Andy Dean - Fotolia
The Australian teenage hacker who pleaded guilty to repeatedly accessing Apple’s mainframe over two years to collect private and commercially sensitive data has been sentenced to eight months’ probation.
The hacker, who is now 19 years old and legally an adult, cannot be named because he was 16 at the time the intrusions began, which meant the case was heard in a children’s court.
Although his activities were described as “serious, sustained and sophisticated” and the amount of data he collected was 1TB, far more than the 90GB originally reported, the hacker avoided jail time because the data he collected was recovered, according to Bloomberg.
News of the boy’s intrusions initially sparked fears of another customer data breach, but Apple was quick to issue assurances that no customer data had been affected.
Apple said in a statement that it wanted to assure customers that “at no point during this incident was their personal data compromised”.
It added: “In this case, our teams discovered the unauthorised access, contained it, and reported the incident to law enforcement.”
The teenager, who told police he dreamed of working for Apple, is believed to have downloaded confidential data using various methods to hide his identity.
Apple contacted the FBI when it became aware of the intrusions, which sparked an international investigation involving the Australian Federal Police (AFP).
In a raid on the boy’s family home, the AFP seized two laptops, a mobile phone and a hard drive that could be linked to the intrusion reported by Apple.
Read more about information security skills
- The UK government is pursuing various short- and long-term initiatives aimed at promoting the cyber security profession and growing skills in the sector.
- An anti-millennial recruitment stance will widen cyber security skills gap, experts warn.
- Companies struggling to fill infosec roles should focus on finding people who can do what they need, not qualifications, according to a security industry panel.
- Information security professionals need to grow their skills, engage with the business, increase security awareness and set business goals and tailor their messages, says a panel of experts.
They also discovered a collection of tools and guides for carrying out various hacking techniques and that the boy had gained access to authorised keys to bypass secure shell network protection mechanisms, and had used his WhatsApp account to boast about his activities.
The prosecutor said the boy, aided by another younger boy, showed a high degree of skill and persistence in copying Apple’s data. He has been accepted into university to study criminology and cyber safety, according to The Age.
The UK government is focusing on teenagers in several cyber security outreach programmes across various agencies that are designed to attract people in this age group to the cyber security profession to provide an alternative to cyber crime and help fill the cyber security skills gap.
The government-backed Cyber Security Challenge UK, in particular, is focused on identifying young people with the skills and aptitude for cyber security and helping them find ways into the cyber security profession by demonstrating their skills to potential employers though competitions.