UK: Ex-employee of ICT contractor jailed for Jet2 cyber attacks
A disgruntled ex-employee has been jailed after he admitted carrying out cyber attacks against Jet2 which took down their computer systems for more than 12 hours.
NCA investigators proved that 27-year-old Scott Burns from Morley, Leeds, illegally accessed a domain operated by Dart Group and their subsidiary, Jet2, on two separate occasions in January 2018.
Burns pleaded guilty to eight offences under the Computer Misuse Act in November and was yesterday (18/12/2019) sentenced to 10 months in prison at Leeds Crown court.
Prior to the attacks, he was employed by ICT provider, and worked on their Jet2 account until December 2017 when he left to work at another IT company.
After gaining access to the Jet2 network on 18 January, Burns removed a folder which stored all user account details, preventing at least 2,000 members of staff from logging into their network accounts and accessing their emails.
In an attempt to cover his tracks, Burns also deleted the program used by the company to keep detailed logs relating to events and changes on the network.
He was arrested by NCA officers on 8 February 2018 and several electronic devices were seized from his home.
Forensic analysis of his computers, along with information provided by Dart Group’s Infrastructure Team, showed that Burns was also responsible for another network intrusion against Jet2 on 3 January – which is believed to have been a scoping exercise, assessing the security of their systems in preparation for his later attack.
On a number of occasions – once on the 3rd January, during his preparation – and then several times after the attack, Burns also hacked the email inbox of Jet2’s CEO.
During interview, Burns admitted that he had illegally accessed the CEO’s inbox “once or twice” to see if anything was being said about the incident – or to see if the company had any evidence of his involvement in the attacks.
Chat records found on his phone show Burns saying he is “finally sick and tired of BC/Jet2” and he describes leaving Blue Chip as “freeeedom”. On the same phone, he had looked up the prison sentence for network intrusion in the UK on Google.
Jamie Horncastle from the NCA said: “Network intrusion is not a victimless crime. Not only did Burns’s actions have a potential financial impact on Jet2, it caused huge disruption to their staff and technical operations.
“These are serious offences.
“The evidence secured internally by Dart Group was extremely beneficial to this investigation. I would always encourage victims of such attacks to preserve as much evidence as possible in the immediate aftermath – it will assist law enforcement in catching the perpetrator.”
Source: National Crime Agency