No one is safe online – blame these depraved teenage hackers
In October 2020, tens of thousands of people across Finland received an email telling them that some of their most intimate secrets were about to be made public. A hacker had infiltrated the computer files of Vastaamo, Finland's largest commercial therapy provider, and was now blackmailing patients, including children, saying their therapy notes would be published online if they didn't pay a ransom of €500 each.
The breach was so shocking that when the hacker, who went by the alias 'ransom_man', posted about the accomplishment on Ylilauta, a Finnish version of the notorious online forum 4chan, he was bombarded with messages from fellow users telling him that this time he'd gone too far.
Ransom_man was used to making enemies. His real name was Julius Kivimӓki, and he also went by the aliases 'Zeekill', 'Ryan' and 'The Untouchable Hacker God'. He was a 23-year-old from Finland who, both individually and as part of cyber gangs, had been causing havoc online for companies and innocent people around the world since he was 13.
In Joe Tidy's Ctrl+Alt+Chaos, an illuminating and often scary book about teenage hackers, Kivimӓki is cast as the talisman of various groups of young men – and they're almost exclusively men – who delighted in causing damage and cruelty on the internet in the 2010s, sometimes for money but mostly just because they could.
The trope of teenage 'hackers in hoodies' sitting in their parents' homes and breaking into companies' online systems is now a little outdated. Businesses and organisations these days are more concerned about ransomware gangs and state-sanctioned hackers. Nonetheless, Tidy writes, from around 2010 to 2015, the world saw 'probably the most active period in history for youth cybercrime gangs' – and Kivimӓki was 'one of the chief architects'.
Tidy, the BBC's first ever 'cyber correspondent', aims to use Kivimӓki's career to chronicle the rise of a 'sadistic' culture in which being an 'edgelord' – acting as provocatively and outrageously as possible – took precedence over anything else, including how many victims might be hurt, or how badly. The structure doesn't always work: Kivimӓki, who was sentenced in 2022 for the Vastaamo hack and is in prison until 2026, couldn't be interviewed by Tidy, meaning he remains a somewhat shadowy figure despite being the nominal centrepiece.
But as an insight into how very young teenage boys can get lured into a world of cybercrime – and, crucially, seem not to care about the pain they're causing – it's fascinating. Until roughly the early 2000s, most amateur hacking groups cast themselves as ethical: they would, for instance, breach online systems to embarrass greedy corporations. But around 2010, Tidy says, something 'went horribly wrong'. Suddenly gangs weren't hacking for any particular reason beyond causing mischief and receiving their peers' recognition. 'If there was any strategy to our attacks,' one former teenage hacker recalls, 'it was mayhem.'
Tidy puts much of the blame on Twitter, which 'gave birth to a new generation of fame-hungry hackers' who could boast about their work to win followers and clout. Groups such as Lulzsec, HTP (Hack the Planet), UG Nazi and Lizard Squad – with all of whom Kivimӓki had some involvement or connection – would engage in 'deliberately cruel' acts just to show how irreverent they were. Sometimes these hacks involved a level of sophistication: one group took down both the Xbox Live and PlayStation Network, used by a combined 158 million people, over Christmas 2014. But often the tactics were so simple as to not be considered hacking at all. Among cybersecurity criminals and experts, these young men were derided as 'script kiddies' – the lowest tier of hackers. One favoured technique of these teenagers, for example, particularly in America, was 'swatting': police would be contacted about a bogus 'emergency' at someone's home, so that an armed Swat team was sent to the victim's door.
A particularly distressing case, related by Tidy, is that of a 17-year-old boy from Illinois named Blair Strater, who became the focus of Kivimaki's ire: on more than one occasion, armed police appeared in the night at Strater's and his parents' home. The email and social media accounts of Strater's mother were also hacked by Kivimӓki and HTP, who then wrote anti-Semitic and racist tirades under her name. The adult Straters' marriage fell apart, Strater's mother lost her job during the ordeal. At this point, some other teenage hackers begin to distance themselves from Kivimӓki. 'We started to realise the type of person he was. The way he treated Blair was wrong,' one former hacker recalls. Yet the Straters were comparatively lucky. Another incident led to an innocent father-of-two being shot dead on his doorstep by armed police.
Meanwhile, another young wannabe hacker who mouthed off about Lizard Squad – with whom Kivimӓki was also involved – was forced to cut himself dozens of times along his forearm and take a picture of it while holding a card saying 'LizardSquad made me do it', in order to get his online accounts back. 'It was pure sadism,' one participant admits.
When caught, because most of the perpetrators were under 18, they often received extremely light sentences. For some, this was enough to set them straight, but for others it just made them feel invincible. One former member recounts how 'making global headlines made him feel like a god'. Tidy does a good job of tracking down and talking to such ex-hackers. Unsurprisingly, what comes out is that, in many cases, these boys were extremely lonely, bullied at school or had a hard home life; they desperately wanted the camaraderie of friendship. Most had found their way into these gangs through obsessively playing computer games and coming across forums that listed cheat codes – then matters spiralled. The first parents knew about it was when the police appeared at their door. They'd thought their son was just playing computer games.
While there was no hierarchy within these gangs, Tidy says they were usually led by whoever was most outrageous or most sophisticated at hacking. Kivimӓki sounds like he was a dangerous combination of both. When Finnish police raided his bedroom in 2013, he was just 16, but there was so much illegal activity on his computer that they had to limit their investigations to just the bigger cybercrimes. Antti Kurittu, a Finnish cybersecurity expert and former police detective, says that Kivimӓki hacked a therapy company simply because it would cause distress: 'I don't think he was ever interested in cybersecurity that much. He was just interested in causing mayhem to people's lives… he is uncaring to a degree which is difficult to understand.'
The spate of 'edgelord' teenage hackers had appeared to have died away; but at the end of his book, Tidy mentions new groups such as Scattered Spider, who appear to be made up of teenage boys, some as young as 16, who work with notorious Russian ransomware groups and are willing to use offline violence as part of their threats. Scattered Spider is alleged to be linked to the recent hacks of Marks and Spencer, the Co-op and Harrods. Authorities believe that gangs will emerge in new digital spaces such as the metaverse, and that the best way to avoid that will be education: teaching children 'where the lines are' online. If we fail to do that, Tidy writes, we're 'enabling the cyber criminals of the future'.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
The Independent
12 hours ago
- The Independent
Defence review is ‘message to Moscow'
The Defence Secretary has called plans to boost the UK's military might a 'message to Moscow' but said he does not expect to raise the number of soldiers until the next parliament. The Government has pledged £1.5 billion to set up at least six factories, and will support the procurement of up to 7,000 UK-built long-range weapons in response to the strategic defence review (SDR) to be published on Monday. The new funding will see UK munitions spend hit £6 billion during this parliament and support around 1,800 jobs throughout the country. Sir Keir Starmer has called the review a 'radical blueprint' and pledged a 'wave of investments' in shipbuilding, drone technology and cyber defences. Defence Secretary John Healey said the £6 billion of investment would 'equip our forces for the future' and 'create the jobs in every part of the UK'. 'This is a message to Moscow as well. This is Britain standing behind, making our armed forces stronger but making our industrial base stronger, and this is part of our readiness to fight, if required,' he told the BBC's Sunday Morning With Laura Kuenssberg programme. He said Russia is 'attacking the UK daily' as part of some 90,000 cyber attacks from state-linked sources were directed at the UK's defence over the last two years. A cyber command to counter such threats is being set up as part of the review. Asked if he expected a form of real-world attack by Russia on the UK in the coming years, he said: 'We have to be prepared. Nato has to be prepared. We see Putin in Ukraine trying to redraw international boundaries by force … it's part of the growing Russian aggression.' He added that is why Nato and the UK are 'stepping up our ability to deter as well as to defend in the future'. 'The world is more uncertain. The tensions are greater but we prepare for war in order to secure the peace. If you're strong enough to defeat an enemy you deter them from attacking in the first place,' Mr Healey said. He said plans to reach 2.5% of GDP spending on defence by 2027 and an 'ambition' to hit 3% in the next parliament were 'enough to deliver the SDR's vision that sets out tomorrow, and that vision is a transformation of Britain's armed forces.' He said there was 'no doubt' the Government would reach 3% in the next parliament. But he said he does not expect to make progress towards raising the number of soldiers to 73,000 until the next parliament. 'We've narrowed the gap, but we've still got more people leaving than joining. 'The first job is to reverse that trend and then I want to see in the next parliament our ability to start to increase the number,' he said. Defence minister Alistair Cairns, writing in The Mirror, said there were plans to increase cadet numbers by 30% with new opportunities for young people to get into the armed forces. And more than £1.5 billion in extra funding will go to military homes for urgent repairs such as fixing boilers and roofs, and other issues including tackling damp. Shadow justice secretary Robert Jenrick welcomed the Government's pledge to increase defence spending but said he was 'sceptical' as to whether the Chancellor would make good on the plans. Mr Jenrick said the UK should reach 3% of GDP spending on defence 'within this parliament'. 'We think that 2034 is a long time to wait given the gravity of the situation,' he told the Sunday Morning With Trevor Phillips programme on Sky News.
BBC News
a day ago
- BBC News
'Every child will have contact with a stranger online'
Sophie was just 17 when she was contacted online by someone she believed to be a boy of her own age. Having just split from her boyfriend, Sophie - not her real name - admits she was feeling low and lacking self-confidence, so welcomed his attention."He told me I was pretty and we chatted on and off for about a month or so on various social media platforms," she asked her to send him some pictures, which she did. "I didn't think much of it," she then told her she could make money from the pictures, and asked for more, including sexually explicit shots."So I began sending him pictures of what he asked for. Before too long, it was videos and I was in way too deep," she realised something was amiss when people began to contact her to say they had seen the "boy" asked her for more photos and video, this time of her with others, and she never received any money."I felt like I was in a mess and it was all too much," she says. Sophie is one of hundreds of people who have been helped by Bedford-based charity Link to offers help, support and guidance to young people aged from seven to 26 in four areas of exploitation: sexual, criminal, online and for 20 years, its clients are referred by organisations including police and schools, as well as parents. "At some point, every child will have contact with a stranger online," warns Hayley Brown, its chief executive."Find me a young person that doesn't have a phone or a tablet, and if a young person has a phone or tablet, there is a way and means they can be contacted," she is crucial, she adds, are the decisions made after that contact."It's about being able to have those conversations with young people and make them aware of what's happening." "There needs to be more around what we are doing in society," says Ms Brown."We can blame the social media companies; however, what we have is a generational gap, around young people, technology that they are using and parents' knowledge and understanding around that."Parents, she says, have a "fine line" to negotiate as young people's critical thinking will not be fully developed."What they think might be a wise decision might not be a wise decision," she warns. Everyone, she says, needs to be aware of grooming "as it's a natural process" that builds groomer could be an older male, she says, but "could be their best friend, someone in their class, someone the same age as them". As the mother of a 13-year-old herself, she says: "There's an element of needing to trust my child but also being able to know and monitor what they are doing."So many young people are scared to report something that's happened to them as they're scared of the trouble they'll get in. It's not the young person's fault."They're not asked to be groomed. In society, we put the blame on children, but this is abuse; this child has been abused." If you have been affected by the issues raised in this article, help and support is available via BBC Action Line. Demand for the charity's services are up: its referrals have increased by 233% in four years."We are at a point where our waiting list is so high, we're having a battle with our capacity," Ms Brown she says it is worth it, because the charity has a 98% success rate in helping people exit exploitation. "We will not close a young person's case until all aspects of their life are on track," she says. While it is still unclear who Sophie's groomer was, she says the support she received "helped change my life". "They helped me to understand what had happened to me - it wasn't my fault," she says."I had one-to-one support for about eight months in total. "They helped not only with the exploitation, but to be able to build my confidence and self-esteem and my mental health struggles." James Simmonds-Read, national programme manager for The Children's Society, says online spaces can be "hugely positive" for young can be places to learn, to connect and have fun, but can also be used by abusers to "exploit and groom"."That's why it is so important for adults to build open, trusting relationships where children can tell them anything without fear of judgement while also staying alert to signs of potential harm, and speaking up if something doesn't feel right," he says."Children won't always realise they're being groomed - that's why adults need to stay switched on to the signs."These can include:Sudden changes in behaviour, particularly after time onlineMentioning or meeting new friends they met on gaming or social appsTalking about offers of making "easy money"Being secretive or withdrawn about online activitiesHe advises anyone with concerns to report them to the police and to contact the platform where any incidents of grooming, exploitation, or abuse are taking place. Follow Beds, Herts and Bucks news on BBC Sounds, Facebook, Instagram and X.
The Independent
a day ago
- The Independent
Top defense officials say Ukraine war has blurred lines, exposing global threats
China and North Korea 's support for Russia in its war against Ukraine has exposed how lines between regions have blurred, and the need for a global approach toward defense, top security officials said Sunday. North Korea has sent troops to fight on the front lines in Ukraine, while China has supported Russia economically and technologically while opposing international sanctions. Lithuanian Defense Minister Dovilė Šakalienė told delegates at the Shangri-La Dialogue, Asia's premiere defense forum, that if Ukraine were to fall, it would have a ripple effect in Asia and suggested it could embolden China in its territorial claims on Taiwan and virtually the entire South China Sea. 'If Russia prevails in Ukraine, it's not about Europe. It's not about one region," she said. 'It will send a very clear signal also to smaller states here in Indo-Pacific that anyone can ignore their borders, that any fabricated excuse can justify invasion.' The comments echoed those from French President Emmanuel Macron as he opened the conference on Friday advocating for greater European engagement in the Indo-Pacific. On Saturday, U.S. Defense Secretary Pete Hegseth suggested European countries should focus their defense efforts in their own region and leave the Indo-Pacific more to the U.S., but Šakalienė said the regions were clearly intertwined. 'It's not a secret that when we talk about the main perpetrators in cyber security against Japan it's China, Russia and North Korea,' she said. 'When we talk about main cyber security perpetrators against Lithuania it's Russia, China and Belarus — two out of the three are absolutely the same.' She added that 'the convergence of Russia, China, Iran, and North Korea into an increasingly coordinated authoritarian axis,' demands a unified response. Iran has been a key supplier of attack drones to Russia for its war effort. "In this context, the United States' strategic focus on Indo-Pacific is both justified and necessary, but this is not America's responsibility alone,' she said. Australian Defense Minister Richard Marles told reporters on the sidelines that his main takeaway from the three-day conference, hosted by the International Institute for Strategic Studies, was the 'real intent in the way in which European countries have engaged' in the debates. 'It reflects the sense of connection, interconnectedness ... between Indo-Pacific on the one hand and the North Atlantic on the other,' he said. China sent a lower-level delegation from its National Defense University this year to the conference, but its Foreign Ministry on Sunday responded to comments from Hegseth that Beijing was destabilizing the region and preparing to possibly seize Taiwan by force. 'No country in the world deserves to be called a hegemonic power other than the U.S. itself, who is also the primary factor undermining the peace and stability in the Asia-Pacific,' it said, while reiterating its stance that the Taiwan issue was an internal Chinese matter. 'The U.S. must neve play with fire on this question,' the ministry said. Philippines Defense Secretary Gilberto Teodoro Jr, whose country has been involved in increasingly violent clashes with China over competing claims in the South China Sea, scoffed at the idea that the U.S. was the problem. 'What the Chinese government considers fair and just may stand in stark contrast to the norms and values accepted by the rest of the world, especially the smaller countries,' he said. "To envision a China-led international order, we only need to look at how they treat their much smaller neighbors in the South China Sea.' He also underscored the international implications of the tensions in the Indo-Pacific, noting that the South China Sea was one of several maritime routes that are 'arteries of the global economy.' 'Disruption in any of these maritime corridors triggers ripple effects across continents, impacting trade flows, military deployments, and diplomatic posture,' he said.
