Hacker Who Tried to Blackmail Apple by Threatening to Delete 319 Million iCloud Accounts Sentenced, But No Jail Time
The U.K.'s National Crime Agency (NCA), a national law enforcement agency in the United Kingdom, has announced that the U.K. authorities have finally sentenced a cybercriminal who thought he could go on blackmailing Apple Inc. without suffering any consequences. After a two-year investigation and trial, the NCA released the sentence.
Kerem Albayrak, aged 22, demanded $75,000 in crypto-currency or a thousand $100 iTunes gift cards from Apple by claiming he had access to 319 million iCloud accounts and other Apple accounts. Albayrak threatened he would factory-reset the iCloud accounts and dump his databases online if the company did not meet his demands.
The cybercriminal from North London had emailed Apple Security on March 12, 2017, claiming he had access to iCloud account details. He said he was planning to sell such details online on behalf of what he called "his Internet buddies." To prove this, the criminal posted a video on YouTube and other media outlets where apparently he was accessing two iCloud accounts. On March 14, he increased the demand to $100,000 along with a threat to factory-reset every single iCloud account in his possession.
Without further delay, Apple immediately contacted law enforcement in both the U.K. and the U.S. "Albayrak wrongly believed he could escape justice after hacking into two accounts and attempting to blackmail a large multinational corporation," said Anna Smith, a Senior Investigative Officer for the NCA.
The National Crime Agency (NCA) led the U.K. side of the investigation and on March 28, 2017 officers from the NCA's National Cybercrime Unit arrested Kerem Albayrak at his home address in North London. The National Cybercrime Unit seized several digital devices in the criminal's possession including his phone, computers, and a hard drive.
Searching in his phone for evidence and suspect contacts, the investigators found phone records proving that the "Internet Buddies" Albayrak had referenced to before was a hacker group identified as the "Turkish Crime Family," a name with which the hacker group called themselves. Albayrak was the spokesperson for the criminal group.
According to the National Crime Agency report, investigators found that Albayrak told the group that "the attack will happen 99,9 percent. Even if it doesn't, you're still going to get a lot of media attention." When questioned about his activities Albayrak told NCA investigators that "once you get sucked into it [cybercrime], it just escalated and it makes it interesting when it's illegal. When you have power on the Internet it's like fame and everyone respects you, and everyone is chasing that right now."
Kerem Albayrak pleaded guilty and was sentenced on December 20, 2019. He was given a two-year suspended jail term, 300 hours of unpaid work, and a six-month electronic curfew at Southwark Crown Court in London, U.K.
The NCA never found evidence that the cybercriminal ever had any access to Apple's iCloud infrastructure. Other members of the Turkish Family Group have not yet been arrested. Back in 2017, Apple said that Albayrak only "had access to iCloud accounts for which users had reused passwords, and those passwords leaked online through breaches at other services," as it was reported by Zack Wittaker for ZDNet back then.
"Password reuse is a major risk that can be avoided -- nobody should protect sensitive data with something that can be guessed, like their first name, local football team, or favorite band," Ian Levy, NCSC Technical Director, said in a statement, reported by Rob Picheta for CNN Business.
"During the investigation, it became clear that he was seeking fame and fortune. But cybercrime doesn't pay," said Senior Cyber-Investigator Anna Smith. Any victim of cybercrime should report such compromises as soon as possible and retain all evidence to help accelerate the investigation. It is only this way that cybercriminals can be promptly brought to justice.
How to protect private details online, secure your devices, and choose a strong password
Many times cybercriminals gain access to accounts and private data by taking advantage of the lack of cybersecurity knowledge of most individuals. It is recommended that any individual who has either private or commercial activity online should learn at least some basics of cybersecurity in order to protect their personal data and devices from attacks. Cybercrime is everyone's concern and responsibility. It depends on us, as users, to learn the basic steps to protect our own data and devices from malicious attacks.
Apple's iCloud infrastructure is strongly protected and those using two-factor authentication or Apple's trusted device system should not have worries. Apple continuously releases new security updates that every user should download and install immediately in order to be protected.
It is also recommended that users should change their Apple iCloud password periodically and never use the common passwords which have been listed many times as passwords that are easy to hack. A secure password should include differently-cased letters, numbers, special characters, or use a password manager which can help in generating and storing strong passwords. The U.K.'s National Cyber Security Centre recommends using three random but memorable terms in a password in order to reduce the risk of having an account breached.
The National Cyber Security Centre (NCSC) recommends the following guides to make sure you keep your devices protected according to their manufacturer. It is always a good idea to check back on these guides for updates regularly since they get updated, and also every time you get a new device.
Everybody should look at the security settings on their smartphones, tablets, and computers. Choose your desired settings carefully and always keep your software updated. This may sound too obvious for some, but new users or some others for some other reasons may not be aware of the risks of being exposed to cyber attackers. Yet, this can be avoided by learning and following a few simple steps, and all begins with a strong password.