Australian teenager who DDoSed E-crime website, Commonwealth Bank and his own school, walks free
This teen did something and got away with it! Seldom do you see anyone walking away free after creating online mayhem through DDoS attacks but this teen did just that.
A 15-year-old teenage hacker was sentenced to a “family conference” by a judge at the Christies Beach Youth Court in Adelaide, Australia after he targeted Australian Cybercrime Online Reporting Network (ACORN) Portal, Commonwealth Bank of Australia, and his own school servers in February 2016.
In Australian law, a family conference is when the court leaves the punishment to the family and a supervising youth police officer, who must agree with the punishment in order to consider the matter closed. Family conferences may require the teen to apologize publicly, pay compensation to the victims, perform a number of hours of community service, or more.
The youth, who cannot be identified under state law, pleaded guilty to four counts of unauthorised damage of computer systems related to Distributed Denial of Service (DDoS) attacks. However, the very next day, he walked free as the court ordered mediation between his family and victims rather than facing jail time.
The teenager was fortunate for not having to face prison time up to 3 years in youth detention under cyber terrorism laws in Australia, as he is not an adult.
“The penalty for orchestrating a DDoS attack is a maximum of 10 years imprisonment. This is found in the Cybercrime Act 2001, section 477.3 ‘unauthorised impairment of electronic communication.’”
The teenager started his DDoS spree on February 26 when he first attacked CBA that left the bank and some overseas customers unable to access services for more than three hours. The attack “had the potential to cause serious disruption to our services”, says the bank, even though customer money and information was not put at risk.
Later in March, he used his mobile phone in March to disrupt his high school’s information technology systems for “fun” and because he was “bored” in computing studies. Later, the teenager shifted the attacks from the school’s system to its Internet provider.
On April 4, 2016, he launched another attack on the ACORN website, which is used by every Australian police force and multiple federal crime fighting agencies, was shut down for up to six minutes but abandoned later.
He was arrested at his southern Adelaide home after both state and federal authorities tracked his unique internet protocol (IP) address. His school principal reported his crimes through ACORN.
Magistrate Cathy Deland, herself a CBA customer, confessed that she was “making a big step” ordering a “family conference” — a move supported by police — but said the law need to concentrate on rehabilitation, reports Adelaide Now.
She believed that he was unlikely to reoffend and had not demanded any “ransom”.
Ms Deland said his crimes stopped classmates from learning while his attack on the CBA was “just massive”.
She told him: “I don’t know that anyone would be able to put a price on repairing the disruption that you caused. I have no doubt it would have been millions of dollars.
“I have no doubt that you would not have thought much about the consequences. I am in the difficult situation having to weigh up your incredible stupidity against … your rehabilitation.”
The boy and his family refused to comment outside court.