WEBVTT 00:00:00.099 --> 00:00:01.099 JACK: You ever see something on TV or in the news and it just really gets under your skin? 00:00:01.099 --> 00:00:02.099 Like, something that really upsets you and you can’t just sit there and do nothing 00:00:02.099 --> 00:00:03.099 about it now that you know it’s going on. 00:00:03.099 --> 00:00:04.099 So, you get up to do something but what do you do? 00:00:04.099 --> 00:00:05.099 You could make a call to complain to someone, you could write a letter to complain, or even 00:00:05.099 --> 00:00:06.099 go there in person to complain. 00:00:06.099 --> 00:00:07.099 Maybe a lot of other people are mad too, so there might be a protest outside and everyone’s 00:00:07.099 --> 00:00:08.099 shouting. 00:00:08.099 --> 00:00:09.099 This is the story about a guy who got really worked up over something he read about and 00:00:09.099 --> 00:00:10.099 decided to take matters into his own hands. 00:00:10.099 --> 00:00:11.290 JACK (INTRO): [INTRO MUSIC] These are true stories from the dark side of the internet. 00:00:11.290 --> 00:00:15.889 I’m Jack Rhysider. 00:00:15.889 --> 00:00:19.600 This is Darknet Diaries. 00:00:19.600 --> 00:00:27.269 [INTRO MUSIC ENDS] 00:00:27.269 --> 00:00:35.990 JACK: This story is about a young man named Cameron, or Cam for short. 00:00:35.990 --> 00:00:41.110 CAM: My name’s Cam and I live in Gloucester in the United Kingdom. 00:00:41.110 --> 00:00:44.879 JACK: But Cam grew up in the picturesque area of Cornwall, in England. 00:00:44.879 --> 00:00:49.770 [MUSIC] It’s in the bottom-left corner of England, sort of like the toe of the country. 00:00:49.770 --> 00:00:54.329 I’m sure you’ve seen pictures of Cornwall; it’s a quiet area, lots of farms all about, 00:00:54.329 --> 00:00:57.940 there’s some beautiful cliffs there, and fishing boats that come in and out of the 00:00:57.940 --> 00:00:58.940 port. 00:00:58.940 --> 00:01:01.010 It’s an extraordinarily beautiful part of England. 00:01:01.010 --> 00:01:06.000 Oh, and I just learned there’s a massive GCHQ satellite dish installation in Cornwall. 00:01:06.000 --> 00:01:09.380 It’s there to collect signals intelligence and to do mass eavesdropping. 00:01:09.380 --> 00:01:14.500 It’s called GCHQ Bude if you want to look it up, but that’s totally unrelated to this 00:01:14.500 --> 00:01:15.500 story. 00:01:15.500 --> 00:01:19.680 Now, when Cam was fourteen, he got a PS3, a PlayStation, and he loved playing video 00:01:19.680 --> 00:01:24.650 games on it, things like Modern Warfare, Call of Duty or COD for short, and lots of other 00:01:24.650 --> 00:01:26.119 online first-person shooters. 00:01:26.119 --> 00:01:30.280 CAM: I ended up to the point where I was like trying to be competitive and obviously being 00:01:30.280 --> 00:01:35.020 fourteen, you’re usually not as good as all the adults that play. 00:01:35.020 --> 00:01:39.470 I’d get frustrated with being beaten so I’d try and find cheats and then glitches 00:01:39.470 --> 00:01:41.229 on how to get better. 00:01:41.229 --> 00:01:45.460 I’d see people cheating and glitching against me and then I’d be frustrated with that, 00:01:45.460 --> 00:01:50.469 so then I would take it to the next level again and try and compete with them. 00:01:50.469 --> 00:01:56.210 JACK: He made a few people upset as he played Modern Warfare; either from winning or talking 00:01:56.210 --> 00:01:58.430 trash or using cheats. 00:01:58.430 --> 00:02:02.899 Some people got mad at him for this and said hey, stop, or I’ll knock you offline. 00:02:02.899 --> 00:02:04.580 Cam’s like yeah, whatever, and just kept playing. 00:02:04.580 --> 00:02:10.229 But lo and behold, he did get kicked off the game. 00:02:10.229 --> 00:02:15.210 But not only that; the internet was down for his whole house. 00:02:15.210 --> 00:02:16.540 Huh. 00:02:16.540 --> 00:02:18.760 Fourteen-year-old Cam was intrigued by this. 00:02:18.760 --> 00:02:25.300 CAM: I was kind of like, they someone had booted me offline or disconnected me from 00:02:25.300 --> 00:02:26.819 the internet from their side. 00:02:26.819 --> 00:02:30.550 JACK: When you’ve already been downloading cheats to play your favorite game, it’s 00:02:30.550 --> 00:02:34.989 not far of a stretch to take it to the next level and learn how to boot someone right 00:02:34.989 --> 00:02:37.620 off the internet entirely. 00:02:37.620 --> 00:02:40.500 Cam had researched some options and was ready for revenge. 00:02:40.500 --> 00:02:44.790 CAM: Then to the point when I’d try and get them back, so I started LOIC. 00:02:44.790 --> 00:02:48.330 JACK: Ah yes, good old LOIC. 00:02:48.330 --> 00:02:51.290 LOIC stands for Low Orbit Ion Cannon. 00:02:51.290 --> 00:02:56.269 It’s an application you put on your computer and it has the capability to send millions 00:02:56.269 --> 00:03:01.310 of packets to whatever IP address you want to send it to which can flood that user’s 00:03:01.310 --> 00:03:06.260 internet connection so bad that they can’t get to anything online, kind of like causing 00:03:06.260 --> 00:03:11.490 a massive traffic jam right in someone’s driveway so they can’t pull out or go anywhere. 00:03:11.490 --> 00:03:16.239 [MUSIC] This is called a denial-of-service attack, or DoS, because you’re jamming up 00:03:16.239 --> 00:03:19.400 someone’s internet so bad, they don’t get service. 00:03:19.400 --> 00:03:25.290 Cam loaded up [00:05:00] LOIC and was ready to fire at an IP to knock it offline but there’s 00:03:25.290 --> 00:03:31.790 one big problem; how do you find the IP of a certain player in the game? 00:03:31.790 --> 00:03:37.819 This is quite a challenge because without the IP, LOIC just won’t do anything. 00:03:37.819 --> 00:03:42.510 The game itself does not show you the IP address of your opponent specifically for this reason; 00:03:42.510 --> 00:03:46.930 to keep them safe from DoS attacks and from people wanting to know more about you. 00:03:46.930 --> 00:03:49.430 So, Cam devised a plan. 00:03:49.430 --> 00:03:55.459 His plan was to send his victim a link to a website that he had control over so from 00:03:55.459 --> 00:04:00.650 there, he could then capture his victim’s IP address which he could then put into LOIC, 00:04:00.650 --> 00:04:02.540 and fire away. 00:04:02.540 --> 00:04:06.540 But still, how do you get your in-game opponent to click your link? 00:04:06.540 --> 00:04:10.950 CAM: It was basically like a Bitly link, then you send it in and call the caption like ‘I 00:04:10.950 --> 00:04:15.310 caught you doing this’ or whatever, or something to make them click on the link. 00:04:15.310 --> 00:04:17.259 JACK: Ah, pretty clever. 00:04:17.259 --> 00:04:21.120 By telling his opponent that he caught him doing something and to click this link to 00:04:21.120 --> 00:04:25.199 see what it was, that was enough to get them to click it. 00:04:25.199 --> 00:04:29.389 Once they did, he’d see their IP address visited their website and he’d copy and 00:04:29.389 --> 00:04:32.460 paste that IP into LOIC, and boom. 00:04:32.460 --> 00:04:39.740 CAM: You put it in LOIC and then you hit their IP address, you put it in and just hit LOIC. 00:04:39.740 --> 00:04:44.800 Then you type in like, bot53 or – obviously if you hit DNS, it’s probably the best way 00:04:44.800 --> 00:04:50.289 to go about it to knock them offline or do it less so you can make them lag. 00:04:50.289 --> 00:04:54.820 JACK: With these online shooter games, when two opponents see each other, it’s kind 00:04:54.820 --> 00:04:59.570 of like a game of who can draw their weapon fastest and have better aim? 00:04:59.570 --> 00:05:04.919 Since Cam could slow down the opponent’s internet connection, they might not see Cam 00:05:04.919 --> 00:05:10.560 for just a half a second after Cam saw them, which is called lagging in an online game, 00:05:10.560 --> 00:05:13.970 and this would be enough just for Cam to outdraw them and kill them. 00:05:13.970 --> 00:05:19.039 CAM: Well yeah, ‘cause it makes them stand still on my screen. 00:05:19.039 --> 00:05:22.350 They disconnect from the server, the video game server. 00:05:22.350 --> 00:05:24.120 Then I could kill them. 00:05:24.120 --> 00:05:26.069 [MUSIC] They think they’re shooting at me. 00:05:26.069 --> 00:05:29.520 Then they come back and they – it not lags anymore and then they’re dead. 00:05:29.520 --> 00:05:33.319 JACK: He says that a few times he would talk trash in the game, people would message him. 00:05:33.319 --> 00:05:37.420 He’d keep talking trash and then they’d take it to a one versus one match. 00:05:37.420 --> 00:05:42.139 That’s when he’d hit them with the Cannon and make them lag or disconnect which might 00:05:42.139 --> 00:05:46.120 not sound like a big deal but let me tell you; if you were in the middle of a heated 00:05:46.120 --> 00:05:51.550 argument with some fourteen-year-old kid online and you decide to battle him one-on-one just 00:05:51.550 --> 00:05:57.919 to show him how bad he is, and you lag exactly five seconds into the game starting, only 00:05:57.919 --> 00:06:00.570 to come back and see that you’re dead on the screen. 00:06:00.570 --> 00:06:03.169 It would make you furious. 00:06:03.169 --> 00:06:05.190 You’d say go again! 00:06:05.190 --> 00:06:09.840 The game would start again and just at the worst possible time, you would lag again and 00:06:09.840 --> 00:06:12.069 die. You’d say go again! 00:06:12.069 --> 00:06:16.000 Again, you would lag and die and just get increasingly upset to the point you might 00:06:16.000 --> 00:06:18.660 just punch your own keyboard and scream. 00:06:18.660 --> 00:06:19.660 Aargh! 00:06:19.660 --> 00:06:22.389 All that would just be really funny to Cam. 00:06:22.389 --> 00:06:27.069 CAM: Overall, on the video game side of things, you’ve not beaten them ‘cause that’s 00:06:27.069 --> 00:06:30.490 like kind of like you’re admitting that they’re better than you. 00:06:30.490 --> 00:06:35.210 But on the grand scale of everything that went on, you kind of trumped them. 00:06:35.210 --> 00:06:36.800 That’s kind of where I got the satisfaction from. 00:06:36.800 --> 00:06:43.350 It was like you may be better than me at the video game but I’ve just completely trumped 00:06:43.350 --> 00:06:46.510 you so therefore I win, sort of thing. 00:06:46.510 --> 00:06:50.200 JACK: This was cool but it still required people to click that link to get their IP 00:06:50.200 --> 00:06:52.199 and not everyone would click it. 00:06:52.199 --> 00:06:54.539 So, he thought up ways to improve this. 00:06:54.539 --> 00:06:59.160 He figured out when players compete against each other on some PS3 games, they directly 00:06:59.160 --> 00:07:04.639 connected to each other’s PS3s and didn’t go through some central server or something. 00:07:04.639 --> 00:07:07.000 This is known as peer-to-peer connections. 00:07:07.000 --> 00:07:11.949 CAM: Yeah, a lot of them were peer-to-peer on PS3, that’s what happened on the old 00:07:11.949 --> 00:07:13.150 generation consoles. 00:07:13.150 --> 00:07:17.470 JACK: Knowing this, he realized that all his opponent’s IP addresses were actually routing 00:07:17.470 --> 00:07:22.780 through the network in his house which meant if he could look at what IPs were connecting 00:07:22.780 --> 00:07:27.020 to his PS3, he might be able to figure out whose IP was whose. 00:07:27.020 --> 00:07:32.530 [MUSIC] So, he unplugs his PS3, plugs it into a computer to be in line of the PS3 which 00:07:32.530 --> 00:07:36.690 could then sniff all the traffic that was going through it, and then he’d watch all 00:07:36.690 --> 00:07:40.870 the IP addresses connecting to his PS3 in the game. 00:07:40.870 --> 00:07:45.150 In these games he would play, some people would be able to do voice chat and talk with 00:07:45.150 --> 00:07:51.060 each other, so he would do clever things like mute everyone except the one person he wanted 00:07:51.060 --> 00:07:52.060 to know their IP. 00:07:52.060 --> 00:07:56.690 CAM: If you mute everyone else but one person, there’s a significantly more amount of traffic 00:07:56.690 --> 00:08:00.639 coming from one person that’s your target’s IP address ‘cause their mic’s on. 00:08:00.639 --> 00:08:01.849 JACK: Clever kid, huh? 00:08:01.849 --> 00:08:06.470 Because with this, he could start matching in-game names to the IP addresses since that 00:08:06.470 --> 00:08:10.669 person talking simply had more traffic coming over than any other IPs. 00:08:10.669 --> 00:08:12.940 CAM: Then you could just boot them offline that way. 00:08:12.940 --> 00:08:14.510 Do the same thing with LOIC. 00:08:14.510 --> 00:08:18.310 JACK: Now, when you’re a fourteen-year-old kid doing this kind of stuff, your friends 00:08:18.310 --> 00:08:19.850 think it’s funny. 00:08:19.850 --> 00:08:23.110 When you’re just [00:10:00] learning from things like YouTube tutorials and stuff, there’s 00:08:23.110 --> 00:08:25.221 not always a warning telling you not to do it. 00:08:25.221 --> 00:08:27.250 It just seems normal. 00:08:27.250 --> 00:08:29.870 CAM: It was just totally okay to be doing everything I was doing. 00:08:29.870 --> 00:08:35.820 There was no doubt in my mind that it was illegal or anything like that at this time. 00:08:35.820 --> 00:08:38.330 JACK: Well, have we gotten into anything illegal yet? 00:08:38.330 --> 00:08:43.469 CAM: Well, booting people offline is illegal. 00:08:43.469 --> 00:08:45.950 JACK: Okay. How so? 00:08:45.950 --> 00:08:48.720 CAM: Well, ‘cause you’re disconnecting them. 00:08:48.720 --> 00:08:56.010 If you’re Dossing them, that DoS is illegal under The Misuse of Computers Act. 00:08:56.010 --> 00:09:01.600 JACK: [MUSIC] Cam spent a lot of time playing PlayStation. 00:09:01.600 --> 00:09:05.620 There was this one kid though; he was a few years older than Cam. 00:09:05.620 --> 00:09:08.260 They actually went to the same school in Cornwall. 00:09:08.260 --> 00:09:10.630 For some reason, he didn’t like Cam. 00:09:10.630 --> 00:09:15.990 He would give Cam a lot of trouble in the game, getting angry with Cam about being jealous 00:09:15.990 --> 00:09:19.710 that a mutual friend was playing with Cam but not him. 00:09:19.710 --> 00:09:23.260 Cam didn’t like this attitude he was getting from this kid. 00:09:23.260 --> 00:09:25.380 CAM: So, I booted him offline. 00:09:25.380 --> 00:09:30.529 His mom called my friend’s mom who then called my mom, and that’s when I realized 00:09:30.529 --> 00:09:34.100 oh god, this is more serious that I’ve realized. 00:09:34.100 --> 00:09:36.630 I kind of just thought like, it’s a bit pathetic. 00:09:36.630 --> 00:09:38.839 I mean, I didn’t realize it was serious. 00:09:38.839 --> 00:09:43.580 I didn’t of anything other than the kid not being able to play Xbox for three minutes 00:09:43.580 --> 00:09:44.820 or whatever. 00:09:44.820 --> 00:09:50.050 But obviously there’s wider facts to be considered like they’re paying for that 00:09:50.050 --> 00:09:51.050 and that sort of thing. 00:09:51.050 --> 00:09:56.500 But I had a whole speech from my mom about why I shouldn’t do it, but my mother didn’t 00:09:56.500 --> 00:09:57.960 really understand it. 00:09:57.960 --> 00:10:03.050 She kind of just said like, don’t do it, whatever it is you’re doing, sort of thing, 00:10:03.050 --> 00:10:08.839 ‘cause my mom doesn’t really deal with computers or anything similar. 00:10:08.839 --> 00:10:10.100 JACK: Okay. 00:10:10.100 --> 00:10:12.779 So, did you take warning here or did you keep doing it? 00:10:12.779 --> 00:10:15.390 CAM: Yeah, no, I didn’t take warning from it. 00:10:15.390 --> 00:10:20.829 Just because my mom was kind of like – she kind of took it as though I were just beating 00:10:20.829 --> 00:10:22.820 him on the video game. 00:10:22.820 --> 00:10:29.310 JACK: [MUSIC] So, Cam kept at it, refining his methods and strategies to boot people 00:10:29.310 --> 00:10:31.180 offline in a more effective way. 00:10:31.180 --> 00:10:35.720 But think about where someone like him might hang out online at this point; hacker forums, 00:10:35.720 --> 00:10:39.650 chat rooms, gaming forums, or other places that might talk about hacking. 00:10:39.650 --> 00:10:44.560 I mean, the kid is inquisitive and he wants to know more about how all this stuff works. 00:10:44.560 --> 00:10:46.320 He’s thirsty to learn more. 00:10:46.320 --> 00:10:49.560 He starts meeting other hackers online and makes some friends with them. 00:10:49.560 --> 00:10:53.800 Then in one of these chat rooms, a hacker friend gave Cam a stressor. 00:10:53.800 --> 00:10:59.250 CAM: I was given a free stressor by someone that I knew. 00:10:59.250 --> 00:11:01.760 They took part in the Operation Fun Kill. 00:11:01.760 --> 00:11:02.760 They gave it to me. 00:11:02.760 --> 00:11:03.760 They were just like yeah, have fun with it. 00:11:03.760 --> 00:11:07.709 ‘Cause I bet you he said I could never afford it. 00:11:07.709 --> 00:11:09.910 JACK: Okay, so what’s a stressor? 00:11:09.910 --> 00:11:14.300 Up until this point, Cam has been doing all these DoS attacks using LOIC, right? 00:11:14.300 --> 00:11:19.980 Well like he was saying, this is illegal so not everyone wants to run a denial-of-service 00:11:19.980 --> 00:11:21.190 attack from their own house. 00:11:21.190 --> 00:11:25.980 Yeah, sure, he could run it through a VPN or something but hey, Cam doesn’t want to 00:11:25.980 --> 00:11:28.089 bog down his own network, right? 00:11:28.089 --> 00:11:31.990 If he were to attack some other people, he might lag himself which is not what he wants 00:11:31.990 --> 00:11:32.990 to do. 00:11:32.990 --> 00:11:36.440 So, sending a huge amount of packets to someone else online just to make them lag isn’t 00:11:36.440 --> 00:11:38.540 exactly the best idea. 00:11:38.540 --> 00:11:40.172 This is where a stressor solves that problem. 00:11:40.172 --> 00:11:48.019 [MUSIC] A stressor is simple DoS as a service, so someone sets up a botnet or a bunch of 00:11:48.019 --> 00:11:52.230 servers capable of sending gigs and gigs of data to an IP address. 00:11:52.230 --> 00:11:57.399 It generates even more traffic than the Low Orbit Ion Cannon that Cam was using. 00:11:57.399 --> 00:12:02.011 You pay someone to use this service; you just go there, put in an IP address, hit go, and 00:12:02.011 --> 00:12:07.709 whoever’s IP that belongs to is now facing tons and tons of incoming traffic which will 00:12:07.709 --> 00:12:10.339 probably knock them offline. 00:12:10.339 --> 00:12:14.930 People call these things stressors to try to market it as some stress testing tool to 00:12:14.930 --> 00:12:20.040 test if your site can handle a denial-of-service attack but really, these things are just weapons 00:12:20.040 --> 00:12:22.070 and they’re used to attack victims. 00:12:22.070 --> 00:12:25.000 This guy lets Cam use his stressor for free. 00:12:25.000 --> 00:12:27.500 CAM: He basically started sharing stuff on Twitter. 00:12:27.500 --> 00:12:32.480 As I mentioned, he was involved in Operation Fun Kill which is part of like, Anonymous 00:12:32.480 --> 00:12:33.480 Operation. 00:12:33.480 --> 00:12:36.029 It has to do with Sea World and these zoos. 00:12:36.029 --> 00:12:38.630 ANON: Greetings, citizens of the world. 00:12:38.630 --> 00:12:40.959 We are Anonymous. 00:12:40.959 --> 00:12:46.449 Greedy corporations are destroying nature and the corruption of governments allow it. 00:12:46.449 --> 00:12:52.690 99% of this is happening for one reason only; money. 00:12:52.690 --> 00:12:59.070 There is no excuse for animal abuse and now the animals will fight back. 00:12:59.070 --> 00:13:04.870 This power will stand for animal rights and as long these rights are disrespected, we 00:13:04.870 --> 00:13:10.889 will be here ripping through your servers, hacking, leaking, deleting, and defacing as 00:13:10.889 --> 00:13:16.120 we go, spreading our message without mercy or restraint. 00:13:16.120 --> 00:13:17.709 We are Anonymous. 00:13:17.709 --> 00:13:20.079 We are legion. 00:13:20.079 --> 00:13:21.950 We do [00:15:00] not forgive. 00:13:21.950 --> 00:13:23.750 We do not forget. 00:13:23.750 --> 00:13:26.940 Abusers, expect us. 00:13:26.940 --> 00:13:35.260 CAM: It was just like the whales being slaughtered in the ocean and the whales dying at Sea World 00:13:35.260 --> 00:13:37.130 and the blood in the water. 00:13:37.130 --> 00:13:39.660 I really remember this; this is honestly the truth. 00:13:39.660 --> 00:13:41.490 I remember I felt so sick. 00:13:41.490 --> 00:13:44.199 I just thought, that’s awful. 00:13:44.199 --> 00:13:48.600 But it wasn’t an immediate thought yeah, I’ve gotta DDoS them. 00:13:48.600 --> 00:13:51.380 There’s more of like a, I wonder what I can do? 00:13:51.380 --> 00:13:55.670 I can’t sign petitions because I didn’t have any help from my mom. 00:13:55.670 --> 00:13:59.150 It was kind of like animal rights sort of thing. 00:13:59.150 --> 00:14:01.690 They’re not able to defend themselves. 00:14:01.690 --> 00:14:04.900 It was quite a big impact on me. 00:14:04.900 --> 00:14:11.610 He says you can join in by DDossing them offline using the stressor. 00:14:11.610 --> 00:14:14.060 JACK: DDossing Sea World in California? 00:14:14.060 --> 00:14:15.899 CAM: Yeah, Sea World. 00:14:15.899 --> 00:14:21.269 He just sends me this entire attack list that they’re all going for. 00:14:21.269 --> 00:14:23.410 He’s just like yeah, see what you can do. 00:14:23.410 --> 00:14:25.230 I just basically started pressing buttons. 00:14:25.230 --> 00:14:30.230 JACK: Now, keep in mind, this was happening in 2014 and this was just after the documentary 00:14:30.230 --> 00:14:32.610 Blackfish came out. 00:14:32.610 --> 00:14:38.960 [WHALE SINGING] This was a film which exposed the cruel practices that Sea World and other 00:14:38.960 --> 00:14:40.490 wild animal parks were doing. 00:14:40.490 --> 00:14:43.260 SPKR1: I’ve been expecting somebody to be killed by Tilikum. 00:14:43.260 --> 00:14:47.550 SPKR2: We weren’t told much about it other than it was trainer error. 00:14:47.550 --> 00:14:48.750 SPKR3: It didn’t just happen. 00:14:48.750 --> 00:14:49.790 It’s not a singular event. 00:14:49.790 --> 00:14:51.910 You have to go back to understand this. 00:14:51.910 --> 00:14:54.620 JACK: It had a huge impact on many people. 00:14:54.620 --> 00:14:57.670 [BACKGROUND TALK] As it turns out, it also affected Cam. 00:14:57.670 --> 00:15:02.509 So, here he was, upset that this was going on. 00:15:02.509 --> 00:15:09.430 In his hands was essentially a cannon which he could use to attack Sea World or other 00:15:09.430 --> 00:15:11.839 places conducting this bad behavior. 00:15:11.839 --> 00:15:17.459 SPKR4: We stored these whales in what we call a module which was twenty feet across and 00:15:17.459 --> 00:15:21.579 thirty feet deep, and the lights were all turned out. 00:15:21.579 --> 00:15:24.350 Probably led to what I think is a psychosis. 00:15:24.350 --> 00:15:31.550 SPKR5: All whales in captivity are all psychologically traumatized. 00:15:31.550 --> 00:15:32.820 It’s not just Tilikum… 00:15:32.820 --> 00:15:34.560 JACK: [BACKGROUND TALK] It all builds up for him. 00:15:34.560 --> 00:15:38.139 He decided to take action and start pushing buttons. 00:15:38.139 --> 00:15:43.790 [MUSIC] He would access the stressor, put in an IP of one of the animal parks, and start 00:15:43.790 --> 00:15:46.850 hitting it hard with a denial-of-service attack. 00:15:46.850 --> 00:15:53.060 He was knocking websites offline with a few simple clicks of a button which had a real-life 00:15:53.060 --> 00:15:54.760 impact on these parks. 00:15:54.760 --> 00:16:02.611 CAM: But once I started getting good at it, it was definitely like I was being egged on 00:16:02.611 --> 00:16:09.240 by them to – it was like, the one man DDossed the bank and all that, sort of nicknames. 00:16:09.240 --> 00:16:13.440 They just sent me what they want to take offline and I’d do it. 00:16:13.440 --> 00:16:14.440 It would be offline. 00:16:14.440 --> 00:16:24.209 It’s because I had one stressor and then I’d barter with someone and then eventually 00:16:24.209 --> 00:16:25.645 coerce them to give me their stressor as well. 00:16:25.645 --> 00:16:30.700 So, I’d eventually just go around from one stressor to the next stressor, ‘cause I 00:16:30.700 --> 00:16:32.310 have the power of two stressors. 00:16:32.310 --> 00:16:39.759 I get the third stressor and then just move forward like that until I have like, ten accounts 00:16:39.759 --> 00:16:40.800 on different stressors. 00:16:40.800 --> 00:16:45.670 JACK: Keep in mind, these stressors cost like, a monthly fee or something to use them. 00:16:45.670 --> 00:16:49.440 Cam didn’t have the money; he was fourteen years old, and that’s why he traded with 00:16:49.440 --> 00:16:53.130 these people to get access to more of them for free. 00:16:53.130 --> 00:16:57.110 He would be able to keep the heat up by hammering on these places that were mistreating their 00:16:57.110 --> 00:16:58.360 animals. 00:16:58.360 --> 00:17:01.020 This would result in websites going down. 00:17:01.020 --> 00:17:03.540 CAM: Oh, it was definitely great. 00:17:03.540 --> 00:17:05.020 It was great. 00:17:05.020 --> 00:17:07.970 You feel like an omnipotent god or something. 00:17:07.970 --> 00:17:10.110 It was like yeah, I’ve done that. 00:17:10.110 --> 00:17:11.110 That’s the result of my actions. 00:17:11.110 --> 00:17:14.370 JACK: After he would knock a target offline, he’d watch to see what they’d do after. 00:17:14.370 --> 00:17:19.400 CAM: They didn’t directly do anything such as like, change their ways or try to improve 00:17:19.400 --> 00:17:23.500 their animals’ health or anything, or try and get people to stop it. 00:17:23.500 --> 00:17:27.059 It was more like – we’ll get like, Akamai CDN involved. 00:17:27.059 --> 00:17:31.520 That’ll stop this, and stuff like that. 00:17:31.520 --> 00:17:35.980 JACK: Akamai CDN is a company that is a content distribution network. 00:17:35.980 --> 00:17:40.550 By signing up for CDN, it makes your website significantly more resilient and it’s kind 00:17:40.550 --> 00:17:43.740 of shielded and has bigger bandwidth so it’s harder to take down. 00:17:43.740 --> 00:17:48.850 But this didn’t slow down Cam; with ten stressors at his ready, he could still make 00:17:48.850 --> 00:17:52.169 a pretty significant impact on some of these sites. 00:17:52.169 --> 00:17:56.570 Again, what he was really upset with were how these places were mistreating their animals. 00:17:56.570 --> 00:18:00.920 He didn’t believe animals should be mistreated this way and this was the main reason he was 00:18:00.920 --> 00:18:01.960 doing all this hacking. 00:18:01.960 --> 00:18:05.700 CAM: Yeah, like I say, it started out being like that. 00:18:05.700 --> 00:18:10.460 It still was towards the end but it was also a good thing for me ‘cause like I said, 00:18:10.460 --> 00:18:12.210 it gives you a buzz. 00:18:12.210 --> 00:18:15.950 You end up being egged on and then you get support and you gain a following. 00:18:15.950 --> 00:18:25.070 I gained a following of about 27,000 [00:20:00] on Twitter, I believe, on one of my Twitter 00:18:25.070 --> 00:18:27.070 accounts. Then… 00:18:27.070 --> 00:18:29.590 JACK: Your own Twitter account got 27,000 followers? 00:18:29.590 --> 00:18:35.600 CAM: Yeah, it got 27,000 followers when I was fourteen. 00:18:35.600 --> 00:18:37.370 JACK: How did you get so many followers there? 00:18:37.370 --> 00:18:42.920 CAM: Like I said, it was just vegan, vegetarian communities and also anonymous people. 00:18:42.920 --> 00:18:45.950 They followed me and supported what I was doing. 00:18:45.950 --> 00:18:51.900 JACK: So, you were publically saying on your Twitter account look, I’m taking down this 00:18:51.900 --> 00:18:54.140 website and then you were tweeting a lot about it? 00:18:54.140 --> 00:18:55.350 Is that what was going on? 00:18:55.350 --> 00:18:57.929 CAM: Yeah, that was my main weakness. 00:18:57.929 --> 00:19:01.360 I was just straight-up on my Twitter page just saying what I was doing. 00:19:01.360 --> 00:19:03.730 I’d post all that #tangodown stuff. 00:19:03.730 --> 00:19:07.030 JACK: Were you nervous when you were hitting the attack key? 00:19:07.030 --> 00:19:09.240 CAM: No, I wasn’t, no. 00:19:09.240 --> 00:19:10.730 I was never nervous about it at all. 00:19:10.730 --> 00:19:12.309 JACK: Was there a hesitation at all? 00:19:12.309 --> 00:19:14.700 CAM: No, not even once. 00:19:14.700 --> 00:19:19.250 JACK: Okay, now you’ve taken it down and you’re on Twitter. 00:19:19.250 --> 00:19:22.630 Is there any sort of hesitation or nervousness about publically tweeting it? 00:19:22.630 --> 00:19:25.720 CAM: Nope, not at all. 00:19:25.720 --> 00:19:30.090 JACK: So, was there a sense of pride then or something? 00:19:30.090 --> 00:19:36.590 CAM: Yeah, it’s definitely more a pride thing, especially with Sea World and the other 00:19:36.590 --> 00:19:38.060 sites I was talking about. 00:19:38.060 --> 00:19:41.630 It was definitely more of a pride thing than it was a nervous thing. 00:19:41.630 --> 00:19:48.240 JACK: Yeah, I mean, I’m trying to balance this with the real world again, right? 00:19:48.240 --> 00:19:52.780 After doing – I don’t know if this a night of attacks or something; now you have to go 00:19:52.780 --> 00:19:56.000 back to school at fourteen. 00:19:56.000 --> 00:20:02.309 What is class like for a person who has like, 37,000 followers on Twitter, hacking Sea World 00:20:02.309 --> 00:20:05.270 at night, and then in the morning going to math class? 00:20:05.270 --> 00:20:09.909 CAM: That’s actually quite funny, to be fair. 00:20:09.909 --> 00:20:15.500 I remember sitting in classes and we’d be like – this is how bad it got; we sat in 00:20:15.500 --> 00:20:18.740 class, me and my friends, and be like – the teacher would say alright, we’re using this 00:20:18.740 --> 00:20:19.740 site today. 00:20:19.740 --> 00:20:20.820 It’s a quiz website, for example. 00:20:20.820 --> 00:20:23.929 They’d be like yeah, everyone go to this website, we’ll do a quiz. 00:20:23.929 --> 00:20:28.210 I’d sit back with my friends and then I’d be like guys, watch this. 00:20:28.210 --> 00:20:34.080 Then I would like go on my phone and I’d remote in to my server and then I’d launch 00:20:34.080 --> 00:20:37.600 an attack against this website for no reason at all. 00:20:37.600 --> 00:20:44.390 Then it’d go down, the teacher would stand there all awkwardly and be like oh, this website’s 00:20:44.390 --> 00:20:47.500 gone down so we can’t do that today. 00:20:47.500 --> 00:20:49.539 I’d immediately stop it and then it would come back up. 00:20:49.539 --> 00:20:53.299 Yeah, it’d be quite funny in that sense. 00:20:53.299 --> 00:20:57.470 JACK: Oh man, yeah, I see. 00:20:57.470 --> 00:21:01.419 Yeah, this can’t have a good ending. 00:21:01.419 --> 00:21:02.690 Let’s back up a second. 00:21:02.690 --> 00:21:03.789 You said the word activist. 00:21:03.789 --> 00:21:07.460 Did you feel like an activist when you were doing things for the animal rights? 00:21:07.460 --> 00:21:08.460 CAM: Yeah, definitely. 00:21:08.460 --> 00:21:11.170 ‘Cause I obviously didn’t like the photos that I saw. 00:21:11.170 --> 00:21:18.140 Honestly, I shouldn’t have seen the photos that I saw, what they were doing, at fourteen. 00:21:18.140 --> 00:21:19.559 It was gruesome. 00:21:19.559 --> 00:21:24.490 Honestly, that was what it was. 00:21:24.490 --> 00:21:27.390 Even at that time it still was, like I said, about being power hungry. 00:21:27.390 --> 00:21:32.240 There were still – most of the attacks I was doing was based on activism and trying 00:21:32.240 --> 00:21:33.760 to do everything I could to help, to be honest. 00:21:33.760 --> 00:21:39.890 Obviously, a fourteen-year-old going to California to stand there and protest with a sign, nobody’s 00:21:39.890 --> 00:21:43.909 going to listen to me standing there shouting about how bad they treat animals. 00:21:43.909 --> 00:21:51.039 I guess they’d listen to me more if I was doing something to affect them. 00:21:51.039 --> 00:21:56.169 JACK: [MUSIC] Cam kept getting new IPs as targets to attack with his stressors and he 00:21:56.169 --> 00:21:58.450 kept taking down sites. 00:21:58.450 --> 00:22:02.680 He flat-out attacked anything he could; in the Japanese town of Taiji, where an annual 00:22:02.680 --> 00:22:07.880 dolphin hunt takes place, and he hit Iraq’s Ministry of Foreign Affairs, and the Department 00:22:07.880 --> 00:22:13.070 of Agriculture in Thailand, China’s security ministry, and a few zoos. 00:22:13.070 --> 00:22:19.030 But Sea World is where he spent a lot of time trying to cause as much damage as he could. 00:22:19.030 --> 00:22:23.100 He continued to DDoS Sea World over and over. 00:22:23.100 --> 00:22:25.179 CAM: I remember seeing them post about it. 00:22:25.179 --> 00:22:29.549 They’d say like, we’re bringing in incident responders to deal with this. 00:22:29.549 --> 00:22:33.710 We backed up the website, we’re backing up reservations and all this. 00:22:33.710 --> 00:22:39.880 Right, so I saw them post and say yeah, you can’t book your stuff and we’re really 00:22:39.880 --> 00:22:40.880 sorry. 00:22:40.880 --> 00:22:47.070 Even at that time I had no idea it was illegal, even when I saw them apologizing to customers 00:22:47.070 --> 00:22:50.659 about not being able to book their visits to Sea World and such. 00:22:50.659 --> 00:22:56.380 JACK: Well, that had to have a feeling of like, you were winning as an activist hacker, 00:22:56.380 --> 00:22:57.460 a hacktivist. 00:22:57.460 --> 00:23:03.130 CAM: Yeah, it was an overpowering feeling of winning rather than any – that’s what 00:23:03.130 --> 00:23:06.140 overpowered the feeling of nervousness. 00:23:06.140 --> 00:23:11.390 JACK: Now typically when he would take down a website, he would only take it down for 00:23:11.390 --> 00:23:13.630 like, a half an hour or a couple hours. 00:23:13.630 --> 00:23:20.230 CAM: It was Sea World and then it became – I remember distinctly a Dutch zoo. 00:23:20.230 --> 00:23:23.080 [00:25:00] Then I did Sea World. 00:23:23.080 --> 00:23:27.630 I fell asleep and that was that; it was never heard of again. 00:23:27.630 --> 00:23:33.429 Then I was like, Jesus, Sea World and this zoo have been down for a very long time. 00:23:33.429 --> 00:23:37.660 JACK: Yeah, he accidentally forgot to turn the attack off. 00:23:37.660 --> 00:23:40.780 He fell asleep and left it running all night. 00:23:40.780 --> 00:23:44.080 This was a mistake; he didn’t mean for it to run that long. 00:23:44.080 --> 00:23:48.510 This must have caused a big panic at Sea World and the Dutch zoo to have their site down 00:23:48.510 --> 00:23:49.860 for so long. 00:23:49.860 --> 00:23:56.690 The stressors kept running for weeks until Cam finally noticed and turned it off. 00:23:56.690 --> 00:24:01.020 But this wouldn’t be the last mistake that Cam made. 00:24:01.020 --> 00:24:05.600 After the break, we’ll hear what happened with the Cornwall Police. 00:24:05.600 --> 00:24:11.320 Now, Cam lived in the area of Cornwall in England at the time which is quite a big county. 00:24:11.320 --> 00:24:14.910 But it shares a police department with Devon, the neighboring county. 00:24:14.910 --> 00:24:18.909 It’s one police department but looks after multiple areas. 00:24:18.909 --> 00:24:22.110 Fourteen-year-old Cam was not happy with the police in Cornwall. 00:24:22.110 --> 00:24:24.590 CAM: We’d hang around in a park. 00:24:24.590 --> 00:24:27.990 They’d be like, well, you’re too old to hang around in the park ‘cause you’re 00:24:27.990 --> 00:24:29.350 fourteen and to go somewhere else. 00:24:29.350 --> 00:24:30.480 So, we’d go somewhere else. 00:24:30.480 --> 00:24:34.340 Oh, you can’t stand outside this shop because people want to walk in the shop. 00:24:34.340 --> 00:24:35.560 Okay, we’ll go to the field, then. 00:24:35.560 --> 00:24:38.020 You can’t stand in this field because there’s houses nearby. 00:24:38.020 --> 00:24:43.779 So, they’re basically like moving us – I felt like at the time, it was just moving 00:24:43.779 --> 00:24:44.840 us on from everywhere. 00:24:44.840 --> 00:24:51.910 It was definitely for good reason looking at it, but at the time I just felt slightly 00:24:51.910 --> 00:24:52.910 oppressed. 00:24:52.910 --> 00:24:54.460 Then I’d protest against it. 00:24:54.460 --> 00:24:57.890 JACK: Cam felt like he was being oppressed by the police. 00:24:57.890 --> 00:25:01.660 The police chased him out of the children’s park or the parking lot for just being too 00:25:01.660 --> 00:25:04.610 noisy and he felt frustrated by this. 00:25:04.610 --> 00:25:10.669 Combine this with his godlike powers that he felt like he had online; I mean, there’s 00:25:10.669 --> 00:25:14.669 27,000 people on Twitter cheering him on for some of the attacks he’s doing. 00:25:14.669 --> 00:25:17.140 This has gotta fuel a kid to go bigger. 00:25:17.140 --> 00:25:23.309 So, he decided to take down the Devon and Cornwall Police Department’s website. 00:25:23.309 --> 00:25:26.309 CAM: [MUSIC] I pinned it, right? 00:25:26.309 --> 00:25:28.809 Grabbed their IP, Dossed it. 00:25:28.809 --> 00:25:32.809 I DDossed it, sorry, with an NTP attack. 00:25:32.809 --> 00:25:37.290 JACK: At this point he’s been doing denial-of-service attacks for seven or eight months. 00:25:37.290 --> 00:25:41.070 He’s learned a lot and he’s graduated to more advanced techniques. 00:25:41.070 --> 00:25:46.010 For this one, he had his own dedicated server doing an NTP amplification attack. 00:25:46.010 --> 00:25:47.669 NTP is a Network Time Protocol. 00:25:47.669 --> 00:25:51.490 It’s how computers can check the time and there are thousands of computers in the world 00:25:51.490 --> 00:25:53.390 who act like public timekeepers. 00:25:53.390 --> 00:25:55.800 You can ask any of them hey, what time is it? 00:25:55.800 --> 00:25:56.960 And they’ll tell you. 00:25:56.960 --> 00:25:59.960 But it can also be used as a weapon. 00:25:59.960 --> 00:26:05.679 Suppose instead of asking what time it is, you ask for the time in every time zone in 00:26:05.679 --> 00:26:06.679 the world. 00:26:06.679 --> 00:26:11.330 You send one small request and you get back a huge chunk of data. 00:26:11.330 --> 00:26:18.570 Now, take that concept but spoof your IP so with that, you can ask the NTP server hey, 00:26:18.570 --> 00:26:22.740 what time is it for every time zone in the world, and by the way, when you respond, please 00:26:22.740 --> 00:26:26.820 tell this IP over here instead of me. 00:26:26.820 --> 00:26:30.419 Now the NTP server is sending a ton of traffic to your target victim. 00:26:30.419 --> 00:26:35.860 If you do this over and over again against thousands of NTP servers around the world, 00:26:35.860 --> 00:26:42.000 your victim gets overwhelmed with all these NTP servers telling them what time it is. 00:26:42.000 --> 00:26:46.159 Cam had built this system up himself so he could conduct these types of attacks. 00:26:46.159 --> 00:26:51.390 He launched it against the police department in his own town, but he was hesitant on this 00:26:51.390 --> 00:26:52.970 and only hit it for a little bit. 00:26:52.970 --> 00:26:57.500 CAM: No, no, I stopped it for like – I did it for like, five minutes and then it just 00:26:57.500 --> 00:27:01.120 stayed down for like, thirty-five minutes. 00:27:01.120 --> 00:27:07.320 JACK: [MUSIC] Even though he stopped his attack, the website stayed down. 00:27:07.320 --> 00:27:09.730 It wasn’t coming back up. 00:27:09.730 --> 00:27:12.560 [00:30:00] Something weird was going on. 00:27:12.560 --> 00:27:14.350 CAM: Then there was a bit of hesitation. 00:27:14.350 --> 00:27:17.510 I was like oh, damn. 00:27:17.510 --> 00:27:23.190 JACK: What likely happened was that somebody within the IT team at the police station just 00:27:23.190 --> 00:27:28.870 null-routed this incoming traffic, essentially taking down their own website temporarily 00:27:28.870 --> 00:27:32.059 just so that the rest of the network wouldn’t be impacted. 00:27:32.059 --> 00:27:36.500 CAM: It wasn’t like I had done something illegal; that was more like I’m gonna have 00:27:36.500 --> 00:27:37.780 to pay to fix that. 00:27:37.780 --> 00:27:40.690 Like I said, I stopped the attack. 00:27:40.690 --> 00:27:46.230 Before every time they’d come back up, after I stopped the attack – I stopped it and 00:27:46.230 --> 00:27:53.269 it just didn’t come back so then I thought oh my god, if they catch me, I’m gonna have 00:27:53.269 --> 00:27:55.250 to pay to fix the hardware. 00:27:55.250 --> 00:27:59.169 JACK: But whatever, Cam had to go to school or go on to do other things so he just left 00:27:59.169 --> 00:28:00.169 this alone. 00:28:00.169 --> 00:28:01.440 He tried to stay low for a little bit. 00:28:01.440 --> 00:28:04.250 [MUSIC] A few days go by; all seems okay. 00:28:04.250 --> 00:28:09.649 Then one day, he’s walking to school in the morning and a few people start following 00:28:09.649 --> 00:28:11.100 him on the way to school. 00:28:11.100 --> 00:28:16.220 CAM: They’re walking behind me in suits and they just go, Cameron. 00:28:16.220 --> 00:28:17.910 I’m like, turn around. 00:28:17.910 --> 00:28:20.450 I’m like what does he want? 00:28:20.450 --> 00:28:22.140 I just go yeah? 00:28:22.140 --> 00:28:27.279 JACK: Cam turns back around, keeps walking towards school, and away from these guys. 00:28:27.279 --> 00:28:30.080 CAM: He said my name again. 00:28:30.080 --> 00:28:33.350 I’m like god, who is this guy? 00:28:33.350 --> 00:28:35.690 He’s like, you’re under arrest. 00:28:35.690 --> 00:28:36.690 I was like what? 00:28:36.690 --> 00:28:38.120 Then there’s two more men in suits behind him. 00:28:38.120 --> 00:28:40.240 I’m thinking this is the foreign FBI. 00:28:40.240 --> 00:28:44.480 I have no idea who they are ‘cause they’re not police. 00:28:44.480 --> 00:28:45.929 They’re not in police uniform. 00:28:45.929 --> 00:28:48.529 Then they’re like yeah, don’t try and run. 00:28:48.529 --> 00:28:53.420 I turned around and there was like a net of police officers across the grass, a good ten 00:28:53.420 --> 00:28:56.690 of them with like, tasers, vests. 00:28:56.690 --> 00:29:04.990 One of the police officers was about seven-and-a-half feet tall and I was like, oh my god. 00:29:04.990 --> 00:29:06.640 I felt like I was so closed in. 00:29:06.640 --> 00:29:11.720 It went from my high horse to being so small. 00:29:11.720 --> 00:29:15.380 My whole feeling just crashed. 00:29:15.380 --> 00:29:23.269 JACK: The police and men in suits surrounded him and arrested him. 00:29:23.269 --> 00:29:28.110 CAM: I got in the car, drove back to my house. 00:29:28.110 --> 00:29:31.399 I remember this; this is really imprinted in my mind. 00:29:31.399 --> 00:29:34.820 I knocked on the gate and my mom’s like, can I unlock the gate? 00:29:34.820 --> 00:29:36.519 ‘Cause the latch wouldn’t stay on. 00:29:36.519 --> 00:29:38.320 I knocked on the gate. 00:29:38.320 --> 00:29:40.840 My mom was like, who is it? 00:29:40.840 --> 00:29:42.279 I’m like, it’s me. 00:29:42.279 --> 00:29:43.360 I’ve been arrested. 00:29:43.360 --> 00:29:46.960 She was like oh, shut up, or something like that. 00:29:46.960 --> 00:29:51.620 I’m like no, no, I’ve actually been arrested. 00:29:51.620 --> 00:29:56.630 Then she’s like – then she just opened the gate and there’s me with, like I said, 00:29:56.630 --> 00:29:59.159 with the Trojan horse of police officers around me. 00:29:59.159 --> 00:30:05.964 Then the guy comes up to her, opens this warrant in my mom’s face and he’s like we’ve 00:30:05.964 --> 00:30:06.964 got a warrant, and just walks in. 00:30:06.964 --> 00:30:07.964 Then, yeah. 00:30:07.964 --> 00:30:12.669 JACK: The police searched his home, started seizing all his electronics, and asking him 00:30:12.669 --> 00:30:14.710 questions and filling out paperwork. 00:30:14.710 --> 00:30:17.010 CAM: They took everything electrical in the house. 00:30:17.010 --> 00:30:18.260 A bit honestly, they raided it. 00:30:18.260 --> 00:30:25.640 They took like, empty CD drives, they took rewriteable CDs, rewriteable DVDs, USB sticks, 00:30:25.640 --> 00:30:28.809 anything that had a USB connection. 00:30:28.809 --> 00:30:35.850 They took everything in my room apart from the TV and then they’re like, is that a 00:30:35.850 --> 00:30:36.850 PSP? 00:30:36.850 --> 00:30:37.850 I was just literally like, oh please don’t. 00:30:37.850 --> 00:30:38.850 But there’s nothing on here. 00:30:38.850 --> 00:30:41.179 The lady was like, alright, let me have a quick look now. 00:30:41.179 --> 00:30:43.300 If I don’t find anything, then you can keep it. 00:30:43.300 --> 00:30:47.350 JACK: They let him keep his PlayStation and while they were looking through his video 00:30:47.350 --> 00:30:49.410 games, something strange happened. 00:30:49.410 --> 00:30:54.179 CAM: Then it ended up being me playing COD against the arresting detective. 00:30:54.179 --> 00:30:55.419 JACK: You playing what? 00:30:55.419 --> 00:30:58.679 CAM: Call of Duty against the arresting detective. 00:30:58.679 --> 00:31:00.480 JACK: How did that happen? 00:31:00.480 --> 00:31:03.919 CAM: He asked me if I wanted to play COD. 00:31:03.919 --> 00:31:08.860 JACK: What cop comes in your house, says you’re under – we have a warrant for your arrest, 00:31:08.860 --> 00:31:10.260 you’re under arrest, you’re coming with us. 00:31:10.260 --> 00:31:11.870 Do you want to play video games with me? 00:31:11.870 --> 00:31:13.460 Like, that doesn’t happen. 00:31:13.460 --> 00:31:18.269 CAM: A good cop, bad cop that does that, that’s who does that. 00:31:18.269 --> 00:31:19.490 They were very good at it. 00:31:19.490 --> 00:31:22.690 It kind of baffled me; I was fourteen. 00:31:22.690 --> 00:31:29.149 I didn’t understand what this good cop, bad cop routine was, but I kind of – I set 00:31:29.149 --> 00:31:32.179 the whole thing up and that was part of their routine, I’m pretty sure. 00:31:32.179 --> 00:31:35.180 JACK: His mom was in shock from all of this. 00:31:35.180 --> 00:31:36.529 His dog was freaking out. 00:31:36.529 --> 00:31:41.860 More officers showed up and began doing forensics on his computer and network, plugging devices 00:31:41.860 --> 00:31:46.100 into his computer, plugging ethernet cables into his router, asking for his passwords 00:31:46.100 --> 00:31:47.570 to all his stuff. 00:31:47.570 --> 00:31:50.870 They took all his stuff, and they put him in the police car, and took him to the very 00:31:50.870 --> 00:31:54.390 station that he waged a denial-of-service attack on. 00:31:54.390 --> 00:31:58.190 They took most of his things, gave him some Crocs to wear instead of his shoes, and held 00:31:58.190 --> 00:32:00.240 him at the police station all day. 00:32:00.240 --> 00:32:01.470 CAM: I was just in there all day. 00:32:01.470 --> 00:32:06.070 I was in there from like, 8:00 a.m. to about 8:00 p.m. 00:32:06.070 --> 00:32:07.100 I got put in custody. 00:32:07.100 --> 00:32:11.149 They gave me a glass of water but it was the [00:35:00] smallest glass of water you’ve 00:32:11.149 --> 00:32:12.149 ever seen. 00:32:12.149 --> 00:32:13.149 It was like a shot glass. 00:32:13.149 --> 00:32:14.190 It was like this Styrofoam. 00:32:14.190 --> 00:32:18.669 For like, the next seven hours, that was my whole drink for seven hours. 00:32:18.669 --> 00:32:21.649 JACK: At this point he’s starting to regret what he did. 00:32:21.649 --> 00:32:25.169 CAM: I regretted all of it straight away. 00:32:25.169 --> 00:32:30.840 It was horrible ‘cause basically, my mom was in absolute tears and I just felt awful. 00:32:30.840 --> 00:32:32.200 That was the worst thing. 00:32:32.200 --> 00:32:33.330 She was just crying the whole day. 00:32:33.330 --> 00:32:36.110 I was like, I’m so sorry, mom. 00:32:36.110 --> 00:32:38.890 I kept saying I’m so sorry, mom. 00:32:38.890 --> 00:32:43.280 She didn’t know how to handle herself and I was like – she was just totally in shock, 00:32:43.280 --> 00:32:44.280 I bet. 00:32:44.280 --> 00:32:48.750 There was nothing I could do, obviously, nothing she could do. 00:32:48.750 --> 00:32:55.529 I think we both just felt completely powerless and that was the worst part of it all. 00:32:55.529 --> 00:32:59.010 JACK: He got out on bail that night and went back home. 00:32:59.010 --> 00:33:02.690 A few months later, he had to go to court to see what his punishment was. 00:33:02.690 --> 00:33:05.210 CAM: Yeah, I had a trial. 00:33:05.210 --> 00:33:11.683 I had a trial and it was honestly – I think it was genuinely, to this day, I think it 00:33:11.683 --> 00:33:12.683 was an unfair trial. 00:33:12.683 --> 00:33:14.149 I admitted to the DDoS attacks. 00:33:14.149 --> 00:33:19.149 The other thing I was accused of in the trial was the – there were bomb threats made against 00:33:19.149 --> 00:33:25.720 Delta Airlines, American Airlines, the White House, and the FBI. 00:33:25.720 --> 00:33:29.799 [MUSIC] It was a very, very complex court case. 00:33:29.799 --> 00:33:35.080 They charged me for this right before I went to court. 00:33:35.080 --> 00:33:39.540 JACK: He tells me he had nothing to do with these bomb threats, so he had to plead not 00:33:39.540 --> 00:33:44.049 guilty to the case which made the case go on longer. 00:33:44.049 --> 00:33:48.550 His lawyer didn’t know that much about cyber-security but was trying real hard to study up on it 00:33:48.550 --> 00:33:52.910 because the more the lawyer could know about computers, the more he might be able to convince 00:33:52.910 --> 00:33:55.980 a judge that he didn’t do the bomb threats. 00:33:55.980 --> 00:34:00.390 Cam was pleading guilty to the denial-of-service attacks against the police station but kept 00:34:00.390 --> 00:34:02.230 saying he didn’t do the bomb threats. 00:34:02.230 --> 00:34:08.389 The evidence they had on him, well, his Twitter account tweeted at Delta and American Airlines 00:34:08.389 --> 00:34:12.419 saying, “There’s a nice tick-tock in one of those lovely Boeing planes. 00:34:12.419 --> 00:34:13.419 Hurry, gentlemen. 00:34:13.419 --> 00:34:14.980 The clock is ticking. 00:34:14.980 --> 00:34:17.629 High quality.” End quote. 00:34:17.629 --> 00:34:19.190 Cam denied sending that tweet. 00:34:19.190 --> 00:34:21.680 He even denied that it was his Twitter account. 00:34:21.680 --> 00:34:26.060 He tried to explain to his lawyer the technical details of how all this got erroneously linked 00:34:26.060 --> 00:34:31.200 to him but his lawyer wasn’t tech-savvy enough to know how to disprove all this. 00:34:31.200 --> 00:34:33.810 CAM: They charged me as guilty for that, everything. 00:34:33.810 --> 00:34:36.570 They charged me as guilty for literally everything that was… 00:34:36.570 --> 00:34:38.869 JACK: They charged you guilty for the bomb threats, too? 00:34:38.869 --> 00:34:42.399 CAM: Yeah, yeah, I got charged for the bomb threats as well. 00:34:42.399 --> 00:34:46.710 But luckily, since the FBI classed it as not a risk and more of like a hoax. 00:34:46.710 --> 00:34:52.990 It was under civil disruptions rather than a terrorist thing. 00:34:52.990 --> 00:34:55.950 I was so lucky in that department. 00:34:55.950 --> 00:34:58.400 But it could have ended up a lot worse. 00:34:58.400 --> 00:35:03.560 JACK: Now that he’s been found guilty for sending in bomb threats to the White House, 00:35:03.560 --> 00:35:05.640 US authorities wanted to get involved. 00:35:05.640 --> 00:35:09.401 CAM: They, yeah, the Secret Service and the FBI, I believe they put in two requests to 00:35:09.401 --> 00:35:11.470 get me extradited. 00:35:11.470 --> 00:35:17.630 Then it was the court said no, but they overruled it ‘cause he’s fourteen years old. 00:35:17.630 --> 00:35:20.950 I got up to the High Court, and the High Court said no. 00:35:20.950 --> 00:35:28.060 I believe in the UK, the law is if you ask the High Court and they say no, that’s final. 00:35:28.060 --> 00:35:29.060 Then it stopped there. 00:35:29.060 --> 00:35:33.380 If I was older, I would have been extradited, I’m sure of it. 00:35:33.380 --> 00:35:37.109 JACK: Eventually, the UK judge gave Cam his sentence. 00:35:37.109 --> 00:35:42.670 CAM: They gave me 120 hours community service so I spent about seven months every Saturday 00:35:42.670 --> 00:35:44.660 morning – I’m sure I had school as well, so I couldn’t ditch out of school. 00:35:44.660 --> 00:35:49.339 But I had to spend every Saturday morning for seven or eight months doing charity shop 00:35:49.339 --> 00:35:52.569 work; doing assistant work at a charity shop. 00:35:52.569 --> 00:35:55.800 On a brighter note, I did all that. 00:35:55.800 --> 00:36:01.950 I got five years of intensive surveillance from the NCA. 00:36:01.950 --> 00:36:04.690 JACK: Cam was not sentenced to any jail time. 00:36:04.690 --> 00:36:10.540 His probation allowed him to use computers but like he said, UK’s National Crime Agency 00:36:10.540 --> 00:36:13.150 would monitor his online behavior. 00:36:13.150 --> 00:36:18.020 I’m not exactly sure how they do it but that was part of his punishment. 00:36:18.020 --> 00:36:22.980 Now, this whole incident scared Cam after that and because the NCA was watching him, 00:36:22.980 --> 00:36:26.910 he just decided to not use computers at all after that except for school. 00:36:26.910 --> 00:36:29.830 He had a probation officer who would check on him to make sure he wasn’t getting into 00:36:29.830 --> 00:36:31.000 any more trouble. 00:36:31.000 --> 00:36:36.360 His probation officer saw that Cam was doing well on probation and knew Cam was good at 00:36:36.360 --> 00:36:37.360 computers. 00:36:37.360 --> 00:36:42.160 So, the probation officer suggested that Cam go to this computer networking event in Bristol. 00:36:42.160 --> 00:36:46.050 CAM: The police told me to go to it, and I started my school so I was like well, everyone’s 00:36:46.050 --> 00:36:47.270 saying that I was gonna go to it. 00:36:47.270 --> 00:36:52.540 JACK: But it wasn’t just his local police telling him to go; the NCA which is UK’s 00:36:52.540 --> 00:36:57.890 National Crime Agency actually phoned up Cam and invited him to the event which was about 00:36:57.890 --> 00:36:59.060 three hours away. 00:36:59.060 --> 00:37:03.920 CAM: There were about thirty companies there in this museum in Bristol. 00:37:03.920 --> 00:37:07.310 [MUSIC] They all came together and they were like yeah, yeah, we’ll take you on. 00:37:07.310 --> 00:37:09.700 You’ll do this and do that, a career [00:40:00] road map, and all that sort of stuff. 00:37:09.700 --> 00:37:12.900 We did Capture the Flag but I had no idea how to capture a flag, obviously. 00:37:12.900 --> 00:37:14.250 I was just a script kitty. 00:37:14.250 --> 00:37:17.310 The whole time, I was a script kitty. 00:37:17.310 --> 00:37:21.520 JACK: Capture the Flag is a legal hacking challenge; a digital flag is hidden in the 00:37:21.520 --> 00:37:25.600 computer and companies want to see if you can find where it is by hacking into that 00:37:25.600 --> 00:37:26.600 computer. 00:37:26.600 --> 00:37:29.640 Because if you can do it, it kind of proves to companies that you know your stuff. 00:37:29.640 --> 00:37:35.619 But beyond that, what Cam saw there was that all these companies were looking to hire IT 00:37:35.619 --> 00:37:36.619 people. 00:37:36.619 --> 00:37:39.369 Not just that; some were looking to hire teenagers. 00:37:39.369 --> 00:37:46.730 But not just that; some had made a deal with the NCA to have reformed hackers do an apprenticeship 00:37:46.730 --> 00:37:50.420 with their company and Cam fit this. 00:37:50.420 --> 00:37:55.910 Being eighteen years old at the time and a reformed hacker, he picked up some information 00:37:55.910 --> 00:37:59.000 for a company that he could do an apprenticeship with. 00:37:59.000 --> 00:38:03.119 So, he became interested in taking on this apprenticeship for this IT company. 00:38:03.119 --> 00:38:07.960 CAM: So essentially, they were working with the NCA in partnership to launch this cyber-skills 00:38:07.960 --> 00:38:09.030 apprenticeship program. 00:38:09.030 --> 00:38:17.050 That’s ultimately a conglomeration or something called Hack which is like a program they set 00:38:17.050 --> 00:38:23.470 up to bring young hackers towards security, and had bug bounties, and stuff like that. 00:38:23.470 --> 00:38:27.270 It wasn’t like a major bug bounty scheme but it was like, paying them a few hundred 00:38:27.270 --> 00:38:30.060 pounds to find bug bounties. 00:38:30.060 --> 00:38:35.400 It was easier to score the bug bounties rather than Bugcrowd and stuff like that. 00:38:35.400 --> 00:38:40.520 But I didn’t go in to apprenticeships; they gave me an apprenticeship in networking security 00:38:40.520 --> 00:38:44.140 and then monitoring on the SIEM. 00:38:44.140 --> 00:38:47.710 JACK: Cam got this apprenticeship with this company and they wanted him to look after 00:38:47.710 --> 00:38:48.710 their SIEM. 00:38:48.710 --> 00:38:52.190 A SIEM stands for Security Information and Event Manager. 00:38:52.190 --> 00:38:56.339 Basically, this company had a lot of logs and alerts coming into this application and 00:38:56.339 --> 00:39:00.920 it was Cam’s job to watch it and tell someone if something serious showed up on the screen. 00:39:00.920 --> 00:39:04.240 It’s a great experience for someone just starting out in security since you get to 00:39:04.240 --> 00:39:07.030 see a lot of alerts and get familiar with each of them. 00:39:07.030 --> 00:39:10.210 But I want to pause here and just kind of underline something. 00:39:10.210 --> 00:39:15.140 I think it’s incredible that the UK tried to reform a teenage hacker. 00:39:15.140 --> 00:39:18.069 To my knowledge, this kind of stuff just doesn’t happen in the US. 00:39:18.069 --> 00:39:21.790 As a teenager, if you get arrested for hacking, chances are you’re not gonna be able to 00:39:21.790 --> 00:39:24.050 use a computer again for years. 00:39:24.050 --> 00:39:28.480 It’s almost like the system is trying to steer you away from using computers ever again. 00:39:28.480 --> 00:39:32.770 But in the UK, it’s like they recognize that some of these teenage hackers have some 00:39:32.770 --> 00:39:37.340 real talent and just need some guidance to use it for good. 00:39:37.340 --> 00:39:40.569 Cam liked this job he was doing and he was doing well there. 00:39:40.569 --> 00:39:41.849 CAM: It was good. 00:39:41.849 --> 00:39:48.750 I actually – we did like, SIEM monitoring, firewall management, we did actually quite 00:39:48.750 --> 00:39:49.750 a lot and it’s very broad. 00:39:49.750 --> 00:39:52.030 But I actually ended up leaving the apprenticeship. 00:39:52.030 --> 00:39:59.440 I left the apprenticeship about ten months in out of the one year. 00:39:59.440 --> 00:40:02.609 That was due to a job offer I got here in Gloucester. 00:40:02.609 --> 00:40:07.150 It was in a different city as where I was before. 00:40:07.150 --> 00:40:10.570 JACK: The next job he tried to get was for a company called CSA. 00:40:10.570 --> 00:40:12.700 SEAN: So, my name’s Sean Tickle. 00:40:12.700 --> 00:40:16.800 I’m the SOC manager at the CSA which is Cyber Security Associates. 00:40:16.800 --> 00:40:19.800 We’re based in the UK, primarily. 00:40:19.800 --> 00:40:24.319 We do a lot of managed services, a lot of Red Team-, Blue Team-type stuff, you know, 00:40:24.319 --> 00:40:25.319 protecting clients. 00:40:25.319 --> 00:40:27.220 JACK: Sean is Cam’s new boss. 00:40:27.220 --> 00:40:31.100 SEAN: [MUSIC] Do you want me to give you the breakdown of how we kind of on-boarded him 00:40:31.100 --> 00:40:32.100 in the first place? 00:40:32.100 --> 00:40:34.010 ‘Cause it all kind of came up in his interview. 00:40:34.010 --> 00:40:35.010 JACK: Yeah. 00:40:35.010 --> 00:40:38.920 SEAN: So, basically, we were doing a new recruitment drive for some analysts and Cam kind of just 00:40:38.920 --> 00:40:42.740 came through one of our recruiters who we knew. 00:40:42.740 --> 00:40:47.880 The first thing that hit us about him was his passion for the industry. 00:40:47.880 --> 00:40:52.730 Everything he spoke about was just with such passion about like, the latest technologies, 00:40:52.730 --> 00:40:59.470 the latest processes, some of the stuff in the industry that we always face like user 00:40:59.470 --> 00:41:05.050 error, like senior C level executives just not getting security, that sort of stuff; 00:41:05.050 --> 00:41:07.140 the sort of stuff that’s kind of partial to the industry. 00:41:07.140 --> 00:41:09.490 It was really cool to talk to him about that. 00:41:09.490 --> 00:41:14.580 Then we always ask this one question which is, is there anything that may stop you from 00:41:14.580 --> 00:41:17.619 possibly being eligible for security clearance? 00:41:17.619 --> 00:41:19.930 Obviously with Cam’s past, he spoke about it. 00:41:19.930 --> 00:41:24.410 We weren’t aware of it at that time but we went through it all and basically, when 00:41:24.410 --> 00:41:32.250 he was around fourteen years old, he was responsible for quite a few things, but primarily it was 00:41:32.250 --> 00:41:33.730 the Sea World DDoS. 00:41:33.730 --> 00:41:38.940 The way he explains it, is it’s actually quite funny; the kids always get a laugh out 00:41:38.940 --> 00:41:39.940 of it. 00:41:39.940 --> 00:41:44.720 He ran the command to DDoS them. 00:41:44.720 --> 00:41:51.670 This is kind of what got me with Cam; he wasn’t just some kind of black hat looking to extort 00:41:51.670 --> 00:41:54.140 them or looking to just wreck them for no reason. 00:41:54.140 --> 00:41:58.940 Obviously, it was kind of a hacktivist thing for him because he didn’t believe in, obviously, 00:41:58.940 --> 00:42:05.850 Sea World’s practices and all that horrible stuff they were doing around that time and 00:42:05.850 --> 00:42:06.850 are still doing. 00:42:06.850 --> 00:42:11.460 He DDossed [00:45:00] them and he took their website offline, all the rest of it. 00:42:11.460 --> 00:42:18.109 What he forgot to do was – he fell asleep and he woke up to a blank terminal thinking 00:42:18.109 --> 00:42:21.002 that the attack had stopped and it hadn’t. 00:42:21.002 --> 00:42:24.960 It went on for about four weeks, I believe he said, until we realized what was going 00:42:24.960 --> 00:42:29.690 on and it cost them about 1.5 million or 1.3 or whatever. 00:42:29.690 --> 00:42:34.290 Not just in loss fees, obviously; you’ve got according specialists and active response 00:42:34.290 --> 00:42:37.230 and incident response and stuff like that. 00:42:37.230 --> 00:42:38.410 They took the hit there. 00:42:38.410 --> 00:42:43.349 But then there was – he said that’s when it started getting wrong for him from a power-hungry 00:42:43.349 --> 00:42:44.670 point of view. 00:42:44.670 --> 00:42:48.010 He had a minor disagreement with a police officer once ‘cause they were in a park, 00:42:48.010 --> 00:42:51.930 so he decided to DDoS their entire website and take it offline. 00:42:51.930 --> 00:42:55.410 I think that’s when he started realizing he was going wrong, and this is all the stuff 00:42:55.410 --> 00:42:57.810 the had said. 00:42:57.810 --> 00:43:02.079 Looking back at it now, he started making those errors and he really shouldn’t have 00:43:02.079 --> 00:43:05.440 ‘cause they didn’t do anything to him and obviously it’s the police; people do 00:43:05.440 --> 00:43:09.119 need to get in touch with them and that sort of stuff. 00:43:09.119 --> 00:43:13.980 So, then this is all – this all came out in one interview, so it was quite full-on. 00:43:13.980 --> 00:43:17.940 JACK: Yeah, this is interesting because I’ve been in a couple interviews and if you were 00:43:17.940 --> 00:43:22.800 to ask me what’s a mistake you’ve made in the past or what’s, you know, what’s 00:43:22.800 --> 00:43:24.579 a problem that we should know about? 00:43:24.579 --> 00:43:29.410 And he starts telling you about how he’s been arrested and he did this attack and this 00:43:29.410 --> 00:43:31.369 cyber-attack and all this stuff. 00:43:31.369 --> 00:43:34.050 What are you thinking when you’re listening to him say this? 00:43:34.050 --> 00:43:37.550 Like okay, nope, or what’s your thought process? 00:43:37.550 --> 00:43:42.420 SEAN: No, actually, maybe I’m one of the – I found it really interesting ‘cause 00:43:42.420 --> 00:43:50.970 for a lad of fourteen to be able to do this sort of stuff was like, insane, you know. 00:43:50.970 --> 00:43:55.490 What got me – if he said to me oh yeah, I just did it for a laugh or something like 00:43:55.490 --> 00:43:58.710 that, I would have been like okay, well, he’s obviously not passionate. 00:43:58.710 --> 00:44:02.050 He’s just doing it for kudos or whatever. 00:44:02.050 --> 00:44:06.380 But because he did it obviously from a hacktivist point of view, I actually started getting 00:44:06.380 --> 00:44:07.380 interested. 00:44:07.380 --> 00:44:10.930 Then it was kind of the genuine ‘I really shouldn’t have done this.’ 00:44:10.930 --> 00:44:16.069 But yeah, I think initially for probably about the first five minutes I was probably like 00:44:16.069 --> 00:44:18.541 oh my god, who have we got in on this call? 00:44:18.541 --> 00:44:23.550 ‘Cause the recruiter didn’t know anything about it anyway. 00:44:23.550 --> 00:44:28.280 We blitzed through the – ‘cause I was – we did a pretty rugged two-round interview 00:44:28.280 --> 00:44:34.599 process, the first round which he was in was like super technical on a whole array of stuff. 00:44:34.599 --> 00:44:36.960 He blitzed every single thing. 00:44:36.960 --> 00:44:37.960 He did amazing. 00:44:37.960 --> 00:44:42.030 We were like oh my god, this is it, we definitely need to get this guy in, especially ‘cause 00:44:42.030 --> 00:44:43.030 Cameron’s nineteen. 00:44:43.030 --> 00:44:48.210 For him to go for all this over this period of time, you’d have to have been pretty 00:44:48.210 --> 00:44:49.440 young to do it. 00:44:49.440 --> 00:44:51.200 Obviously, Cameron was like, fourteen. 00:44:51.200 --> 00:44:56.780 But yeah, after that, and I think talking to him and saying to him like, well, why did 00:44:56.780 --> 00:44:57.780 you do it? 00:44:57.780 --> 00:44:58.780 What did you think about it? 00:44:58.780 --> 00:44:59.780 Do you regret it? 00:44:59.780 --> 00:45:02.970 And all the rest of the stuff that you kind of go through your head at that point. 00:45:02.970 --> 00:45:07.540 He showed genuine remorse for it, that he shouldn’t have done it. 00:45:07.540 --> 00:45:12.780 He had kind of the right way of going about it in terms of what Sea World were doing, 00:45:12.780 --> 00:45:15.440 but he had very much the wrong methods. 00:45:15.440 --> 00:45:19.010 That’s what hit us with that. 00:45:19.010 --> 00:45:20.200 JACK: Yeah. 00:45:20.200 --> 00:45:22.059 Was this the first hacker you’ve hired? 00:45:22.059 --> 00:45:24.569 SEAN: Oh yeah, yeah, for me. 00:45:24.569 --> 00:45:30.380 But that mainly comes from the company I’m with now because a couple of the companies 00:45:30.380 --> 00:45:31.829 I was with before, they didn’t have this mentality. 00:45:31.829 --> 00:45:39.350 I think that goes for a lot of companies; people don’t give these sorts of hackers 00:45:39.350 --> 00:45:41.130 another chance. 00:45:41.130 --> 00:45:48.380 Cameron was very lucky just to get his apprenticeship and to then continue into the industry. 00:45:48.380 --> 00:45:53.819 But also, I wouldn’t say it was lucky for him to come to us because I think we were 00:45:53.819 --> 00:45:58.069 lucky to get him, really, because of just the sheer amount of passion he’s got and 00:45:58.069 --> 00:45:59.349 the technical skill. 00:45:59.349 --> 00:46:01.619 This guy is gonna do well in the industry. 00:46:01.619 --> 00:46:03.359 I already knew that. 00:46:03.359 --> 00:46:09.770 I was quite concerned that I had to put this guy forward to my directors. 00:46:09.770 --> 00:46:16.350 It was pretty cool; at the end of the day, I joined CSA because of all the stuff that 00:46:16.350 --> 00:46:21.630 they do around cyber-security as well, ‘cause I got sick of constantly being so guarded 00:46:21.630 --> 00:46:24.560 with other companies and communities and that sort of stuff. 00:46:24.560 --> 00:46:29.329 But the old companies I was with, they really garnered that sort of ‘don’t tell anyone 00:46:29.329 --> 00:46:32.450 anything, always look out for yourself’ type-thing. 00:46:32.450 --> 00:46:37.090 Jamie and Dave, the directors of CSA, thought that the opposite of that; they want to be 00:46:37.090 --> 00:46:38.250 involved. 00:46:38.250 --> 00:46:43.030 But I was still like okay, well, I’m actually gonna try and hire an ex-hacker here. 00:46:43.030 --> 00:46:46.259 I don’t know how cool they’re gonna be about this, you know. 00:46:46.259 --> 00:46:51.310 But I went to them and I said listen, this guy’s legit. 00:46:51.310 --> 00:46:52.869 He knows his stuff. 00:46:52.869 --> 00:46:59.300 Listen to his story and all the rest of it, and I’m sure you’ll agree. 00:46:59.300 --> 00:47:03.980 They did; we had a quick chat with them all and kind of reiterated his story to them and 00:47:03.980 --> 00:47:05.670 they were the first to jump on board. 00:47:05.670 --> 00:47:09.569 They actively encouraged it ‘cause they wanted to – not only from [00:50:00] a, 00:47:09.569 --> 00:47:13.050 like, ‘oh yeah, it’ll help us because of his technical expertise.’ 00:47:13.050 --> 00:47:16.660 They wanted to give him that second chance and really get him in. 00:47:16.660 --> 00:47:19.150 JACK: I’m just kind of flabbergasted by this. 00:47:19.150 --> 00:47:24.050 I mean, I once was in an interview and I asked if they validated parking. 00:47:24.050 --> 00:47:28.290 I kind of lost sleep over this wondering if they just thought I was some poor soul or 00:47:28.290 --> 00:47:29.290 something. 00:47:29.290 --> 00:47:33.880 Here’s Cam not only saying he knocked out Sea World, but caused a million dollars in 00:47:33.880 --> 00:47:38.660 damages and he did it because he was passionate about animal welfare and he hacked the police, 00:47:38.660 --> 00:47:40.589 and also went to jail for this. 00:47:40.589 --> 00:47:44.640 Well, somehow, despite all of that, it went great. 00:47:44.640 --> 00:47:51.680 Cam got the job at CSA and it might be because of how much CSA likes helping the community. 00:47:51.680 --> 00:47:52.680 Like for instance… 00:47:52.680 --> 00:47:59.050 SEAN: They create this entire cool cyber-zone area, like this entire office just for kids. 00:47:59.050 --> 00:48:02.140 Well, not kids; like, for students. 00:48:02.140 --> 00:48:03.940 They did it all off their own dime. 00:48:03.940 --> 00:48:08.410 They invested like, twenty grand into this – well, twenty grand just for the architecture 00:48:08.410 --> 00:48:10.441 bit, let alone all the equipment and all the rest of it. 00:48:10.441 --> 00:48:11.720 JACK: Who invested in this? 00:48:11.720 --> 00:48:15.880 SEAN: CSA did, but they did it for the NCSC. 00:48:15.880 --> 00:48:20.560 The NCSC came to them and said we’d really love for you to do something like this. 00:48:20.560 --> 00:48:27.200 JACK: Okay, so NCSC is the National Cyber Security Center which is a UK government organization 00:48:27.200 --> 00:48:30.030 simply there to help educate people on cyber-security. 00:48:30.030 --> 00:48:34.510 ANNCR: [MUSIC] Cyber-attack is now a critical threat to our national security. 00:48:34.510 --> 00:48:39.420 The government has responded to this threat by doubling investment in cyber-security, 00:48:39.420 --> 00:48:44.609 creating a world-class national cyber-security center leading the UK’s defense against 00:48:44.609 --> 00:48:45.609 cyber-attack. 00:48:45.609 --> 00:48:51.880 Together, we will make the UK the safest place to live and work in cyber-space. 00:48:51.880 --> 00:48:57.570 JACK: Jeez, that’s an ambitious mission. 00:48:57.570 --> 00:49:01.240 I think it’s incredible that the UK government is driving this. 00:49:01.240 --> 00:49:08.369 But yeah, the NCSC partnered with CSA to help hold classes and teach students and teenagers 00:49:08.369 --> 00:49:10.780 more about cyber-security. 00:49:10.780 --> 00:49:17.119 This makes CSA a pretty progressive company and once Cam got a job at CSA, he told them 00:49:17.119 --> 00:49:18.800 about another hacker he knows. 00:49:18.800 --> 00:49:21.369 CAM: He accidentally did credit card fraud. 00:49:21.369 --> 00:49:25.820 JACK: Both Cam and this guy Jack worked together in their last job and they were both there 00:49:25.820 --> 00:49:28.970 as an apprenticeship set up by the NCA. 00:49:28.970 --> 00:49:31.349 Jack applied to work at CSA, too. 00:49:31.349 --> 00:49:35.670 SEAN: Yeah, he went down to base and they were both from the same apprenticeship and 00:49:35.670 --> 00:49:39.730 this is how we found out about Jack, ‘cause we were still continuing our recruitment drive. 00:49:39.730 --> 00:49:43.960 Obviously, Cameron knew him by association. 00:49:43.960 --> 00:49:46.799 We were like oh, yeah, of course. 00:49:46.799 --> 00:49:50.040 We’re like, we’ve hired one hacker; what’s two? 00:49:50.040 --> 00:49:56.950 Basically, he stole like, seven thousand credit card details and databases around the world. 00:49:56.950 --> 00:50:00.619 I’ve always spoken to him about it ‘cause I find it fascinating, ‘cause he is very 00:50:00.619 --> 00:50:02.119 blasé about the whole situation. 00:50:02.119 --> 00:50:04.590 He talks about it in a very matter-of-fact way. 00:50:04.590 --> 00:50:08.240 It’s really strange to hear all of that. 00:50:08.240 --> 00:50:13.720 But he said I just did it because I could and I did it because they had bad security 00:50:13.720 --> 00:50:17.800 and I’d tell them about the security and that sort of stuff and then I’d just go 00:50:17.800 --> 00:50:18.800 out. 00:50:18.800 --> 00:50:20.180 So, it’s very grey hat-ish. 00:50:20.180 --> 00:50:23.859 He was very explicit; he never used the credit cards. 00:50:23.859 --> 00:50:24.970 He never touched them. 00:50:24.970 --> 00:50:26.329 He never did anything with them. 00:50:26.329 --> 00:50:32.070 He just saw them as this – he just took them. 00:50:32.070 --> 00:50:34.619 Obviously, he got caught as well. 00:50:34.619 --> 00:50:37.890 He got caught by the red light; they had all this data on him and they couldn’t catch 00:50:37.890 --> 00:50:38.890 him. 00:50:38.890 --> 00:50:44.920 Then he turned out – he used his card to pay for some virtual private server somewhere 00:50:44.920 --> 00:50:47.310 and they just back-traced it from that, eventually. 00:50:47.310 --> 00:50:52.859 He did it once and that’s how they got him which was fair play to the NCA and the Regional 00:50:52.859 --> 00:50:54.260 Cyber Crime Unit for that. 00:50:54.260 --> 00:50:58.220 JACK: I tried to get Jack on the show but he was just a little too hard for me to wrangle 00:50:58.220 --> 00:50:59.220 in. 00:50:59.220 --> 00:51:01.049 SEAN: He definitely is. 00:51:01.049 --> 00:51:05.680 He’s got burner phones and alternate e-mail addresses. 00:51:05.680 --> 00:51:10.579 I’m his manager and even I struggle to get in touch with him sometimes. 00:51:10.579 --> 00:51:14.430 JACK: But during the interview, Sean asked Jack the same question as Cam. 00:51:14.430 --> 00:51:18.930 SEAN: The question is; we always ask it at the end and it’s, is there anything that 00:51:18.930 --> 00:51:21.980 would stop you from possibly being eligible for security clearance? 00:51:21.980 --> 00:51:29.600 Obviously, he hit us with this knowledge of yeah, I stole seven thousand credit card details. 00:51:29.600 --> 00:51:36.320 He wasn’t officially charged, thank God, because it turns out – Cam was charged, 00:51:36.320 --> 00:51:40.550 obviously, and had about five years of hell. 00:51:40.550 --> 00:51:44.940 But Jack luckily didn’t get charged because he was saying that every single one of those 00:51:44.940 --> 00:51:49.299 charges carried two years in prison and there’s no limit. 00:51:49.299 --> 00:51:56.440 So, at one point, the prosecutor said to him you’re facing 14,000 years in prison. 00:51:56.440 --> 00:52:00.690 He just laughed at that point which is pretty ballsy, really, in that situation. 00:52:00.690 --> 00:52:06.730 [MUSIC] But yeah, no, again, he was telling us that story and I was sat with the same 00:52:06.730 --> 00:52:08.170 guy who was in Cam’s interview. 00:52:08.170 --> 00:52:13.990 We [00:55:00] were like oh my god, where are we finding these people? 00:52:13.990 --> 00:52:15.990 You have to take a chance; don’t get me wrong. 00:52:15.990 --> 00:52:20.300 If he came to me and he was like yeah, I used them to go on the dark web or I used them 00:52:20.300 --> 00:52:24.549 to finance something, I’d be like no, straight away ‘cause obviously he’s in it for criminal 00:52:24.549 --> 00:52:26.319 gain. 00:52:26.319 --> 00:52:31.450 Jack and Cameron, they did it because they could, ultimately, and they were probably 00:52:31.450 --> 00:52:32.450 a little bit misguided. 00:52:32.450 --> 00:52:37.760 That’s why, I think, the kind of stuff we were doing with the students is so important 00:52:37.760 --> 00:52:41.099 ‘cause you’re all like another one of those, like one of the students. 00:52:41.099 --> 00:52:45.790 Luckily, or unluckily, sorry, we didn’t get to him in time but he ended up DDossing 00:52:45.790 --> 00:52:47.150 his school. 00:52:47.150 --> 00:52:51.049 They went down the police route and he was thirteen years old. 00:52:51.049 --> 00:52:55.359 You just think like, it’s just not worth it, really. 00:52:55.359 --> 00:53:00.180 JACK: This was a potential student that was gonna come take classes for the NCSC at your 00:53:00.180 --> 00:53:03.119 place but didn’t actually come to take your guidance? 00:53:03.119 --> 00:53:08.559 SEAN: No, unfortunately not ‘cause he couldn’t, obviously, ‘cause it happened before he 00:53:08.559 --> 00:53:09.559 was coming in. 00:53:09.559 --> 00:53:11.859 They only take certain year groups. 00:53:11.859 --> 00:53:18.059 We take whatever year group they want to give us but they can only take certain ones. 00:53:18.059 --> 00:53:21.440 They were telling us about it and they just said it was really unfortunate because he 00:53:21.440 --> 00:53:24.960 had such a knowledge base and that sort of stuff. 00:53:24.960 --> 00:53:27.540 He just didn’t know what to do with it and he was just online all the time. 00:53:27.540 --> 00:53:29.599 There’s no ethics there. 00:53:29.599 --> 00:53:34.339 There’s not someone to tell you it’s right or wrong when you’re reading tutorials or 00:53:34.339 --> 00:53:35.470 that sort of thing. 00:53:35.470 --> 00:53:38.030 That’s where it was so important for us. 00:53:38.030 --> 00:53:44.500 It was unlucky, really, that he didn’t get that chance to talk to us. 00:53:44.500 --> 00:53:47.940 But yeah, but that’s literally like – you couldn’t hit the nail on the head any harder. 00:53:47.940 --> 00:53:52.340 That’s the sort of stuff that we need to protect against in future generations. 00:53:52.340 --> 00:53:56.730 We need to get them on our side before they turn to black hat. 00:53:56.730 --> 00:53:59.000 JACK: Wow. 00:53:59.000 --> 00:54:02.609 The UK is just so forward-thinking on this. 00:54:02.609 --> 00:54:07.150 By being proactive and trying to get young teenagers some guidance before they do something 00:54:07.150 --> 00:54:09.869 wrong is just so much more effective. 00:54:09.869 --> 00:54:15.839 It doesn’t just stop there; in 2017, the NCA launched a boot camp to reform teenage 00:54:15.839 --> 00:54:20.220 hackers, so when a teenager gets in trouble for hacking in the UK, they might get to go 00:54:20.220 --> 00:54:24.440 to this boot camp which is not there to scare them straight and to never use a computer 00:54:24.440 --> 00:54:29.799 again, but instead it teaches them that their passions and skills are really in demand right 00:54:29.799 --> 00:54:34.280 now and you can have just as much fun doing it but getting paid for it and being legal 00:54:34.280 --> 00:54:35.500 at the same time. 00:54:35.500 --> 00:54:39.850 Here’s an interview I found of some of these black hat teenagers who went through it. 00:54:39.850 --> 00:54:45.040 TEEN1: I’ve learned what I could do, what courses I could take, how I can proceed about 00:54:45.040 --> 00:54:46.290 going around cyber-security, what professions. 00:54:46.290 --> 00:54:49.900 TEEN2: Now I know that it exists, it sounds like something that I’d really, really like 00:54:49.900 --> 00:54:55.559 to go into because you get the same rush, you get the same excitement, but you’re 00:54:55.559 --> 00:54:59.430 doing it for fun still, but it’s legal and you get paid. 00:54:59.430 --> 00:55:04.340 TEEN3: I found out my true passion was actually stopping those attacks from happening. 00:55:04.340 --> 00:55:06.790 That’s how I now get my enjoyment. 00:55:06.790 --> 00:55:09.060 I stop them before they even happen. 00:55:09.060 --> 00:55:10.200 JACK: Incredible, right? 00:55:10.200 --> 00:55:13.089 Once again, nothing like this is in the US. 00:55:13.089 --> 00:55:17.780 Teenagers who get in trouble for hacking get kicked out of school, banned from using computers, 00:55:17.780 --> 00:55:21.460 and have an extraordinarily hard time finding a computer job later. 00:55:21.460 --> 00:55:26.569 But the UK is trying something different here, leaning into the problem, understanding that 00:55:26.569 --> 00:55:30.720 these kids really do have a passion and a skill that’s helpful. 00:55:30.720 --> 00:55:36.089 It’s just a matter of rehabilitating them to become more productive with these skills 00:55:36.089 --> 00:55:42.060 instead of destructive, or counselling them to be inspired and use these skills for good. 00:55:42.060 --> 00:55:46.330 But I should mention that some of these programs are still experimental in England. 00:55:46.330 --> 00:55:50.940 I’m not sure if this boot camp was just a pilot program and stopped, or if it’s 00:55:50.940 --> 00:55:51.940 still going on. 00:55:51.940 --> 00:55:53.670 There’s not a lot of information about it. 00:55:53.670 --> 00:55:58.140 These programs keep changing to try to figure out what the best way is of tackling these 00:55:58.140 --> 00:55:59.140 problems. 00:55:59.140 --> 00:56:03.360 Oh, and I should say that apprenticeship program that Cam got into which got him his first 00:56:03.360 --> 00:56:07.930 job, it’s not just for teenage criminal hackers; it can be used by non-criminals who 00:56:07.930 --> 00:56:11.510 want to get started in InfoSec, too. 00:56:11.510 --> 00:56:15.710 At CSA, through their CyberFirst programme where they teach students about the dangers 00:56:15.710 --> 00:56:21.039 of cyber-security, they now have Cam get up and tell his story in front of these young 00:56:21.039 --> 00:56:22.039 teens. 00:56:22.039 --> 00:56:24.839 Is Cam a role model or a cautionary tale? 00:56:24.839 --> 00:56:28.200 SEAN: It’s turning into one, it is. 00:56:28.200 --> 00:56:30.020 It’s that lovely mix of both, isn’t it? 00:56:30.020 --> 00:56:33.540 We try and hit him with like – he answers like, five questions and it’s always like 00:56:33.540 --> 00:56:34.560 who am I? 00:56:34.560 --> 00:56:35.840 Why did I do it? 00:56:35.840 --> 00:56:37.910 What were the implications? 00:56:37.910 --> 00:56:40.099 What did I learn from it? 00:56:40.099 --> 00:56:42.609 And that sort of stuff. 00:56:42.609 --> 00:56:48.280 It starts off and you can see that the students, they know it’s serious when he starts talking 00:56:48.280 --> 00:56:51.990 about all the stuff he’s done ‘cause that’s what we hit them with hard first. 00:56:51.990 --> 00:56:56.740 Then they talk about the FBI coming after him, the Secret Service wanting to extradite 00:56:56.740 --> 00:57:01.760 him, all of this stuff, all the money he cost people. 00:57:01.760 --> 00:57:05.359 It’s not just like, sorry, it’s not just companies; it’s people’s livelihoods. 00:57:05.359 --> 00:57:10.760 If they lose that amount of money, they have to lay [01:00:00] people off or people will 00:57:10.760 --> 00:57:11.880 – you know, it happens. 00:57:11.880 --> 00:57:15.520 JACK: It seems like Cam has learned his lesson from all this and doesn’t want to get in 00:57:15.520 --> 00:57:16.520 trouble again. 00:57:16.520 --> 00:57:19.990 CAM: If I get arrested a second time though, I’m gone. 00:57:19.990 --> 00:57:20.990 That’s it. 00:57:20.990 --> 00:57:23.570 I’m never ever gonna get back into the industry. 00:57:23.570 --> 00:57:30.079 Obviously, now as well, I can see the damage it causes, so like Sea World; people had lost 00:57:30.079 --> 00:57:31.079 jobs. 00:57:31.079 --> 00:57:35.920 It costed Sea World like, one and a half million dollars as a result of my attacks. 00:57:35.920 --> 00:57:41.620 That would have cost people jobs and that means that they couldn’t have fed their 00:57:41.620 --> 00:57:44.990 families and such, and the butterfly effect goes on. 00:57:44.990 --> 00:57:50.780 That’s the only reason, as well, it’s just what I didn’t see. 00:57:50.780 --> 00:57:55.170 JACK: So, it seems like this system works, huh? 00:57:55.170 --> 00:58:00.821 Spend a little time and money on some of these troubled teens and presto, change-o, they 00:58:00.821 --> 00:58:05.869 become not only a productive person but also an inspirational role model. 00:58:05.869 --> 00:58:12.349 CAM: I feel kind of bad ‘cause essentially, I’m nineteen now and I’m a senior SOC 00:58:12.349 --> 00:58:13.349 analyst. 00:58:13.349 --> 00:58:15.720 I skipped past uni ‘cause of being arrested. 00:58:15.720 --> 00:58:22.770 People that have gone to uni, how do I feel that I’ve cheated it and I’ve gone up, 00:58:22.770 --> 00:58:26.630 because of where I’ve come from which is technically not a good thing. 00:58:26.630 --> 00:58:29.950 It’s kind of like waving to people that – do you know what I mean? 00:58:29.950 --> 00:58:34.760 Because of the apprenticeship, the apprenticeship is giving people this amazing opportunity 00:58:34.760 --> 00:58:37.200 for free when I’d done something bad. 00:58:37.200 --> 00:58:40.789 SEAN: I’ve never seen anyone harbor any resentment against it. 00:58:40.789 --> 00:58:44.559 The team loved the guys. 00:58:44.559 --> 00:58:45.660 We all get on well anyway. 00:58:45.660 --> 00:58:50.400 We all do it like – the company we’re with encourages loads of social events that 00:58:50.400 --> 00:58:55.619 they pay for and that sort of stuff, so we all go carting and go out for a drink and 00:58:55.619 --> 00:58:56.619 all the rest of it. 00:58:56.619 --> 00:59:00.510 The team’s really molded together anyway, and I’ve never seen any resentment. 00:59:00.510 --> 00:59:05.390 I think they appreciate it more because Jack and Cameron always get back to them. 00:59:05.390 --> 00:59:07.460 They always try and impart their knowledge. 00:59:07.460 --> 00:59:12.869 They always show them the bigger picture when it comes to alert investigations or how to 00:59:12.869 --> 00:59:16.690 do something or some kind of technical aspect that they’re not quite getting their head 00:59:16.690 --> 00:59:17.690 around. 00:59:17.690 --> 00:59:22.150 I think that makes them really appreciate the fact that those guys are there in the 00:59:22.150 --> 00:59:23.150 first place. 00:59:23.150 --> 00:59:26.799 JACK: [MUSIC] Wow, that’s one way to diversify a team, right? 00:59:26.799 --> 00:59:28.390 Security is a game of cat and mouse. 00:59:28.390 --> 00:59:32.020 You have to know what the enemy knows and think like them so you can be a step ahead 00:59:32.020 --> 00:59:33.020 of them. 00:59:33.020 --> 00:59:36.569 Who better to turn to than someone who’s actually done that stuff? 00:59:36.569 --> 00:59:40.260 Yeah, I think this kind of team will work out in the long run. 00:59:40.260 --> 00:59:45.410 Now that I think of it, I’ve seen many criminals in the US actually get hired by US authorities 00:59:45.410 --> 00:59:47.589 to help track and catch criminals. 00:59:47.589 --> 00:59:52.880 Like, there’s art forgers and scammers and counterfeiters, and yeah, hackers who felt 00:59:52.880 --> 00:59:57.099 remorse for what they’ve done and now work with the police to help catch criminals. 00:59:57.099 --> 00:59:59.250 Huh, I like it. 00:59:59.250 --> 01:00:04.040 In this tech-focused world, I think it’s important to embrace it and not ban it. 01:00:04.040 --> 01:00:08.940 It’s important to spend time and money educating teenagers on cyber-security and especially 01:00:08.940 --> 01:00:11.060 focus on the teens who use it as a weapon. 01:00:11.060 --> 01:00:16.500 Those are some of the really clever kids who have a real passion for technology and other 01:00:16.500 --> 01:00:17.500 things. 01:00:17.500 --> 01:00:19.640 They don’t always aim to do bad. 01:00:19.640 --> 01:00:24.680 They just got wrapped up in the frenzy of it all and I’m sure all of us as teenagers 01:00:24.680 --> 01:00:27.490 have been in the battlefield of good versus evil. 01:00:27.490 --> 01:00:30.620 It’s not easy to be a teen. 01:00:30.620 --> 01:00:36.829 Everyone has two sides; good and evil, and it’s how you treat that person will determine 01:00:36.829 --> 01:00:39.250 what you see. 01:00:39.250 --> 01:00:51.240 JACK (OUTRO): [OUTRO MUSIC] A big thank you to our guests this episode Cam and Sean who 01:00:51.240 --> 01:00:53.430 both work at CSA. 01:00:53.430 --> 01:00:57.890 This show is made by me, the royal key-presser, Jack Rhysider. 01:00:57.890 --> 01:00:59.539 Production assistance by Janet BB. 01:00:59.539 --> 01:01:03.410 Sound design was done by his grace, Duke Andrew Meriwether. 01:01:03.410 --> 01:01:08.039 Editing help this episode by her Highness Damienne, and our theme music is by the Earl 01:01:08.039 --> 01:01:10.670 of Melody, Breakmaster Cylinder. 01:01:10.670 --> 01:01:16.430 Even though the F3 key on my keyboard hasn’t done a single thing for twenty years, this 01:01:16.430 --> 01:01:20.549 is Darknet Diaries.