Justice

Hacker pleads guilty, targeted DOE

justice

A 23-year-old Pennsylvania man pleaded guilty Aug. 27 to charges he had hacked into supercomputers owned by the Department of Energy and planned to sell access to them for tens of thousands of dollars.

Andrew James Miller, 23, of Devon, Pa., pleaded guilty in U.S. District Court to one count of conspiracy and two counts of computer intrusion.

From 2008 to 2011, according to a statement from the U.S. attorney’s office, Miller and co-conspirators remotely hacked into computers in Massachusetts and elsewhere. In some instances, it said, Miller secretly installed back doors in the computers to allow later access to them with administrator-level, or “root,” privileges.  

Miller was indicted for allegedly remotely hacking into computer networks that belonged to Massachusetts-based RNK Telecommunications Inc.; Colorado-based advertising agency Crispin Porter and Bogusky Inc.; the University of Massachusetts; U.S. Department of Energy (DOE) facilities; and other institutions and companies, according to the Justice Department.

Although the U.S. attorney didn’t identify the specific computers Miller admitted to accessing, Wired  reported that Miller pleaded guilty to propositioning an undercover FBI agent during an online chat, asking the agent to pay $50,000 for root access to the supercomputers at the National Energy Research Scientific Computing Center (NERSC) at the Lawrence Berkeley National Laboratory in Berkeley, Calif.

NERSC is home to several powerful computers used in unclassified research projects.

The lab is a member of the national laboratory system supported by the U.S. Department of Energy through its Office of Science and managed by Cal. It is charged with conducting unclassified research across a wide range of scientific disciplines. All research projects funded by the DOE Office of Science and that require high performance computing support are eligible to apply to use NERSC resources, according to the lab.

Wired also said Miller bragged to FBI agents online that he had also broken into corporate servers at American Express, Yahoo, Google, Adobe, WordPress and other companies and universities.

The U.S. attorney’s office in Boston said Miller got his hands on log-in credentials to the compromised computers and he and his co-conspirators sold access to the back doors, as well as other log-in credentials. The access Miller and his co-conspirators sold allowed unauthorized people to access various commercial, education and government computer networks, it said.

Miller is scheduled for sentencing Nov. 19.  According to the U.S. attorney in Boston, the maximum penalty for the conspiracy count is five years in prison.  One of the computer intrusion counts carries a maximum penalty of five years and the other, involving intentional damage to a private computer, carries a maximum of 10 years.

This article was updated to correct the identification of Lawrence Berkeley National Laboratory.

About the Author

Mark Rockwell is a senior staff writer at FCW, whose beat focuses on acquisition, the Department of Homeland Security and the Department of Energy.

Before joining FCW, Rockwell was Washington correspondent for Government Security News, where he covered all aspects of homeland security from IT to detection dogs and border security. Over the last 25 years in Washington as a reporter, editor and correspondent, he has covered an increasingly wide array of high-tech issues for publications like Communications Week, Internet Week, Fiber Optics News, tele.com magazine and Wireless Week.

Rockwell received a Jesse H. Neal Award for his work covering telecommunications issues, and is a graduate of James Madison University.

Click here for previous articles by Rockwell. Contact him at mrockwell@fcw.com or follow him on Twitter at @MRockwell4.


Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.