UK officials have formally accused a 19-year-old man of involvement in Monday's attack on the website of the British Serious Organised Crime Agency and two previous web-based assaults directed at the music industry. Ryan Cleary was charged with five offenses in all, according to a press release issued Wednesday by the …
This should be a warning to all involved
The charges are pretty specific for the attacks against the SOCA, IFPI and BPI sites. The other two are a little bit more woolly, but it depends on what evidence they have.
Either way, to charge him under the Computer Misuse Act for the website DDoS's, they must be fairly sure of their ground already.
Not much Lulz when your doing bird with badass crims in Pentonville.
Its cool to have a record on your profile for DDoSing :)
DDoS is an offence! It is illegal! Should you participate in this you may find that the local police will take you away, and lock you up possibly for a long time.
Aside from being illegal, it is not either particularly big, or clever. A trained chimp could probably carry out a DDoS attack on a web site. The commentator above who says it is cool is either being sarcastic, or stupid (almost certainly sarcastic).
sounds like anon cannonfodder to me
Maybe there are people involved in the crimes he has been charged for on both sides of the atlantic?
Also, what makes you think that corporations are paying the police to investigate? They may well have reported the crimes and assisted the police, but I seriously doubt that they are paying the police to investigate.
Don't you just hate it when someone makes a pompus silly post (why were the FBI involved with the British police, why can corporations pay for the police to investigate crimes) and then removes their comment leaving an orphan reply...
Before the debate gets too noisy
There is a summary of cases under the Act he's charged under here:
It looks as though major theft gets you 2 years, being a dick gets you a fine, a suspended sentence and community service.
This really pisses me off
>He was arrested Monday night and has remained in police custody pending an investigation
Be suspected of rape, violent assault, hit and run and you get an appointment to go back to the police station at a later date, no bail required.
Something like this and you get locked up.
Not that I'm defending him, claiming he's innocent of the alleged crime nor saying he shouldn't be fully investigated but I know who I'd rather have walking the streets while the police did their job.
He has been charged with several crimes, in the first 48 hours of detention, I believe this is required, or he be set free. Now that he has been charged the police are able to investigate more/interview him more while seeing if he can be charged for further crimes. He will have a bail hearing or be given police bail fairly shortly.
In the case of rape/assault/etc bail is not automatic, you don't just get released particularly for rape. Most rapists are remanded, pending trail. With other crimes, it depends upon previous character and the nature of the crime.
I completely agree,
although I've read in the morning papers that he was a serious danger to himself and threatened to kill himself on a few occasions, once as young as 10, other times just because his mum wanted to remove the internet to try and help him. So, I guess they might be thinking that if they let him go, he will kill himself.
I think we need to ask ourselves, "how can we punish/rehabilitate these hackers who are mentally unstable, without having another episode of McKinnon syndrome?" Because Ryan will most likely be convicted for attacks in the USA as well, and I'm sick of the Americans trying to have their way with OUR citizens.
Our ludicrous law that UK citizens can be extradited to America on the basis of no evidence should be removed. I think McKinnon has been given the chance to be on trial here, but the law still stands.
I think, as an aside, we, and the media, are not realising how hard this must be for his family now and over the years; imagine having a child/sibling who was so cut off that you barely saw him.
I feel for all of them.
Rule 1 - think before uttering garbage
He is held in custody pending a magistrates hearing, which will take place on Thursday. The magistrates will then decide whether to release him on bail or remand him in custody (possibly in Police custody if they wish to question him further).
No different to any other criminal.
He is 19 and although I can only go on what has been reported it does sound like has some serious mental stability issues. At the moment he is being held in a 10 x 5 concrete cell with a concrete bed, a fixed toilet and not a whole lot to do, I imagine both him and his family are despairing.
He has two things going for him currently. 1. It takes several years to investigate and prosecute crimes like these so he is not going to jail just yet. 2. His mitigating circumstances due to mental illness should give him a lesser sentance.
The bad: It's now a ten year max instead of 5.
He has probably been mixed up with this type of kiddie underground "hacking" culture for years and felt invincible. That's no excuse, but it is often very easy to get caught up in something exciting and not so easy to back out of it, especially when you cannot see the damage you are causing.
I really feel for him but he is just one out of thousands of kids his age and younger (much younger) doing this. They obviously cannot be allowed to just roam free on the internet and create as much havoc as they can but I do not believe long jail terms are the answer although having spent 6 weeks in Wandsworth prison myself for similar crimes before being taken to open prison I would say that a 6 week stint there, banged up 23.5 hours per day with nothing but shit on a plate to eat once a day and porridge in the morning would be a damn fine deterrent, especially knowing that if you committed the same crime again you may well get a year or 2 instead of 6 weeks.
A lot of people say 18 months is not enough, bang them up for ten years, bang them up for life. Try spending 6 weeks in Wandsworth not knowing when you are going to get out and you will soon realize how long time can be. I'm all up for shorter harsher punishments with ongoing monitoring on the out. Saves money and saves lives. 6 weeks wont ruin the boy but act as a good wakeup call. 3 years may well ruin him.
Can see where you're coming from but...
The accusations aren't that he was simply carrying out DDoS attacks like a regular sheep anon, member. The accusations were that he was hosted the IRC server used by the LOIC client (the attack software that sheep followers install) and the accusation was that he was active in setting targets.
These are only accusations at this point. They have not been proven. But if proven, that sets him apart from your average sheep follower.
The most recent sentence under the act...
...was for DDOSing a web hosting company out of business.
The sentence was 12 months' imprisonment suspended for two years and 240 hours unpaid work.
Or to put in another way, a bollocking, no jail if he keeps his nose clean and six months giving up his weekends to shoveling shit. I wouldn't get too worried for the lad just yet.
"In the case of rape/assault/etc bail is not automatic, you don't just get released particularly for rape. Most rapists are remanded, pending trail. With other crimes, it depends upon previous character and the nature of the crime."
Tell that to Jules!
looks like someone forgot the 7 Proxies Rule
Someone needs to hire this guy if he is so smart - poacher turned gamekeeper comes to mind!
DDoS is not smart
Leading a bunch of impressionable kids in an IRC channel to go attack websites is not smart.
Getting a bunch of morons to install your DoS software by sending them britney_spears_naked.jpg.exe is not smart.
If they hacked into SOCA backend, they'd be smart. If they stole accounts from banks, they'd be smart.
DDoS is not smart. It's the equivalent of 20 boozed up guys destroying the front window of a bank with bits of wood and road signs.
DDOS'ing a computer shows that someone is completely unsuitable to work in IT because they don't have any ethics or integrity.
In addition, I struggle to see any reason why someone like this would actually be useful in IT. Ex poachers usually possess some useful skills such as fieldcraft. Frankly, DDOS'ing a system is more akin to throwing a brick to someones window, which does not get you a job as a police officer.
As a sysadmin, over the years I have had access to many things various organisations have considered confidential or classified. I have always considered that keeping this information to myself and not discussing it was part of my duties. Would you trust a script kiddie to be capable of the same discretion?
DDoS is more like...
DDoS is more like 2,000,000 people descending on a small shop and all trying to all get in through the door at the same time as quickly as possible.
It seems (to me at least) a small step away from the slashdot effect (not that that really happens much any-more).
oh really? I guess that's why his spending time with SOCA, explaining how clever he was.
The smart one's don't get caught, they lead people like him to get arrested and carry the can.
He's really not done very well though... as far as poachers go he's probably the Elmer Fudd.
What's Up Doc?
Duck season, Wabbit season, Duck season, Wabbit season etc.
Botnets are bad, m'kay?
The charge offense for Ryan Cleary:
Includes two connected with botnets. It may have been him, it may have been someone else, or the DDoS may have been launched by other means. We won't know until the case comes to trial. Regardless of this, let me underline one important point.
BOTNETS ARE EVIL.
Most hacking is attacks by LulzSec, Anom, TeamPoison (parties A) against big corporations and government agencies: your Sonys and SOCAs (parties B). It's not good, but you expect parties B to have well compensated people to protect their systems. They should be expected to handle themselves. It's not like they're not short of means for counter-attacking.
The problem with botnets is that the harvest the compromised computers of parties C0, C1, C2 and so on. And who are these people? Mums and dads, grannies who only use the computer to Skype to their relatives in Canada, that sort of thing. Many don't have the technical know-how to understand why their machines are engaged in denial of service attacks against the Presidential website of Brazil. Hacking is not good, but compromising innocent people's PCs to engage in criminal actions is another level of bad.
The other problem is that if the botnet's creator(s) get arrested, there are plenty of other bottomfeeders who are willing to take the botnet over, like Viagra spammers.
I'll say it once, and I'll say it again. Botnets are bad, m'kay?
Botnets and economic interventions...
"Many don't have the technical know-how to understand why their machines are engaged in denial of service attacks against the Presidential website of Brazil. "
"Many don't have the technical know-how to understand why their purchasing power is being eroded in bailouts for Greece or the corporate leadership of Citigroup."
Of course people don't protest in the street for more botnets.
Invasion of Privacy Creates Secrets Laws
Will the prosecution evidence against Cleary, ie the way and means of his attack, be shared and be made public record?
If not, where is the crime? And is virtual/digitally transferred/binary coded action against a criminal organisation, a punishable offence?
Now that would be a Great Game Changer.
Watson, It Amazes Me !
How the flatfoots at Scotland Yard actually found this fellow as often they are unable to find their own buttocks using a torch and both hands.
Re: Watson, It Amazes Me !
That's brilliant: you have immediately identified a major weakness with Police procedure: if both hands are in use to locate one's own buttocks then there are 2 possibilities for the location of the torch. Anybody who can hold a torch in the mouth and illuminate their own buttocks is overqualified to be in the Police Force.
The second option for the location of the torch leads to a non-sequitur situation, doesn' it?
The idea of looking for somebody else's buttocks with a torch in the mouth.... no, I think I'll just request my coat.
I'd imagine they've known about him for a long time
The defendants name shows up on Google for many DDoS and scams going back 3-4 years. Although they're purely allegations until proven otherwise.
After someone high up in anon. had a big break up with another certain someone high up in anon., lulzsec popped up and that certain someones info was plastered across the web at the same time.
I imagine they've known about this guy for a long time. But since the attacks were previously against companies/computers in another country, they did nothing. Until someone allegedly attacked the SOCA website and forced their hand to take action.
@Watson, It Amazes Me
>they are unable to find their own buttocks using a torch and both hands.
They use the torch to beat someone until they implicate a black guy's buttocks.
So many people have debated whether Ryan Cleary and the mysterious "joepie91" are really just the same person.
I don't know for sure either way. But it's interesting that they both stopped posting online or popping up in the chats at about the same time.
Joe 90? He was a puppet on TV wasn't he?
This kid's a plank for wasting his time and getting himself in hot water. All he's done is allow prats like the French Prez "Tea-Cosy" or whatever his name is, and our own Cameron to go off and demand the internet needs regulation immediately.
It's elementary my dear
The FBI did it!
"a variety of serious claims about Cleary. Few if any of them can be independently confirmed"
But you still felt that you should make an oblique reference to these unsubstantiated claims?
The member of the audience is called to order!
This is El Reg, not the Prosecution making a case.
Thousands of people online
Check Google and you'll find thousands of independent people discussing alleged previous attacks/scams.
Since this guy is currently being held by the police and will go to court soon, thereg have to cover their asses by pointing out that technically it hasn't been proven that he really did those things.
My local area
The local paper comments column has some comment from a chap who went to school with him.
He described Ryan as 'a right doughnut'.
So maybe he could get out on the basis that he's made of dough, deep fryed and covered in sugar?
Seems like Ryan found a great way to get an all expenses paid extended holiday in the USA. Can I put myself down for two weeks in Hawaii next month judge?
This story has reminded me of my old friend Chris Pile:
The Indy called him a "mad boffin" <sigh>
Funny how quickly they acted when it was one of their own sites that was affected.
Maybe he should have known better that to try his luck against people who shoot people for a living.
"...how quickly they acted..."
Indeed. Almost as though they were already monitoring the guy's network and decided he was becoming a cheeky little sod.
Mastermind or not?
The police reports when he was first arrested was that he was the Lulzsec mastermind. In which case the arrest is a result. But see nothing to indicate this in the charges. Is it instead that they got some low hanging fruit instead? Suppose we will see by whether the amount of lulzsec attacks goes down....
Did anyone read the full article...
"Which just goes to show that unsubstantiated claims made online can't be taken seriously"... I spat my tea out over the keyboard in laughter.
The internet never lies. The internet is your friend, here have some more internet....
- Pic Mars rover 2020: Oxygen generation and 6 more amazing experiments
- Microsoft's Euro cloud darkens: US FEDS can dig into foreign servers
- Plug and PREY: Hackers reprogram USB drives to silently infect PCs
- Review Fiat Panda Cross: 'Interesting-looking' Multipla spawn hits UK
- Analysis PEAK LANDFILL: Why tablet gloom is good news for Windows users