A U.S. Navy sailor allegedly led a group of hackers that broke into a myriad of government and private websites in order to publicize secret or personal information – sometimes while the sailor was serving aboard on a nuclear-powered warship.
Prosecutors say that while serving as a systems administrator in the nuclear reactor department of the USS Harry S. Truman, sailor Nicholas Knight was leading a double life as a self-proclaimed “nuclear black hat” hacker and the leader of a hacking group called Team Digi7al.
The group attacked not only high-profile U.S. government websites – including the website for the National Geospatial-Intelligence Agency (NGA), a Department of Homeland Security site and a U.S. Navy site – but seemingly random targets including the websites of the Library of Congress, Harvard University, the World Health Organization, San Jose State University and Kawasaki, according to a single-count felony information document entered into court records Monday. After the attacks, the group then publicized and bragged about their accomplishments on Twitter.
Though Knight was aboard the Truman while allegedly “conduct[ing] unlawful Team Digi7al activities on the Navy’s computer network,” the filing does not accuse him of trying to hack the ship’s own protected systems. Knight was discharged in May 2013, military records show.
The Navy and the Department of Homeland Security did not immediately respond to request for comment. The NGA told ABC News that its “routine security measures” detected the attempted hack, and said the hack did not access employee data and “had no impact on the NGA mission.” The Wall Street Journal reported the allegations against Knight and his team Monday.
Knight told ABC News he and his group were "just a group of people that were dumb and did dumb things."
Another alleged member of Team Digi7al, who was not identified in the court filing, purportedly told investigators that some in the group were “somewhat politically inclined” to find and release secret information – perhaps a nod to the anti-secrecy movement of which former NSA contractor Edward Snowden is the current face.
But they also did it because it was “fun,” the alleged member says in the filing, “[w]hich, when you get right down to it, that’s what everyone does.”
The hacking campaign began to unravel after a June 2012 hack when the group went after the Navy’s Smart Web Move (SWM) website and database – a logistics resource for service members preparing to move that stores the personal details of some 220,000 servicemen, prosecutors say.
After another member of Team Digi7al, identified in the filing as Illinois community college student Daniel Krueger, allegedly downloaded the personal records of “thousands” of service members, the Navy shut down the SWM system. It was never restarted and service members were forced to use other online applications to aid their move.
Krueger allegedly sent the personal record information to Knight, who used Twitter to publicize information belonging to 20 of the service members and the SWM’s database “schema”.
“Through Twitter postings and links to online storage sites, Knight and Krueger boasted about the Navy-SWM hack, stating that Navy.mil had been “owned”, the team hacked “MY OWN BOAT”, and the database should be “FIRE[D],” prosecutors say in the filing.