A former contractor of British low-cost airline Jet2 has been sentenced to 10 months in prison for a cyberattack that shut down the airline’s systems for over 12 hours, the UK’s National Crime Agency (NCA) announced on Thursday.
According to the NCA, Scott Burns worked with Jet2 through ICT services provider Blue Chip, which employed him until December 2017, when Burns left to work for another IT firm. In January 2018, Burns is said to have accessed systems operated by Jet2 and its parent company, Dart Group.
On January 18, 2018, the 27-year-old removed user accounts from the compromised systems, preventing over 2,000 Jet2 employees from accessing the company’s network and their emails.
An investigation conducted following the incident revealed that Burns had also accessed Jet2 systems in early January, which investigators believed was likely part of a reconnaissance operation.
Burns removed a piece of software used by Jet2 for network activity logging in an effort to cover his tracks. He also hacked into the email account of Jet2’s CEO, which he later told investigators was part of an attempt to see if the company had any clues pointing to him being the hacker. However, it did not take law enforcement long to identify him and he was arrested on February 8, 2018.
Burns was sentenced to 10 months in prison on December 18, after in November he pleaded guilty to charges covered by the UK’s Computer Misuse Act.
According to the BBC, Burns’ actions had cost Jet2 £165,000. The man apparently wanted to get back at Jet2 and Blue Chip for the way they treated him following an incident that occurred in 2017.
“Network intrusion is not a victimless crime. Not only did Burns’s actions have a potential financial impact on Jet2, it caused huge disruption to their staff and technical operations,” said the NCA’s Jamie Horncastle. “These are serious offences.”
Related: No Prison for British Cyber Expert in Malware Case
Related: British Airways Hacked With Details of 380,000 Cards Stolen
Related: British Hacker Convicted in Germany of Major Cyber Attack