Justice

Hacker pleads guilty, targeted DOE

justice

A 23-year-old Pennsylvania man pleaded guilty Aug. 27 to charges he had hacked into supercomputers owned by the Department of Energy and planned to sell access to them for tens of thousands of dollars.

Andrew James Miller, 23, of Devon, Pa., pleaded guilty in U.S. District Court to one count of conspiracy and two counts of computer intrusion.

From 2008 to 2011, according to a statement from the U.S. attorney’s office, Miller and co-conspirators remotely hacked into computers in Massachusetts and elsewhere. In some instances, it said, Miller secretly installed back doors in the computers to allow later access to them with administrator-level, or “root,” privileges.  

Miller was indicted for allegedly remotely hacking into computer networks that belonged to Massachusetts-based RNK Telecommunications Inc.; Colorado-based advertising agency Crispin Porter and Bogusky Inc.; the University of Massachusetts; U.S. Department of Energy (DOE) facilities; and other institutions and companies, according to the Justice Department.

Although the U.S. attorney didn’t identify the specific computers Miller admitted to accessing, Wired  reported that Miller pleaded guilty to propositioning an undercover FBI agent during an online chat, asking the agent to pay $50,000 for root access to the supercomputers at the National Energy Research Scientific Computing Center (NERSC) at the Lawrence Berkeley National Laboratory in Berkeley, Calif.

NERSC is home to several powerful computers used in unclassified research projects.

The lab is a member of the national laboratory system supported by the U.S. Department of Energy through its Office of Science and managed by Cal. It is charged with conducting unclassified research across a wide range of scientific disciplines. All research projects funded by the DOE Office of Science and that require high performance computing support are eligible to apply to use NERSC resources, according to the lab.

Wired also said Miller bragged to FBI agents online that he had also broken into corporate servers at American Express, Yahoo, Google, Adobe, WordPress and other companies and universities.

The U.S. attorney’s office in Boston said Miller got his hands on log-in credentials to the compromised computers and he and his co-conspirators sold access to the back doors, as well as other log-in credentials. The access Miller and his co-conspirators sold allowed unauthorized people to access various commercial, education and government computer networks, it said.

Miller is scheduled for sentencing Nov. 19.  According to the U.S. attorney in Boston, the maximum penalty for the conspiracy count is five years in prison.  One of the computer intrusion counts carries a maximum penalty of five years and the other, involving intentional damage to a private computer, carries a maximum of 10 years.

This article was updated to correct the identification of Lawrence Berkeley National Laboratory.

The 2014 Federal 100

Get to know the 100 women and men honored this year for going above and beyond in federal IT.

Reader comments

Thu, Nov 21, 2013

I would stand for a cause as well defending my fellow techy who took his own life. I remember when i heard that and was very upset. There are no clear laws on many aspects of the internet world, and actually, if not malicious and down right mean and hurtful; hacking provides an extremely useful service to eager software companies who many times have been saved from premature releases. However, if personal information is stolen and then exploited, and gathered and targets are made then relentlessly pirsued: at what point does the hacker either stop and/or realize that they are not flexing a powerful muscle against an opponent. They are criminals, and whatever talent they could have bragged about or enhanced then used for the common good (go help the cictims of super typhoon instead of making more victims) is lost and devalued. They are thieves, bullies, sneaks (that is; if they take it to the psychotic level my old IT friend has done). They are cowards. On the other hand: strike and retreat to make a stand for your fellow colleague. He wasnt the malicious coward described above. I read his story. And was deeply saddened. Totally different angle on article: Um......why is Obama getting so beat up when the FBI REPORTED MONTHS AGO ABOUT THE BREACHES IN GOVERNMENT DATA BASES BY HACKERS WHO LEFT BACK DOORS OPEN FOR THE PURPOSE OF RETURNING? Hello???? The first thing that came to my mind was..........

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above