Nigerian gets 18 months for cyberattack on NASA employee
Man wooed woman online, then infected her PC with malware and stole personal data
Computerworld - A Nigerian man has been sentenced to 18 months in prison for wooing a NASA employee so he could sneak malware onto her work computer and steal passwords, banking information and 25,000 screenshots.
Akeem Adejumo, a 22-year-old Nigerian citizen, pleaded guilty and was sentenced to 18 months in prison by the Lagos State High Court in Nigeria late last month. He was initially charged with four counts but pleaded guilty to two counts of obtaining goods by false pretenses and forgery.
Jeff Taylor, U.S. attorney for the District of Columbia, said Adejumo did not target the woman because she worked for the government. He tried to scam several hundred women and was successful with several. Taylor noted that this case focused on the NASA employee, but two other victims were considered part of the same scheme, so there will likely be no further prosecution.
Posing as a Texan by using a phony picture and background information, Adejumo courted the woman for several weeks before he sent an e-mail to her work address with an attachment that contained a phony photo of his phony persona. When she opened the attachment to see the picture, her system was automatically infected with a commercially available piece of spyware.
The spyware, which did not spread to other computers on the NASA network, was first downloaded onto her computer on Nov. 21, 2006. It harvested private e-mail, the woman's passwords, her Social Security number, driver's license information and her home address before it was detected on Dec. 7. During those few weeks, it also captured 25,000 screenshots of whatever she had on her screen at the time, according to a U.S. Department of Justice official who worked on the investigation but asked not to be identified.
The investigator from the inspector general's Office, who also asked not to be named, said some NASA information was harvested from the woman's computer, but nothing critical was taken. "Fortunately, the victim did not have access to sensitive information," he added. "Some of her work product was taken, [but] it was mostly her personal information."
The inspector noted that NASA's IT security team caught the spyware when sensors detected that the screenshots leaving the network. Once they saw what was happening, they immediately pulled the plug on the worker's network connection, he added.
Once NASA's security team discovered the spyware, investigators analyzed the victim's network-traffic logs and obtained search warrants and subpoenas to get information from the e-mail accounts that the attacker was using. The investigator said Adejumo mainly used a Yahoo account. From those accounts, investigators culled his IP addresses and then contacted the Nigerian Economic and Financial Crime Division, which carried on its own investigation in Nigeria.
Adejumo was arrested in April of 2007.
"It's a very important case," said Taylor. "There is just as much crime out there in the virtual world as in the real world. This sends a message that while you think you're doing these crimes under the cloak of anonymity and distance, we do have the tools to catch you."
Taylor also noted that it was a big step for U.S. investigators and prosecutors to work so closely with Nigerian officials. "It's important no matter where it happens," he added. "To the extent that there has been a good deal of [computer crime] in Nigeria, it's important that the Nigerian authorities caught him and are sending him to prison."
Ken van Wyk, principal consultant at KRvW Associates LLC and an IT security veteran, said the case is a good sign that international law enforcement cooperation is improving.
"I have seen cooperation [in the past], but it has been so dreadfully slow and painful that we didn't make much progress," he added. "[Criminals] knew there wasn't cooperation and if there was, it was a tedious process. We've made this a lot faster than it used to be."
NASA did not say if the victim was reprimanded or released from her job because of the incident. Taylor said that, so far, it does not appear that her personal information has been used to steal her identity.
Read more about Cybercrime and Hacking in Computerworld's Cybercrime and Hacking Topic Center.
- Transforming Information Security: Future-Proofing Processes This report provides a valuable set of recommendations from 19 of the world'd leading security officers to help organizations build security strategies for...
- The Evolution of Corporate Cyberthreats Cybercriminals are creating and deploying new threats every day that are more destructive than ever before. While you may have more people devoted...
- 3 Questions to Ask Your DNS Host about Lowering DDoS Risks Neustar has had wide-ranging conversations with clients wanting to know how they can optimize protection as DDoS attacks increase in frequency and size.
- The Danger Deepens: 2014 Neustar Annual DDoS Attacks and Impact Report This report compares DDoS findings from 2013 to 2012, based on a survey of 440 North American companies, including 139 businesses delivering technology...
- Establish Cyber Resiliency: Developing a Continuous Response Architecture Many enterprises fail to proactively prepare the battlefield for a data breach by only leveraging outdated techniques that focus on the perimeter or...
- An Incident Response Playbook: From Monitoring to Operations As cyber-attacks grow more sophisticated, many organizations are investing more into incident detection and response capabilities. In this webcast, learn how to develop... All Cybercrime and Hacking White Papers | Webcasts