The gaming world is no stranger to high-profile hackers. From leaking a beta version of the highly anticipated Half-Life 2 back in 2004, all the way to a massive attack that knocked down the Playstation Network for a month in 2011 and leaked 77 million user accounts, hackers have gone far. This time, the FBI has charged four different hackers responsible for breaching the online security and stealing from several big gaming companies including Microsoft, Epic and Valve, as well as the the U.S. Army. The claims estimate that between $100 to $200 million was stolen in intellectual property, despite customer and user accounts being safe.
The indictment charges the hackers with 18 different accounts of criminal activity including theft of intellectual property, unreleased software and source code, trade secrets, pre-release work, copyright infringement and mail fraud. Financial and other sensitive data might have been jeopardized as well. However, the information about the customers of these companies, such as their user accounts or payment details, were not stolen. The indictment alleges that the group was planning to sell all this information for profit. Some of the charges are treated as a group conspiracy and some applied on an individual basis to each of the hackers.
The information stolen includes details about Microsoft’s Xbox One console prior to its launch as well as several games such as Call of Duty: Modern Warfare 3 or Gears of War 3. On top of that, the group also allegedly obtained “proprietary software used to train military helicopter pilots” from the U.S. Army and cracked into Valve’s network, albeit the extent of that was not detailed. The FBI charges indicated four hackers responsible for stealing from Microsoft, Epic and the U.S. Army.
Two of the four suspects, 22-year-old David Pakora from Ontario and 28-year-old Sanadodeh Nesheiwat from New Jersey, have pleaded guilty. The other two, 20-year-old Nathan Leroux from Maryland and 18-year-old Austin Alcala from Indiana, are claiming innocence. The sentencing of Pakora and Nesheiwat is scheduled for Jan. 13, 2015. They are facing a fine of at least $250,000 as well as up to five years in prison – a hefty punishment for such young hackers.
The FBI announced this will be the “first conviction of a foreign-based individual for hacking into U.S. businesses to steal trade-secret information.” In comparison, the German teenager who leaked the Half-Life 2 beta in 2004 was caught and persecuted in his own country, now rehabilitated and working in the security sector. The indictment also stated that an Australian citizen, Dan “SuperDaE” Henry was part of the conspiracy by trying to sell a leaked Xbox One kit on eBay. He was raided by the FBI in the beginning of 2013 and charged according to the Australian law.
Big-profile hacker cases such as the stealing from Microsoft, Epic and the U.S. Army have become almost commonplace these days, albeit not always involving charges from the FBI. Countless other examples outside of the gaming sector have also surfaced over the years as well, such as the 2012 security breach of LinkedIn or even PF Chang’s restaurant earlier this year. The lesson here is pretty simple – if it exists somewhere on the Internet, it can and will be hacked. Just like retail stores will always have to guard against potential robbers, online ventures will always have to fend off virtual thieves. Occasionally, they will let one slip by.
By Jakub Kasztalski