A cyberattacker that took down Jet2 systems for over 12 hours has been jailed after admitting his guilt.
Scott Burns of Morley, Leeds, used to work with the airline as a contractor from IT provider Blue Chip. The 27-year-old worked on the Jet2 account until December 2017, when he left and took up a position at another IT company.
Burns, who the UK’s National Crime Agency (NCA) describes as “disgruntled,” performed attacks on the Jet2 network, leading to the shutdown of services for over 12 hours on 18 January 2019.
The contractor was able to remove a folder that stored user data, preventing at least 2,000 members of staff from logging into their network accounts, including those with administrative privileges.
It was only due to the rapid actions of one employee who was able to create a hidden admin account at the same time the attack was taking place that Jet2 avoided “complete disaster,” according to prosecutors.
The BBC reports that the cyberattack and operational disruption cost Jet2 £165,000 ($215,000).
The shutdown of the network came after a scoping and reconnaissance exercise on 3 January 2019, in which it is believed Burns probed the security of the Jet2 network.
Burns was not finished after causing the disruption. After the attack, he compromised the email inbox of Jet2’s CEO Steve Heapey and “once or twice” checked up on the executive’s messages to see what was being said about the cyberattack — and whether or not the company had any suspicions of his involvement.
To try and avoid discovery, Burns also deleted log files and network event records.
Dart Group, of which Jet2 is a subsidiary, provided evidence after the cyberattacks to forensics teams. Together with the analysis of computer systems, cybersecurity experts were able to trace the hacking activities back to the contractor.
CNET: Facebook will stop using two-factor authentication phone numbers for friend suggestions
The IT admin was arrested on 8 February. The seizure of electronic devices belonging to him revealed he was unhappy working with the airline, saying in chat messages that he was “finally sick and tired of BC/Jet2” and that leaving Blue Chip was “freeeedom.”
Burns also used Google to look up potential prison sentences for network intrusion under UK law.
Burns pleaded guilty to a total of eight offenses under the UK’s Computer Misuse Act in November, leading to sentencing on Wednesday at Leeds Crown court. He must serve 10 months in prison.
TechRepublic: Phishers prey on fans of latest Star Wars film
“Not only did Burns’s actions have a potential financial impact on Jet2, it caused huge disruption to their staff and technical operations,” Jamie Horncastle, NCA lead officer said. “I would always encourage victims of such attacks to preserve as much evidence as possible in the immediate aftermath — it will assist law enforcement in catching the perpetrator.”
See also: UK hacker-for-hire jailed for role in SIM-swapping attacks, data theft
In August, a British teenager was sentenced to 20 months behind bars for offering “hacker-for-hire” services, including data theft and SIM-swapping attacks — the temporary theft of a phone number which can be used to steal the codes required to bypass two-factor authentication (2FA) account protections, as well as instigate password recovery procedures.
Previous and related coverage
Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0