LAS CRUCES, N.M. (KRQE) – Federal prosecutors say a New Mexico man paid for computer hackers to attack several old employer’s websites among several others, and he could now face prison time for it.
According to federal court documents, John Gammell of Las Cruces is accused of paying hackers to attack computers. Investigators say between May 2015 and September 2016, Gammell “expressed interest, or bought services from” seven different websites that provide internet attack services.
An associate professor of Computer Science at UNM, Jed Crandall, says the practice of Internet-based computer attacks used to be reserved for experts, but has become easier than ever for anyone to do. Crandall teaches courses about cybersecurity and networking.
“Just regular people can go find these markets and find these services,” said Crandall.
Gammell is accused of several charges including “intentional damage to a protected computer.” According to court documents, Gammell is accused of paying hundreds of dollars to websites that would initiate “distributed denial of service” (DDOS) attacks. DDOS attacks are designed to overwhelm a website with too much web traffic, which causes problems.
“Whatever service you’re providing, say it’s your website and you’re selling things,” said Crandall. “For whatever amount of time, until you can deal with the attacker, until it stops, you basically can’t do any business.”
Outlined in court documents, Gammell is accused of paying at least $700 to various different websites to attack a series of websites. The feds claim Gammell attacked the website of the “Washburne Group,” Gammell’s former employer in Minnesota; “dmDickason,” an El Paso temporary staffing company; and “Kit Pack Co,” a Las Cruces contractor. Federal investigators believe Gammell also paid for attacks, or attempted attacks on the websites for Wells Fargo Bank, JP Morgan Chase Bank, the state of Minnesota court system, and Dakota County Technical College among others.
Investigators claim Gammell even sent emails to one company he’s accused of targeting asking how things were going and if they needed IT help.
To Crandall, the case stands out for how easy the alleged attacks were launched.
“The number of people that have access to that market to do those kinds of things has grown substantially,” said Crandall.
If convicted on all charges, Gammell could face between 15 and 17 years in federal prison. He has pleaded not guilty.