An Australian teenager who pleaded guilty to hacking Apple systems carried out the attacks over the course of almost two years and showed "a high degree of skill and persistence," a court heard Thursday.
Investigators in the case recovered about 1 Terabyte of sensitive information copied from the tech giant's systems during attacks over about 22 months between 2015 and 2017 by the defendant and another person, a prosecutor told a Children's Court.
The now adult defendant, who was 16 at the time the hacking began and cannot be named under Australian law that protects the identity of juvenile offenders, faces two charges in relation to the hacking and will be sentenced on September 27. One of the charges carries a maximum sentence of two years custody, while the other carries a maximum sentence of 12 months.
Together with a boy who was two years younger, the teenager "modified and copied a large volume of data that was sensitive both from a privacy and commercial point of view," the prosecutor told the court. The offences involved "a high degree of skill and persistence," according to the prosecutor. Identities of other parties in the case and the precise location of the court cannot be disclosed under laws intended to protect the defendant's identity.
Apple said that customers' personal data was not compromised as a result of the offences. "In this case, our teams discovered the unauthorized access, contained it, and reported the incident to law enforcement," the company said in an emailed statement.
The company contacted the FBI who passed on the allegations to the Australian Federal Police, The Age newspaper reported last month, citing an earlier hearing. A search of the defendant's family home uncovered files and instructions saved in a folder titled "hacky hack hack," according to the newspaper's report.
The defendant's access to Apple's systems was blocked on at least one occasion after late 2016 and he was later able to regain entry, the prosecutor said in Thursday's court hearing. In an exchange on the WhatsApp messaging service in April 2017, the defendant and a second person speculated whether Apple's aversion to negative publicity would prevent the company from taking any action after the firm discovered their use of a virtual private network to gain access to systems, the prosecutor said.
While the hacking had begun out of curiosity and an interest in Apple, the defendant "did not remain commercially disinterested," according to the prosecutor. No evidence has been put before the court that the teenager had any commercial gain from the attacks.
The defendant, now a college student, had made efforts to redeem himself, his lawyer told the hearing.
Unlike other notorious hackers, the teenager had also been deliberate in choosing not to court publicity about his offences. "Where others have sought fame, he didn't," his lawyer said.
© Thomson Reuters 2018