Daniel Kaye (Pic: NCA)
Hacker-for-hire Daniel Kaye has been sentenced to 2½ years in prison for a campaign of cyber-attacks against a Liberian telecoms company that took the entire country offline.
Kaye, 30, of Egham, Surrey, pleaded guilty on 14 December at Blackfriars Crown Court to three offences under the Computer Misuse Act following an investigation by the National Crime Agency’s National Cyber Crime Unit (NCCU).
Kaye was paid £30,000 by Cellcom, a Liberian telecoms company, to carry out the attacks against its rival, Lonestar telecoms between October 2016 and February 2017.
Cellcom Liberia was purchased by Orange Côte d’Ivoire, a subsidiary of the telecoms giant Orange, on 6 April 2016, and rebranded Orange Liberia.
An Orange spokesperson told SC Media UK, "Orange is aware of the ongoing procedure run by the UK’s National Crime Agency against Daniel Kaye. Orange had no knowledge of Cellcom’s dealings with Mr Kaye, which were initiated prior to Orange’s acquisition of the company. The Group is currently examining what possible legal actions could be taken to protect its interests."
The attacks against Lonestar inadvertently knocked out all internet services across Liberia in November 2016. During the distributed denial of service (DDoS) attacks, the rate of traffic peaked at 500 gigabits per second (Gbps), one of the largest DDoS attacks ever recorded.
At the time, security architect Kevin Beaumont blogged, "Over the past week we've seen continued short duration attacks on infrastructure in the nation of Liberia. Liberia has one internet cable, installed in 2011, which provides a single point of failure for internet access."
The attack significantly damaged Lonestar’s ability to provide internet services to its customers resulting in significant losses to the company as subscribers left the service. Remedial services to stop the attacks cost the company $US 600,0000 (£500,000).
Kaye was living in Peyia, Cyprus when he began carrying out DDoS attacks against Lonestar in October 2015 using botnets and stressors he rented on the dark web.
He was later hired by a senior official at Cellcom and paid a monthly retainer.
By September 2016, Kaye had assembled his own botnet comprised mostly of Dahua security cameras infected with Mirai. By November he had ramped up the attacks to a level that completely disabled internet services in Liberia.
He was arrested by the NCA on a European arrest warrant issued by German authorities when he returned to the UK in February 2017 carrying $US10,000 in hundred dollar bills.
He was extradited to Germany where he admitted attacks on Deutsche Telekom in November 2016. He received a suspended sentence.
He was returned to the UK on a second European arrest warrant in August 2017.
Mike Hulett, head of operations at the NCCU, said, "Daniel Kaye was operating as a highly skilled and capable hacker-for-hire. His activities inflicted substantial damage on numerous businesses in countries around the world, demonstrating the borderless nature of cyber crime."
Kaye admitted to three charges at his hearing in December:
- Count 1 - Making an article for use in the commission of an offence under section 1,3, or 3ZA of the Computer Misuse Act 1990 , contrary to section 3A(1) and (5) of the Computer Misuse Act 1990.
- Count 2 - Unauthorised acts in relation to a computer, with intent to impair the operation of a computer or preventing or hindering access to any program or data held on a computer, contrary to section 3(1) of the Computer Misuse Act 1990.
- Count 3 - Possessing Criminal Property contrary to sections 329(1) and 334 of the Proceeds of Crime Act 2002, namely the $10,000 in cash he carried on his return to the UK in February 2017.