Thu, 11 Jun 2020
A COMPUTER hacker from Hungerford has narrowly avoided an immediate prison sentence.
The 22-year-old walked from the dock at Reading Crown Court on Monday with a suspended sentence after a judge told him: “We don’t want people like you hacking into our computers and stealing our private information.”
Jack Shepherd had previously pleaded guilty to several charges of causing a computer to secure, or enable unauthorised access to, a programme or data held in another computer.
Shepherd used a cybercrime technique called “credential stuffing”, using computer software to run through a list of usernames and passwords against a target website. The information gained could then be used to access services without payment.
He used this software to access a video games hosting website, taking control of people’s accounts and then selling off player’s characters. He also took control of some people’s social media accounts and their accounts on a creative music upload site.
Additionally he also used separate software to connect to insecure video cameras connected to the internet. Shepherd would log in to the camera and then use the microphone as a speaker.
All the offences were committed from his bedroom in Atherton Crescent in 2016 and 2017.
Gavin Holme, prosecuting, said Shepherd had also used hacking programmes to play online gaming and steal other players’ paid-for ‘abilities’ within the game – “such as a magic sword”.
Claire Davies, for Shepherd, said her client was immature and had not been motivated by financial gain.
Judge Paul Dugdale interjected: “He did it, I suspect, simply because he could.”
He told Shepherd that computer hacking would always attract a prison sentence, but that in his case several mitigating factors meant he could suspend it.
But he warned: “I don’t want anyone to think, because of that, that hackers don’t go to prison.”
Judge Dugdale said: “You were spending all your time – I suspect, day and night – on your computer and it was your life.
“You picked up [hacking] software... to begin with you hacked into your sister’s computer for a bit of a laugh.
“But then you used it to hack into the accounts of other people and games and to take things from their accounts.”
However, noted the judge, “you weren’t doing this to make money or target anyone for revenge; you weren’t trying to gain a reputation as a mighty hacker – you were doing it because you could”.
He added: “The reason it’s so serious is that, at the other end of the spectrum, are people who hack computers and cause millions, if not billions, of pounds worth of damage.
“They steal from people and blackmail people, including the NHS and the Post Office.
“Society doesn’t want that and a very clear message has to go out to the public.
“If you hack someone’s computer for any reason, you get a prison sentence.”
Judge Dugdale said he was able to suspend Shepherd’s sentence because of his co-operation with police who raided his home; his immaturity and youth and the lack of malice in his actions.
He added: “You did this foolishly, without any particular plan.
“You were spending far too much time in your bedroom and not enough talking to people.
“But if you hack into anyone’s computer again, or have a little experiment with it, you will go to prison, all right?”
Shepherd was sentenced to four months imprisonment, suspended for 12 months.
No order for costs was made because of his lack of means to pay.
Detective sergeant Phil Walden, of Thames Valley Polices Cyber Crime Unit, said: “Shepherd hacked into people’s accounts, invading their privacy and using their accounts for his own gain and amusement.
“The companies who were targeted also have to spend huge amounts of money in order to prevent these types of crime.
“Thames Valley Police Cyber Crime Unit works with a wide range of law enforcement, government and private sector partners as part of Team Cyber UK to disrupt this type of criminality.
“We would like to remind the public and businesses to take time to consider their cyber security, in particular taking steps to secure their online accounts and internet video cameras, changing default passwords to strong passwords, unique to each account and enabling two-factor authentication wherever possible.
“We would also advise to parents and guardians that if you are aware of your child playing online games, you make sure they are using secure and strong passwords to prevent their accounts being hacked.”