A former contractor of British low-cost airline Jet2 has been sentenced to 10 months in prison for a cyberattack that shut down the airline’s systems for over 12 hours, the UK’s National Crime Agency (NCA) announced on Thursday.
According to the NCA, Scott Burns worked with Jet2 through ICT services provider Blue Chip, which employed him until December 2017, when Burns left to work for another IT firm. In January 2018, Burns is said to have accessed systems operated by Jet2 and its parent company, Dart Group.
On January 18, 2018, the 27-year-old removed user accounts from the compromised systems, preventing over 2,000 Jet2 employees from accessing the company’s network and their emails.
An investigation conducted following the incident revealed that Burns had also accessed Jet2 systems in early January, which investigators believed was likely part of a reconnaissance operation.
Burns removed a piece of software used by Jet2 for network activity logging in an effort to cover his tracks. He also hacked into the email account of Jet2’s CEO, which he later told investigators was part of an attempt to see if the company had any clues pointing to him being the hacker. However, it did not take law enforcement long to identify him and he was arrested on February 8, 2018.
Burns was sentenced to 10 months in prison on December 18, after in November he pleaded guilty to charges covered by the UK’s Computer Misuse Act.
According to the BBC, Burns’ actions had cost Jet2 £165,000. The man apparently wanted to get back at Jet2 and Blue Chip for the way they treated him following an incident that occurred in 2017.
“Network intrusion is not a victimless crime. Not only did Burns’s actions have a potential financial impact on Jet2, it caused huge disruption to their staff and technical operations,” said the NCA’s Jamie Horncastle. “These are serious offences.”
Related: No Prison for British Cyber Expert in Malware Case
Related: British Airways Hacked With Details of 380,000 Cards Stolen
Related: British Hacker Convicted in Germany of Major Cyber Attack
Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- Microsoft Adding New Security Features to Windows 11
- Sony Investigating After Hackers Offer to Sell Stolen Data
- 900 US Schools Impacted by MOVEit Hack at National Student Clearinghouse
- Predator Spyware Delivered to iOS, Android Devices via Zero-Days, MitM Attacks
- China’s Offensive Cyber Operations in Africa Support Soft Power Efforts
- SANS Survey Shows Drop in 2023 ICS/OT Security Budgets
- Apple Patches 3 Zero-Days Likely Exploited by Spyware Vendor to Hack iPhones
- Cisco to Acquire Splunk for $28 Billion
Latest News
- Microsoft Adding New Security Features to Windows 11
- UAE-Linked APT Targets Middle East Government With New ‘Deadglyph’ Backdoor
- Sony Investigating After Hackers Offer to Sell Stolen Data
- The CISO Carousel and its Effect on Enterprise Cybersecurity
- Xenomorph Android Banking Trojan Targeting Users in US, Canada
- $200 Million in Cryptocurrency Stolen in Mixin Network Hack
- Stealthy APT Gelsemium Seen Targeting Southeast Asian Government
- Nigerian Pleads Guilty in US to Million-Dollar BEC Scheme Role
