom of Information Act (FOIA) are affected, the US Department of Justice announced on Wednesday. The accused are said to have reacted to the termination of their employment with a service provider for federal authorities.
The accused have a criminal past and have already served multi-year prison sentences for computer offenses. One of the brothers had hacked a cosmetics company and stolen customers' credit card data. The other accused had manipulated data from visa procedures as an employee of the consular department of the US Department of State. Later, both were hired again by a service provider for the US government. How this could happen despite their relevant past was the subject of two internal investigations by the company.
Insider attack during termination
According to a report by the financial news service Bloomberg from May, the service provider is Opexus, which offers data and process management software for authorities. According to the report, the two began their insider attack during a virtual meeting where they were informed about their dismissal.
The US Department of Justice confirms the central points of the Bloomberg report in its announcement. According to the report, the past of the two men was probably not sufficiently checked when they were hired by Opexus. The fact that they had served prison sentences for cyberattacks only came to light when they were supposed to work for a government deposit insurance fund, which would have given them extensive access to financial data. Their past came to light during the necessary background check. They were then summoned to a meeting to inform them about their dismissal.
Videos by heise
Indictment filed
One of the brothers is said to have accessed a database of the US tax authority during his termination, blocked others from accessing it, and deleted 33 government databases. After the meeting ended, he is said to have inserted a USB stick with almost 2000 data into his laptop and deleted the contents.
The ease with which the two were able to carry out these actions has led to a series of investigations, including one involving the cybersecurity firm Mandiant. The twins were arrested now after state investigations and an indictment. The accusations are serious. The brothers face multi-year prison sentences, and their actions are a threat to national security and have made it difficult for government agencies to work for citizens. The case is now to be heard in court in the US state of Virginia.
a spokesperson for Opexus told heise online: „We have learned a great deal from this incident and have taken meaningful steps to strengthen the security of the information we handle now and, in the future [...]“.
(mho)
