Alleged Hacker Charged in Five Attacks2 Universities, 3 Companies Targeted
Timothy Justin French of Morristown, Tenn., has been arrested and charged with computer hacking for allegedly conspiring to launch cyber-attacks on two universities and three companies last summer, according to federal authorities.
French was allegedly associated with the NullCrew hacktivist group and went by the online handles "Orbit," "@Orbit," "@Orbit_g1rl," "crisis," "rootcrysis," and "corps3," authorities say. The complaint against French charges him with involvement in five cyber-attacks launched by NullCrew which impacted two universities, a Canadian telecommunications company, a California-based company and a large mass media communications company.
In each of the attacks, information allegedly hacked from the victims' computers was released by NullCrew. The attacks led to significant costs to the universities and companies, including responding to the computer intrusions, conducting damage assessments and restoring the computer systems, authorities say.
During the attacks, investigators identified a computer user named "Orbit" who was using an IP address assigned to French's Morristown, Tenn., address, authorities say. Records from the victims' computers show access from the same IP address at or around the time the attacks were being discussed or occurred, according to federal prosecutors.
French was arrested at his home by FBI agents and will face prosecution in U.S. District Court in Chicago, where no court date has yet been scheduled. He was charged with conspiracy to commit computer fraud and abuse in a criminal complaint that was filed under seal on June 3 and was unsealed upon his arrest. If convicted, French faces a maximum sentence of 10 years in prison and a $250,000 fine.
Authorities allege that the hacking exploits of French and members of NullCrew resulted in the release of thousands of username and password combinations, along with other information.
"Cybercrime sometimes involves new-age technology but age-old criminal activity - unlawful intrusion, theft of confidential information and financial harm to victims," says Zachary Fardon, U.S. Attorney for the Northern District of Illinois. "Hackers who think they can anonymously steal private business and personal information from computer systems should be aware that we are determined to find them, to prosecute pernicious online activity and to protect cyber victims."