Four alleged members of an international computer hacking ring face charges in the U.S. of breaking into the computer networks of the U.S. Army and several tech companies and stealing several software packages, including programs used to train Army helicopter pilots.
The alleged thefts included software and data related to the Xbox One gaming console, the Xbox Live online gaming service and popular games such as Call of Duty: Modern Warfare 3 and Gears of War 3, the U.S. Department of Justice said.
Between January 2011 and March of this year, the four men and others allegedly hacked into the computer networks of Microsoft, Epic Games, Valve, Zombie Studios and the U.S. Army, using methods including SQL injection and stolen usernames and passwords of company employees and software development partners.
The group is accused of stealing unreleased software, software source code, trade secrets, pre-release works and other confidential and proprietary information, including technical specifications for Microsoft's then-unreleased Xbox One and Apache helicopter simulator software developed by Zombie Studios, the DOJ said. Members of the conspiracy also stole financial and other sensitive information relating to the companies and some employees, the agency alleged.
The group also stole intellectual property and proprietary data related to Xbox Live, a pre-release version of Epic's Gears of War 3, and a pre-release version of Activision's Call of Duty: Modern Warfare 3.
The value of the intellectual property stolen and the costs associated with the companies' responses to the hacking is estimated at between $100 million and $200 million, the DOJ said. The DOJ has seized more than $620,000 in cash and other proceeds related to the allegedly illegal conduct.
The four men charged are Nathan Leroux, 20, of Bowie, Maryland; Sanadodeh Nesheiwat, 28, of Washington, New Jersey; David Pokora, 22, of Mississauga, Ontario, Canada; and Austin Alcala, 18, of McCordsville, Indiana. The four were charged in an 18-count indictment returned by a federal grand jury in the U.S. District Court for the District of Delaware in April. The court unsealed the indictments on Tuesday.
The charges in the indictment include conspiracies to commit computer fraud, copyright infringement, wire fraud, mail fraud, identity theft and theft of trade secrets, the DOJ said. The defendants are also charged with individual counts of aggravated identity theft, unauthorized computer access, copyright infringement and wire fraud.
Pokora and Nesheiwat pleaded guilty on Tuesday to conspiracy to commit computer fraud and copyright infringement and are scheduled for sentencing on Jan. 13. Pokora was arrested on March 28, while attempting to enter the U.S. at Lewiston, New York. Pokora's plea is believed to be the first conviction of a foreign-based individual for hacking into U.S. businesses to steal trade secret information, the DOJ said.
"Electronic breaking and entering of computer networks and the digital looting of identities and intellectual property have become much too common," U.S. Attorney Charles Oberly of the District of Delaware said in a statement. "These are not harmless crimes, and those who commit them should not believe they are safely beyond our reach."
Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's email address is firstname.lastname@example.org.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.