British cybercriminal sentenced for disrupting Liberian telecoms provider

British cybercriminal sentenced for disrupting Liberian telecoms provider

The attack cost Lonestar MTN tens of millions of dollars

A British cybercriminal has been sentenced to two years and eight months for conducting attacks that disrupted a Liberian telecommunications provider, resulting in losses estimated at tens of millions of US dollars.

Daniel Kaye, from Egham, Surrey, pleaded guilty last month to creating and using a botnet and possessing criminal property. He was jailed at Blackfriars Crown Court following an investigation led by the NCA’s National Cyber Crime Unit (NCCU).

Kaye, who was living in Peyia, Cyprus, began carrying out intermittent Distributed Denial of Service (DDoS) attacks on the Liberian telecommunications provider Lonestar MTN in October 2015 using rented botnets and stressors.

The 30-year-old expert hacker was hired by a senior official at Cellcom, a rival Liberian network provider, and paid a monthly retainer.

From September 2016, Kaye used his own Mirai botnet, made up of a network of infected Dahua security cameras, to carry out consistent attacks on Lonestar.

In November 2016, the traffic from Kaye’s botnet was so high in volume that it disabled Internet access across Liberia.

The attacks had a direct and significant impact on Lonestar’s ability to provide services to its customers, resulting in revenue loss of tens of millions in US dollars as customers left the network.

Remedial action taken by Lonestar to prevent the attacks incurred at around US$600,000.

A European Arrest Warrant was issued for Kaye and when he returned to the UK in February 2017, he was arrested by NCA officers.

His laptop, mobile and passport were seized, as well as US$10,000 in US$100 bills found in his suitcase.

He was subsequently extradited to Germany where he admitted attacks on Deutsche Telekom that affected one million customers in November 2016 and received a suspended sentence.

Kaye was returned to the UK on a second European Arrest Warrant in August 2017.

NCA Specials contributed hours of their time to the investigation, providing technical expertise to NCCU officers and assisting with in-depth reviews of material.

The Shadowserver Foundation also assisted the investigation by providing sinkholing traffic from the botnet.

Mike Hulett, Head of Operations at the NCCU, said: “Daniel Kaye was operating as a highly skilled and capable hacker-for-hire.

“His activities inflicted substantial damage on numerous businesses in countries around the world, demonstrating the borderless nature of cybercrime.

“The victims in this instance suffered losses of tens of millions of dollars and had to spend a large amount on mitigating action.

“Working in collaboration with international law enforcement partners played a key role in bringing Daniel Kaye to justice.”

Russell Tyner, from the CPS, added: “Kaye was a talented and sophisticated cybercriminal who created one of the world’s largest networks of compromised computers which he then made available to other cybercriminals with no consideration as to the damage it would cause. The CPS and the NCA, together with the authorities in Germany and Cyprus, worked closely together in order to bring him to justice.”

Browse our latest issue

Intelligent CISO

View Magazine Archive