LulzSec Suspect Ryan Cleary Charged In US

Tom Brewster is TechWeek Europe’s Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

Ryan Cleary is charged in the US, meaning he now faces the threat of prison in two countries

British 20-year-old Ryan Cleary has been charged in the US for his alleged involvement in LulzSec campaigns.

Cleary, who is currently detained in the UK, faces an indictment filed in the United States District Court in Los Angeles, charging him with one count of conspiracy and two counts of the unauthorized impairment of protected computers.

It was alleged that Cleary took part in LulzSec campaigns on a news organisation and several businesses over a number of months in 2011. It was his botnet that was used to take down organisations with distributed denial of service (DDoS) attacks, according to the indictment, which claims Cleary was also responsible for hacking into systems and retrieving data.

Tough time

That botnet potentially contained hundreds and thousands of bots and was rented out to others who wanted to carry out DDoS attacks, it was alleged.

Cleary, who is believed to suffer from Asperger’s syndrome, faces a statutory maximum sentence of 25 years in prison if convicted.

The Brit has had a tough time since his arrest in the UK in June last year, when he was charged with five offences under the Computer Misuse Act and Criminal Law Act.

Having been released on bail, he was back in prison in March after breaching bail conditions. He had  allegedly sent electronic messages to LulzSec leader Hector Xavier Monsegur over the Christmas period, when he was supposed to be banned from internet use.

Authorities believe Cleary was behind hits on organisations including the Serious Organised Crime Agency, the International Federation of the Phonographic Industry (IFPI) and the British Phonographic Industry (BPI).

“However much fun he thought he was having at the time, one thing is obvious: Cleary faces a world of hurt ahead, especially if the US authorities decide to seek his extradition,” said Sophos senior technology consultant Graham Cluley, in a blog post.

Are you a security guru? Try our quiz!