The greatest fear of many organizations became one Atlanta-based tech company’s reality. However, the steps the company took before and after its sensitive data was stolen by a hacker in 2018 helped the FBI identify and arrest the culprit.
Christian Kight used his computer programming skills to hack into various businesses to extort money while on parole for previous crimes. Kight downloaded scripts from hacker forums and used them to attack company networks.
In the case of the Atlanta company, Kight spent a few weeks hacking into the company’s network, using various tactics to hide his identity. He then downloaded the data to his own computer and deleted it from the company’s systems, FBI officials said.
Once he had the data, Kight emailed the company’s CEO to demand payment in exchange for the data—but he insisted that it wasn’t extortion.
“And no, I’m really NOT an extortionist, I would like to see how much you think it’s worth, and if it’s fair, we'll leave it at that,” Kight wrote, according to court documents.
Whatever you call it, stealing data and demanding money for its return is illegal.
“Computer hacking is a serious crime, and the theft of intellectual property threatens the fabric of our economy," said Georgia Attorney General Chris Carr.
“This defendant hid behind his computer to extort companies in this district and elsewhere,” said U.S. Attorney Byung J. “BJay” Pak. “As a result of the exemplary work of law enforcement and the cooperation of the victim, he is headed to federal prison. This case highlights the positive outcomes that are possible for businesses and the community when the private sector works with law enforcement to bring cyber criminals to justice.”
According to U.S. Attorney Pak, the charges and other information presented in court: Kight gained unauthorized access to the computer networks and servers of multiple companies and organizations, including a computer analytics company in the Northern District of Georgia. Once on the victim’s network, Kight concealed his identity, exfiltrated data files, and deleted data and log files. He then sent a series of emails to the victim demanding money in exchange for the release of their data.
When the company announced its intention to contact law enforcement, Kight further threatened to send reputation-harming letters to the company’s clients and disseminate the data he had stolen. The victim nonetheless contacted the FBI and reported the hack and extortion demands. Once identified through the FBI investigation, a search of Kight’s computer equipment and encrypted email account revealed evidence of this crime as well as his scheme to extort multiple victims.
Fortunately, the company had a robust backup system, so employees restored the data within days. Additionally, the company shared critical information from its network’s access logs and other records, which helped the FBI track the IP address of the hacker. After getting a search warrant based on that information, agents found overwhelming evidence against Kight in his San Clemente, California home, the FBI reported.
“In the cyber world, it’s very hard to secure a network to the point that it’s never breachable, but you can make it as difficult as possible to break in,” said Tyler Fowler, special agent, FBI Atlanta.
If someone does break into a network, having strong activity logging on the network in place beforehand can help authorities track the hacker, he said.
The cooperation from the victim company was critical in this case, the FBI said.
“Christian William Kight, a/k/a Drillo, 29, of San Clemente, California, was sentenced by Chief U.S. District Judge Thomas W. Thrash, Jr. to seven years, eight months in prison to be followed by three years of supervised release, a $900 fine, and $42,001.00, in restitution. Kight was convicted on these charges on December 3, 2019, after he pleaded guilty,” according to court records.
Imposing consequences on hackers who do harm to companies and individuals is vital, the FBI said.
“I’ve arrested people all over the world for these types of crimes,” Fowler said. “The FBI is uniquely positioned to address these crimes almost anywhere they happen.”
Learn more from the FBI Cyber Crime guide