Everybody knew someone like Nicholas Knight in high school. He’s the guy who would pull an outrageous prank, commit a petty crime and brag about it. It seems some guys never grow up, as the 27-year-old Knight is federally charged in a conspiracy to hack computer systems.
Knight, an enlisted sailor, was serving as a systems administrator in the nuclear reactor department of the USS Harry S. Truman. He lead a hacker ring self-styled as “Team Digi7al,” according to NASDAQ. In 2012 and 2013, the group broke into at least 30 government and private computer systems, stealing data and releasing portions in Twitter and elsewhere as proof of their accomplishments.
The crimes were uncovered in 2012 through an NCIS investigation into a hack against the Navy’s Smart Web Move (SWM) website and database. He is alleged to have used the Truman’s computers for some of his activities, though he is not charged with any attempt to hack the ship’s systems.
One other conspirator has been charged – Daniel Krueger, an Illinois community college student – in the single count information released May 5 by U.S. Attorney Danny C. Williams, Sr.
Knight couldn’t resist bragging about his activities, often to the point of stupidity. In a May 8 story, ABC News quoted from court documents: “Knight and Krueger boasted about the Navy-SWM hack, stating that Navy.mil had been ‘owned’, the team hacked ‘MY OWN BOAT’, and the database should be ‘FIRE[D]’.”
Knight is cooperating with law enforcement. His explanation for his actions? “Essentially I am in trouble for posting all of the stuff on Twitter,” Knight told ABC News by email in his first interview. “Although a lot of people are saying I was the leader of some crime organizations that was out to get people which wasn’t true. Just a group of people that were dumb and did dumb things.”
His co-conspirator, Daniel Krueger, was equally reckless in his activities. Court documents show that he was using three-pass wiping to delete data while keeping an unsecured record of “hacking exploits and future targets” in an unsecured state.
While this story highlights the vulnerability of government computer systems to penetration, it points to more grave issues: How is it possible that the Truman’s computers, particularly those in the reactor area, could be used for hacking? Was Knight’s system administrator status enough to circumvent controls, or were there no controls? And, who monitors the systems administrators?
