Disorganized Teenagers Accused of Assault on London's Public Transport System
In a significant development, two teenagers, Owen Flowers from Walsall and Thalha Jubair from East London, are set to appear in court today for charges related to a cyberattack on Transport for London (TfL) in August 2024.
The attack, which occurred on August 31, 2024, caused disruptions to various back office functions, leading some staff to work from home and limited numbers of ticketing machines to go offline. As a result, users relying on contactless payments to access transport services were unable to view their journey histories online.
The charges against Flowers and Jubair, authorized by the Crown Prosecution Service (CPS), are primarily under the Computer Misuse Act. The CPS has collaborated closely with the National Crime Agency (NCA) during their investigation.
The NCA warns of an increase in the threat from cyber criminals based in the UK and other English-speaking countries, with Flowers and Jubair's alleged involvement in Scattered Spider being a clear example. The organization to which they allegedly belong is the cybercrime group called Scattered Spider.
Flowers is charged for infiltrating and damaging SSM Health Care Corporation's network and attempting to do the same with Sutter Health, two major U.S. healthcare companies. He is also accused of being connected to two other attacks on US healthcare organizations around the same time as the TfL attack.
However, it's important to note that Flowers is not officially being linked to the MGM case, and he is not linked by authorities to the attacks on British retail giants M&S, Co-op, and Harrods earlier this year.
Aside from TfL, Jubair faces a charge under the Regulation of Investigatory Powers Act 2000, for failing to surrender PINs and passwords for devices seized by law enforcement on March 19.
The total costs related to the TfL incident, including incident response and remediation measures, ran into the tens of millions. It was not until December 4, 2024, that TfL was able to issue photo travel cards or issue refunds to customers for incomplete pay-as-you-go journeys. The refund and bank data of around 5,000 Oyster cardholders were exposed, potentially including bank account numbers and sort codes.
A TfL spokesperson stated that the security of their systems and customer data is extremely important to them and that they continually monitor their systems to ensure only authorized access. The NCA's main objective for these charges is to ensure a sustained disruptive effect against Flowers, Jubair, and their alleged cyber offences.
The CPS has worked to establish that there is sufficient evidence to bring the case to trial and that it is in the public interest to pursue criminal proceedings against Flowers and Jubair. The evidential threshold for attributing individuals to groups and specific attacks is high, making the revelation about Scattered Spider notable.
Read also:
- Strategies for Adhering to KYC/AML Regulations in India, a Leading Fintech Center (2024)
- Updated Framework for NIST Cybersecurity: Comprehensive Insight into the Latest Version
- Insecure coding practices permeate numerous businesses, potentially leading to significant future difficulties in ensuring system safety.
- NSA's Focused Surveillance on Three Areas of Generative AI in Cybersecurity Domain
