Two UK Hackers Sentenced Over London Transport Cyberattack Costing Nearly 40 Million Dollars

Two UK Hackers Sentenced Over London Transport Cyberattack Costing Nearly 40 Million Dollars

Two British hackers have been sentenced to five and a half years in prison for carrying out a major cyberattack against Transport for London (TfL) in 2024 that resulted in recovery costs of approximately £29 million, equivalent to nearly $40 million. According to Reuters, Thalha Jubair, 20, and Owen Flowers, 18, pleaded guilty last month to hacking TfL after authorities linked the incident to activity associated with Scattered Spider. The cyberattack took place between August 31 and September 3, 2024, during which the pair gained unauthorized access to TfL systems and conducted their operations over several days. Prosecutors said Jubair carried out the attack from his parents’ home in east London while Flowers participated from his grandmother’s residence in central England. Court proceedings revealed that the two hackers spent as many as 16 hours a day conducting the intrusion, causing significant disruption that ultimately required six months of recovery work to fully restore affected systems.

During the investigation, prosecutors explained that Jubair livestreamed the cyberattack while Flowers watched remotely, with investigators later recovering the recording from Flowers’ laptop. The footage became an important piece of evidence during the case. Prosecutor Mark Fenhalls told the court that the attackers had the capability to completely disable Transport for London’s systems and that the organization prevented further damage only by shutting down its own computer infrastructure. The recovery process following the attack lasted for approximately six months because of the extensive damage caused to internal systems. Prosecutors also revealed that only days after targeting TfL, Flowers participated in a conspiracy involving cyberattacks against two nonprofit healthcare organizations in the United States. According to the prosecution, those attacks came to an end only because authorities apprehended him while the activity was still ongoing. The court further heard that Flowers continued attempting unauthorized cyber activities even while in custody. Digital devices examined during the investigation contained internet searches and attempted access to domains associated with the Crown Prosecution Service and the correctional facility where he was being held.

Judge Mark Turner sentenced both Jubair and Flowers to five and a half years in prison, stating that he accepted the pair were primarily motivated by selfish bravado rather than financial gain. During the proceedings, prosecutors discussed previous references linking the TfL attack to Scattered Spider, a name widely used by cybersecurity researchers in connection with multiple high profile intrusions. However, prosecutors clarified that Scattered Spider is considered more a pattern of cybercriminal behavior than a formally structured hacking group. While both defendants acknowledged having links to individuals associated with that activity, the court emphasized that the label itself does not necessarily represent a single organized entity. Authorities also noted that Jubair and Flowers were only 18 and 17 years old when they targeted TfL, yet had already developed advanced technical capabilities. Prosecutors described them as highly skilled computer users capable of causing widespread disruption through sophisticated cyber operations.

The court also reviewed Jubair’s previous criminal history, which included a 2023 conviction for hacking and blackmailing semiconductor company Nvidia as part of activity linked to the Lapsus cybercrime group. In addition to those offenses, he received a sentence for stalking two young women, including an incident in which he attempted to direct armed police officers to one victim’s home through a false emergency report. The latest sentencing reflects one of the most significant legal outcomes related to the 2024 attack on London’s public transport network, highlighting the severe financial and operational consequences cyberattacks can have on critical public infrastructure. The case also demonstrates the increasing focus of law enforcement agencies on pursuing individuals involved in large scale cybercrime operations that target government services, transportation networks, healthcare organizations, and major private sector entities.

Source

Follow the SPIN IDG WhatsApp Channel for updates across the Smart Pakistan Insights Network covering all of Pakistan’s technology ecosystem.

Post Comment