Defendant attempted to flee to Cuba prior to being charged
BOSTON – A Somerville man was convicted today by a federal
jury of orchestrating disruptive computer attacks on Boston Children’s Hospital
and Wayside Youth and Family Support Network.
Martin Gottesfeld, 32, was convicted of one count of
conspiracy to damage protected computers and one count of damaging protected
computers. U.S. District Court Judge Nathaniel Gorton scheduled sentencing for
Nov. 14, 2018. Gottesfeld was charged in February 2016.
On March 25, 2014, Gottesfeld conducted a distributed denial
of service – or DDOS – attack against Wayside Youth and Family Support Network,
a nonprofit, Framingham-based residential treatment facility that provides a
range of mental health counseling and family support services to children,
young adults, and families in Massachusetts. The attack crippled Wayside’s
network for more than a week and caused the facility to spend $18,000 on
response and mitigation efforts.
Following the attack on Wayside’s computer network,
Gottesfeld launched a massive DDOS attack against the computer network of the
Boston Children’s Hospital. He customized malicious software that he installed
on 40,000 network routers that he was then able to control from his home
computer. After spending more than a week preparing his methods, on April 19,
2014, he unleashed a DDOS attack that directed so much hostile traffic at the
Children’s Hospital computer network that he not only knocked Boston Children’s
Hospital off the internet, but knocked several other hospitals in the Longwood
Medical Area off the internet as well.
Gottesfeld identified himself as a member of the hacking
group Anonymous, and launched the attacks on behalf of Anonymous, demanding
change in the way the Boston Children’s Hospital was handling a teenage patient
(discharged months earlier), who was the subject of a custody battle between
her parents and the Commonwealth of Massachusetts.
The attack flooded 65,000 IP addresses used by Boston
Children’s Hospital and several other area hospitals with junk data intended to
make those computers unavailable for legitimate communications. The attack
disrupted the Children’s Hospital network for at least two weeks, interrupting
access to internet services used by Boston Children’s Hospital staff to treat
patients. The attack disrupted the hospital’s day-to-day operations, as well as
its research capabilities. The attack cost the hospital more than $300,000 and
caused an additional estimated $300,000 loss in donations, as the attack
disabled the hospital’s fundraising portal.
In October 2014, federal law enforcement searched
Gottesfeld’s home and recovered a number of computers, servers, and hard
drives. Gottesfeld, however, was not formally charged with a crime at the time
the search warrant was executed.
In February 2016, local police conducted a wellness check at
Gottesfeld’s apartment after relatives and his employer grew concerned about
his whereabouts. When police arrived at his home, no one was there.
On Feb. 16, 2016, Gottesfeld and his wife made a distress
call from a small boat off the coast of Cuba. A nearby Disney Cruise Ship
responded and rescued the couple. The ship returned to Miami and Gottesfeld was
arrested.
The charge of conspiracy provides for a sentence of no
greater than five years in prison, three years of supervised release, a fine of
$250,000 and restitution. The charge of damaging protected computers provides
for a sentence of no greater than 10 years in prison, three years of supervised
release, and a fine of up to $250,000. Sentences are imposed by a federal
district court judge based upon the U.S. Sentencing Guidelines and other statutory
factors.
U.S. Attorney Andrew E. Lelling and Harold Shaw, Special
Agent in Charge of the Federal Bureau of Investigation, Boston Field Division,
made the announcement today. Assistant U.S. Attorneys David J. D’Addio and Seth
Kosto of Lelling’s Cybercrime Unit are prosecuting the case.
Posts
No comments:
Post a Comment