Teenage hackers linked to a clandestine online criminal group have been charged over a £39 million cyberattack that severely disrupted London’s transport network earlier this year. Thalha Jubair, 19, and Owen Flowers, 18, allegedly infiltrated Transport for London (TfL) systems between August 29 and September 3, 2024, crippling key functions of the TfL Go app and website. Their actions locked out Oyster card users from making payments, prevented access to real-time Tube arrival times, and blocked views of journey histories. The attack caused widespread chaos among commuters and reportedly cost TfL millions in operational costs and lost revenue. The hackers operated under the alias Scattered Spider, a notorious collective known for conducting complex cyber operations. According to prosecutors, the breach involved sophisticated techniques such as social engineering, where they manipulated TfL staff to reset authentication credentials. They also cloned the domain controller, the central system managing user access, enabling them to extract passwords and sensitive data without triggering alerts. To obscure their activities, the attackers used remote servers and created virtual machines within TfL’s network to erase traces of their intrusion. They established multiple backdoors to maintain persistent access to core systems. During the attack, the pair worked nonstop for 16 consecutive hours, according to court documents. Prosecutors described the incident as an unprecedented assault on critical national infrastructure, emphasizing its scale and complexity. The attack rendered 148 technology systems inoperable, forcing TfL to shut down its entire network temporarily to prevent further damage. Officials feared the hackers might have installed malware capable of wiping the system unless a ransom was paid, though no such demand was made public. Mark Fenhalls, the lead prosecutor, stated that the consequences of the attack were severe, affecting not only TfL’s operations but also the broader public and London’s economy. He noted that the remediation efforts consumed thousands of hours of work by TfL employees and officials, costing the public purse £29 million in operating expenses and an additional £10 million in lost income. The total financial toll, therefore, amounts to £39 million. Flowers and Jubair have pleaded guilty to conspiracy charges related to unauthorized acts against a computer, which carry a maximum penalty of 14 years in prison. In addition to the TfL breach, Flowers admitted to hacking into two U.S. healthcare organizations, SSM Health Care Corporation and Sutter Health, highlighting his involvement in multiple cybercrimes. Both individuals are being prosecuted separately, with each case focusing on their specific roles in the attacks. The court heard that the hackers accessed celebrity-related data stored within TfL’s systems, although the identities of the celebrities involved remain undisclosed. Prosecutor Fenhalls confirmed that the attackers searched for and viewed details of well-known figures, though they failed to obtain full access to credit card information. This aspect of the attack raised concerns about potential privacy violations and the exposure of personal data. TfL officials emphasized the extensive damage inflicted on their digital infrastructure, requiring six months of intense recovery efforts to restore normal operations. During this period, the organization faced immense pressure to safeguard its systems while ensuring minimal disruption to passengers. The incident underscored vulnerabilities in critical infrastructure and prompted calls for enhanced cybersecurity measures to protect public services from similar threats. As the trial progresses, more details about the hackers’ motivations and methods are likely to emerge. Legal experts anticipate that the case will serve as a cautionary tale for organizations handling large volumes of sensitive data, reinforcing the need for robust defenses against increasingly sophisticated cyberattacks. The outcome of the prosecution could influence future legal strategies regarding cybercrime and the responsibilities of individuals involved in such breaches.
1 servizi
Daily MailIndipendenteCentroFattualità 75Obiettività 6510 h fa Gli hacker adolescenti hanno preso di mira le celebrità quando hanno paralizzato la rete di Transport for London in un attacco informatico da 39 milioni di sterline .Nell'agosto del 2024, due adolescenti, Thalha Jubair e Owen Flowers, hanno orchestrato un attacco informatico da 39 milioni di sterline su Transport for London (TfL), interrompendo la rete di trasporto della città.
Lettura del bias (Centro): L'articolo presenta i dettagli di fatto di un attacco informatico su una grande istituzione pubblica senza apertamente favorire alcuna prospettiva politica, include citazioni da parte dei pubblici ministeri e descrive gli aspetti tecnici della violazione senza apparente inquadramento ideologico.
Perché fattualità (75): The article provides specific details about the hackers, the timeframe of the attack, and the alleged actions taken by the prosecutors. However, some elements lack clear sourcing such as the exact financial loss (£39m) and the claim that the hackers 'searched for and browsed various famous celebriti
Perché obiettività (65): The article uses emotionally charged terms like 'crippled', 'chaos', and 'shadowy online criminal collective' which suggest bias. It also presents the prosecution's statements without sufficient counterbalance from the defendants or independent analysis.
★
Manteniamo le notizie oneste.
ObjectiveNews è finanziato dai lettori e senza pubblicità: ti mostriamo il bias invece di nasconderlo. Sostieni il giornalismo indipendente per 5 €/mese.
Diventa sostenitore