Ryan Ackroyd

Ryan Ackroyd
Other namesKayla
OccupationComputer hacker
OrganizationLulzSec
Known forFounder of LulzSec

Ryan Ackroyd,[1] a.k.a. Kayla[2][3] and also lolspoon, is a former black hat hacker who was one of the six core members of the computer hacking group "LulzSec"[4][5] during its 50-day spree of attacks from 6 May 2011 until 26 June 2011.[6] Throughout the time, Ackroyd posed as a female hacker named "Kayla" and was responsible for the penetration of multiple military and government domains and many high profile intrusions into the networks of Gawker in December 2010, HBGaryFederal in 2011, PBS, Sony, Infragard Atlanta, Fox Entertainment and others. He eventually served 30 months in prison for his hacking activities.

After his release from jail, Ackroyd publicly stated during "a conversation with Lulzsec"[7] that he believes Anonymous, other activists and like-minded should come together and attempt to change issues legally.

In December 2014, he gave his first ever lecture[8] in an over-capacity lecture auditorium at Sheffield Hallam University[9] for over 200 students, where he spoke about Lulzsec and their "50 days of lulz".

On his Twitter account,[10] Ackroyd vowed to help the security of the systems he once breached, stating that he would "help secure and defend the systems in hopes we can all learn from each other, should I be given the chance to do so". He also added "For me, it wasn't about stealing people's information, I just wanted to show people how flawed their so-called secure systems are. People need to fix their stuff… I sent countless emails to companies and even government organisations and I was ignored. I soon realised I'd have to show them why they should secure themselves before they would listen. I'm like Jiminy Cricket, only when you don't listen I'd hit you really hard with my tiny umbrella so you'd do the right thing," he joked.

Rise to prominence

[edit]

In 2011, Ackroyd was part of the small group of hackers who breached the security of HBGaryFederal.com[11] through an SQL injection[12][13] and is said to have social engineered[14] the administrator of rootkit.com,[15] HBGary's CEO's personal website to gain root access to their entire systems. During the rise of the group "LulzSec", Ackroyd is said to be its most talented hacker, doing much of the security penetration along with Hector Monsegur. He hacked into fox.com,[16] UK Bank Machines,[17] Sony,[18] PBS,[19] the FBI,[20] Bethesda Softworks,[21] Senate.gov,[22] Arizona Department of Public Safety,[23] AT&T, AOL, Navy.mil,[24] Infragard Atlanta,[25] NATO Bookshops[24] and others during LulzSec's infamous "50 Days of Lulz".[26][27]

Ackroyd is responsible for the hack on Booz Allen,[28] where Edward Snowden was an employee. He was also responsible for the hack into Gawker Media's computer networks in December 2010, in retaliation to what Ackroyd perceived to be behaviour condescending of Anonymous and other affiliated hackers. During this time, Ackroyd hacked into hundreds of military domains to show vulnerabilities were in excess even in the most sensitive areas.

[edit]

On 1 September 2011, Ackroyd's "lolspoon" Twitter feed went silent for the last time,[2] amidst announcements that the hacker was arrested[29] in Mexborough, South Yorkshire.[30] It became clear that Ackroyd was not, in fact, a girl, but rather a 24-year-old man with prior military service in the British Army serving in Iraq. He was released on bail[31] with fellow co-defendants Tflow and Topiary.

On 9 April 2013, Ackroyd appeared in court for the final time[32] where he was branded "highly forensically aware" by the court. Ackroyd pleaded not guilty to Distributed Denial of Service (DDoS) attacks carried out under the LulzSec banner during its "AntiSec" campaign, but pleaded guilty to violating the computer misuse act.

Ackroyd served a 30-month prison sentence in England.[33]

After release

[edit]

Ackroyd was an Associate Lecturer at Sheffield Hallam University and was also enrolled on a master's degree in information systems security.[34] He is now the Lead Penetration Tester at The Hut Group.[35]

References

[edit]
  1. ^ "Ryan Ackroyd".
  2. ^ a b "Kayla".
  3. ^ "Lulzsec hacker 'Kayla' pleads guilty to cyber crime in U.K. - VentureBeat - Security - by Meghan Kelly". 9 April 2013.
  4. ^ The Christian Science Monitor (8 March 2012). "6 men alleged to be LulzSec hackers". The Christian Science Monitor.
  5. ^ Charles Arthur (24 June 2011). "LulzSec IRC leak: the full record". The Guardian.
  6. ^ "LulzSec's Top 3 Hacking Tools Deconstructed". Dark Reading. 7 May 2011.
  7. ^ "In conversation with former Anonymous and LulzSec hacktivists at The Royal Court Theatre". royalcourttheatre.com.
  8. ^ Ryan Ackroyd's Talk at Sheffield Hallam University. YouTube. 15 December 2014.
  9. ^ Kit Chellel (26 November 2014). "Laughing Hacker Who Hit Sony, FBI Now Seeks Legal Lols". Bloomberg.com.
  10. ^ "Ryan Ackroyd". twitter.com.
  11. ^ Parmy Olson (16 March 2011). "Is This The Girl That Hacked HBGary?". Forbes.
  12. ^ Nicholas Jackson (16 March 2011). "Meet the 16-Year-Old Girl Who Hacked HBGary". The Atlantic.
  13. ^ "Anonymous speaks: the inside story of the HBGary hack". Ars Technica. 16 February 2011.
  14. ^ "HBGary's nemesis is a '16-year-old schoolgirl'". The Register.
  15. ^ "Archived copy". Archived from the original on 1 October 2014. Retrieved 29 September 2013.{{cite web}}: CS1 maint: archived copy as title (link)
  16. ^ "Hackers leak Fox.com employee info". msnbc.com. Archived from the original on 12 July 2013.
  17. ^ "The rise of LulzSec: a hacking chronology".
  18. ^ "Hackers Lulzsec Say Sony Pictures Attacked, 1 Million Users Compromised (UPDATE)". The Huffington Post. 2 June 2011.
  19. ^ Andy Greenberg (30 May 2011). "PBS Hacked After Critical WikiLeaks Show". Forbes.
  20. ^ Matt Brian (26 June 2011). "50 Days Of Lulz: The Life And Times Of LulzSec - Media". The Next Web.
  21. ^ Tsukayama, Hayley (14 June 2011). "Skyrim keeps LulzSec from releasing more info. on Bethesda". Washington Post.
  22. ^ "LulzSec Strikes Again, Hits Bethesda Softworks And US Senate - Arik Hesseldahl - News - AllThingsD". AllThingsD.
  23. ^ "LulzSec Releases Arizona Law Enforcement Data, Claims Retaliation For Immigration Law". TechCrunch. AOL. 23 June 2011.
  24. ^ a b Andy Greenberg (25 June 2011). "LulzSec Says Goodbye, Dumping NATO, AT&T, Gamer Data". Forbes.
  25. ^ "Sony Hackers LulzSec Strike FBI Affiliate InfraGard". PCMAG.
  26. ^ "After 50 Days Of Attacks, Hacker Group LulzSec Calls It Quits". TechCrunch. AOL. 25 June 2011.
  27. ^ Mohit Kumar (26 June 2011). "50 Days of Lulz - LulzSec Says Goodbye & Operation AntiSec will Continue". The Hacker News - Biggest Information Security Channel.
  28. ^ Adam Clark Estes. "Anonymous Charges Booz Allen $310 for Hacking Their Email". The Wire.
  29. ^ "Scotland Yard Arrests LulzSec Hacker 'Kayla'". Fox News. 2 September 2011.
  30. ^ "Hacker "Kayla" taken down in latest LulzSec arrests?". Ars Technica. 2 September 2011.
  31. ^ "LulzSec's Kayla given bail". Infosecurity Magazine. 19 March 2012.
  32. ^ "BBC News - UK Lulzsec hacker Ryan Ackroyd pleads guilty". BBC News. 9 April 2013.
  33. ^ "LulzSec 'hacktivists' handed long jail sentences for hacking". The Guardian. 16 May 2013.
  34. ^ Sheffield Hallam University. "MSc Information Systems Security". shu.ac.uk.
  35. ^ "Ryan Ackroyd". March 2021 – via LinkedIn.