Ryan Ackroyd Explained

Ryan Ackroyd
Known For:Founder of LulzSec
Occupation:Computer hacker
Other Names:Kayla
Organization:LulzSec

Ryan Ackroyd,[1] Kayla[2] [3] and also lolspoon, is a former black hat hacker who was one of the six core members of the computer hacking group "LulzSec"[4] [5] during its 50-day spree of attacks from 6 May 2011 until 26 June 2011.[6] Throughout the time, Ackroyd posed as a female hacker named "Kayla" and was responsible for the penetration of multiple military and government domains and many high profile intrusions into the networks of Gawker in December 2010, HBGaryFederal in 2011, PBS, Sony, Infragard Atlanta, Fox Entertainment and others. He eventually served 30 months in prison for his hacking activities.

After his release from jail, Ackroyd publicly stated during "a conversation with Lulzsec"[7] that he believes Anonymous, other activists and like-minded should come together and attempt to change issues legally.

In December 2014, he gave his first ever lecture[8] in an over-capacity lecture auditorium at Sheffield Hallam University[9] for over 200 students, where he spoke about Lulzsec and their "50 days of lulz".

On his Twitter account,[10] Ackroyd vowed to help the security of the systems he once breached, stating that he would "help secure and defend the systems in hopes we can all learn from each other, should I be given the chance to do so". He also added "For me, it wasn't about stealing people's information, I just wanted to show people how flawed their so-called secure systems are. People need to fix their stuff… I sent countless emails to companies and even government organisations and I was ignored. I soon realised I'd have to show them why they should secure themselves before they would listen. I'm like Jiminy Cricket, only when you don't listen I'd hit you really hard with my tiny umbrella so you'd do the right thing," he joked.

Rise to prominence

In 2011, Ackroyd was part of the small group of hackers who breached the security of HBGaryFederal.com[11] through an SQL injection[12] [13] and is said to have social engineered[14] the administrator of rootkit.com,[15] HBGary's CEO's personal website to gain root access to their entire systems.During the rise of the group "LulzSec", Ackroyd is said to be its most talented hacker, doing much of the security penetration along with Hector Monsegur. He hacked into fox.com,[16] UK Bank Machines,[17] Sony,[18] PBS,[19] the FBI,[20] Bethesda Softworks,[21] Senate.gov,[22] Arizona Department of Public Safety,[23] AT&T, AOL, Navy.mil,[24] Infragard Atlanta,[25] NATO Bookshops[24] and others during LulzSec's infamous "50 Days of Lulz".[26] [27]

Ackroyd is responsible for the hack on Booz Allen,[28] where Edward Snowden was an employee. He was also responsible for the hack into Gawker Media's computer networks in December 2010, in retaliation to what Ackroyd perceived to be behaviour condescending of Anonymous and other affiliated hackers.During this time, Ackroyd hacked into hundreds of military domains to show vulnerabilities were in excess even in the most sensitive areas.

Arrest and legal proceedings

On 1 September 2011, Ackroyd's "lolspoon" Twitter feed went silent for the last time,[2] amidst announcements that the hacker was arrested[29] in Mexborough, South Yorkshire.[30] It became clear that Ackroyd was not, in fact, a girl, but rather a 24-year-old man with prior military service in the British Army serving in Iraq. He was released on bail[31] with fellow co-defendants Tflow and Topiary.

On 9 April 2013, Ackroyd appeared in court for the final time[32] where he was branded "highly forensically aware" by the court. Ackroyd pleaded not guilty to Distributed Denial of Service (DDoS) attacks carried out under the LulzSec banner during its "AntiSec" campaign, but pleaded guilty to violating the computer misuse act.

Ackroyd served a 30-month prison sentence in England.[33]

After release

Ackroyd was an Associate Lecturer at Sheffield Hallam University and was also enrolled on a master's degree in information systems security.[34] He is now the Lead Penetration Tester at The Hut Group.[35]

Notes and References

  1. Web site: Ryan Ackroyd.
  2. Web site: Kayla.
  3. Web site: Lulzsec hacker 'Kayla' pleads guilty to cyber crime in U.K. - VentureBeat - Security - by Meghan Kelly. 9 April 2013.
  4. 6 men alleged to be LulzSec hackers. The Christian Science Monitor. The Christian Science Monitor. 8 March 2012.
  5. Web site: LulzSec IRC leak: the full record. Charles Arthur. The Guardian. 24 June 2011.
  6. Web site: LulzSec's Top 3 Hacking Tools Deconstructed. Dark Reading. 7 May 2011.
  7. Web site: In conversation with former Anonymous and LulzSec hacktivists at The Royal Court Theatre. royalcourttheatre.com.
  8. Ryan Ackroyd's Talk at Sheffield Hallam University. 15 December 2014. YouTube.
  9. News: Laughing Hacker Who Hit Sony, FBI Now Seeks Legal Lols. Kit Chellel. 26 November 2014. Bloomberg.com.
  10. Web site: Ryan Ackroyd. twitter.com.
  11. News: Is This The Girl That Hacked HBGary?. Parmy Olson. 16 March 2011. Forbes.
  12. Web site: Meet the 16-Year-Old Girl Who Hacked HBGary. Nicholas Jackson. 16 March 2011. The Atlantic.
  13. Web site: Anonymous speaks: the inside story of the HBGary hack. Ars Technica. 16 February 2011.
  14. Web site: HBGary's nemesis is a '16-year-old schoolgirl'. The Register.
  15. Web site: Archived copy . 29 September 2013 . 1 October 2014 . https://web.archive.org/web/20141001001900/http://www.dazzlepod.com/site_media/txt/rootkit.com.txt . dead .
  16. Web site: Hackers leak Fox.com employee info. https://web.archive.org/web/20130712012220/http://www.nbcnews.com/id/43027482/ns/technology_and_science-security/t/hackers-leak-foxcom-employee-info/. dead. 12 July 2013. msnbc.com.
  17. Web site: The rise of LulzSec: a hacking chronology.
  18. News: Hackers Lulzsec Say Sony Pictures Attacked, 1 Million Users Compromised (UPDATE). 2 June 2011. The Huffington Post.
  19. News: PBS Hacked After Critical WikiLeaks Show. Andy Greenberg. 30 May 2011. Forbes.
  20. Web site: 50 Days Of Lulz: The Life And Times Of LulzSec - Media. Matt Brian. 26 June 2011. The Next Web.
  21. News: Skyrim keeps LulzSec from releasing more info. on Bethesda. 14 June 2011. Washington Post. Hayley. Tsukayama.
  22. Web site: LulzSec Strikes Again, Hits Bethesda Softworks And US Senate - Arik Hesseldahl - News - AllThingsD. AllThingsD.
  23. Web site: LulzSec Releases Arizona Law Enforcement Data, Claims Retaliation For Immigration Law. AOL. TechCrunch. 23 June 2011 .
  24. News: LulzSec Says Goodbye, Dumping NATO, AT&T, Gamer Data. Andy Greenberg. 25 June 2011. Forbes.
  25. News: Sony Hackers LulzSec Strike FBI Affiliate InfraGard. PCMAG.
  26. Web site: After 50 Days Of Attacks, Hacker Group LulzSec Calls It Quits. AOL. TechCrunch. 25 June 2011 .
  27. Web site: 50 Days of Lulz - LulzSec Says Goodbye & Operation AntiSec will Continue. Mohit Kumar. 26 June 2011. The Hacker News - Biggest Information Security Channel.
  28. Web site: Anonymous Charges Booz Allen $310 for Hacking Their Email. Adam Clark Estes. The Wire.
  29. News: Scotland Yard Arrests LulzSec Hacker 'Kayla'. 2 September 2011. Fox News.
  30. Web site: Hacker "Kayla" taken down in latest LulzSec arrests?. Ars Technica. 2 September 2011.
  31. Web site: LulzSec's Kayla given bail. Infosecurity Magazine. 19 March 2012.
  32. News: BBC News - UK Lulzsec hacker Ryan Ackroyd pleads guilty. 9 April 2013. BBC News.
  33. Web site: LulzSec 'hacktivists' handed long jail sentences for hacking. The Guardian. 16 May 2013.
  34. Web site: MSc Information Systems Security. Sheffield Hallam University. shu.ac.uk.
  35. Web site: Ryan Ackroyd. LinkedIn. March 2021.