Stratfor Hacker Admits Guilt, Faces Possible 10-Year Prison Term

Confessed hacker Jeremy Hammond admits to his role in hacks on Stratfor and other organizations in a guilty plea.

Download the authoritative guide: The Ultimate Guide to IT Security Vendors

A Chicago man has pleaded guilty to hacking charges in connection with the 2011 cyber-attack on a well-known military and intelligence think-tank.

Jeremy Hammond, 28, pleaded guilty to one count of conspiracy to engage in computer hacking and faces as much as 10 years in prison and up to $2.5 million in restitution. According to authorities, Hammond was involved in the well-publicized hack of Strategic Forecasting, also known as Stratfor, which exposed the firm's confidential client list as well as information about employees.

Hammond, who was a member of the hacker group AntiSec, confessed during his guilty plea Tuesday to being involved in a number of other attacks between 2011 and 2012. Charges against four others originally charged with Hammond—Ryan Ackroyd, Jake Davis, Darren Martyn and Donncha O'Cearrbhail—are still pending. Ackroyd and Davis were sentenced to prison for cyber-crimes earlier this month by a judge in the U.K.

"While he billed himself as fighting for an anarchist cause, in reality, Jeremy Hammond caused personal and financial chaos for individuals whose identities and money he took and for companies whose businesses he decided he didn’t like," said Manhattan U.S. Attorney Preet Bharara in a statement. "He was nothing more than a repeat offender cybercriminal who thought that because of his computer savvy he was above the law that binds and protects all of us—the same law that assured his rights in a court of law and allowed him to decide whether to admit his guilt or assert his innocence."

According to authorities, Hammond and other members of AntiSec hacked into computer systems used by Strategic Forecasting and stole information ranging from employee emails to account information for roughly 860,000 Stratfor clients and subscribers. Hammond and others stole approximately 60,000 users' credit card information and used some of the stolen data to make more than $700,000 in unauthorized charges. The group also publicly disclosed some of the information they stole.

Among the other attacks Hammond admitted to being involved in are attacks on the FBI's Virtual Academy and the Arizona Department of Public Safety in June 2011. The following month, he was involved in the attack of computer systems owned by Brooks-Jeffrey Marketing, based in Mountain Home, Ark. In August of that year, he targeted Special Forces Gear, a California business that sells gear for law enforcement and military personnel. That same month, he was involved in an attack on Vanguard Defense Industries.

Three months later, in October 2011, Hammond was involved in attacks on the Boston Police Patrolmen's Association as well as the Jefferson County, Ala., Sheriff's Office. The final attack he confessed involvement in occurred in February 2012 and impacted Combined Systems, based in Pennsylvania.

"Computer hacking is a very serious crime that violates the privacy and economic security of its victims and disrupts legitimate commerce," said Bharara. "We will continue to make the prosecution and punishment of cybercriminals like Jeremy Hammond a top priority."

Hammond is scheduled to be sentenced Sept. 6.