Menu
Browse

Cyber Incident Victim: United States Army

Date:

Jan 2011

Location:

United States of America

Summary

A group of hackers infiltrated US Army networks and multiple technology companies, stealing sensitive military software such as Apache helicopter training systems alongside unreleased video games, source code, and intellectual property valued between $100 million and $200 million. The attackers employed SQL injection attacks and compromised employee credentials to access systems, resulting in charges including conspiracy to commit computer fraud, copyright infringement, and identity theft. Two members of the "Xbox Underground" hacking ring pleaded guilty to conspiracy charges, facing potential prison sentences.

CIA Posture Motives Tactics, Techniques & Procedures
Available to members 1 motive 1 technique
Threat Actors Type Location
5 actors Available to members Available to members

Description

Between January 2011 and March 2014, four individuals—Nathan Leroux (20), Sanadodeh Nesheiwat (28), David Pokora (22), and Austin Alcala (18)—operating under the name 'Xbox Underground' conducted unauthorized intrusions into the computer networks of multiple entities, including the US Army, Microsoft, Epic Games, Valve, and Zombie Studios. The group employed SQL injection attacks and utilized stolen employee credentials obtained from company personnel and software development partners to gain access. Once inside these systems, they exfiltrated unreleased software, proprietary source code, pre-release video games such as 'Call of Duty: Modern Warfare 3' and 'Gears of War 3,' and intellectual property related to Microsoft's Xbox One console and Xbox Live service. Notably, the hackers compromised US Army servers containing Apache military helicopter training software. The group also acquired financial records and sensitive corporate data, though customer information was not targeted. The US Department of Justice estimated the value of stolen intellectual property between $100 million and $200 million.

Cyber Incident Image

A federal grand jury in the District of Delaware indicted all four individuals on April 23, 2014, on 18 criminal counts including conspiracy to commit computer fraud, copyright infringement, wire fraud, mail fraud, identity theft, and theft of trade secrets, alongside individual charges of aggravated identity theft, unauthorized computer access, and wire fraud. By October 2014, Pokora and Nesheiwat had pleaded guilty to conspiracy charges related to computer fraud and copyright infringement, facing potential five-year prison sentences with sentencing scheduled for January 2015. An Australian national with ties to the conspiracy faced separate charges. US Attorney Charles M. Oberly III publicly emphasized the severity of the crimes, stating the case demonstrated federal commitment to prosecuting cyber intrusions targeting government and corporate assets. The prosecution highlighted the theft of military technology and proprietary commercial software as particularly consequential, though no operational disruptions to Army training programs were explicitly cited in available records.

Sources
Sources available to members
1 source