Closed Door Security responds to TfL cyber attack guilty plea

Closed Door Security William Wright

It has been reported that two men have pleaded guilty to offences in connection with a massive cyber attack which caused Transport for London (TfL) months of disruption and cost the operator £39m. Here, William Wright, CEO of Closed Door Security, offers his thoughts on the situation.

Thalha Jubair, 20, from east London and Owen Flowers, 18, from Walsall in the West Midlands changed their pleas on what was expected to be the first day of a six-week trial at Woolwich Crown Court on Monday. The pair admitted to charges of conspiring to commit unauthorised acts against TfL under the Computer Misuse Act.

TfL previously said the hack disrupted services for three months when it began on 31 August 2024. The BBC was told the breach affected 10m customers. The hack disrupted in-station services like information boards, and online services such as TfL’s refunds portal and Oyster photocard application systems.

Scattered Spider, the group the men were members of, has been linked to other cyberattacks on Jaguar Land Rover and retailers like Marks and Spencer.

Two men plead guilty over £39m TfL cyber attack – BBC

William Wright comments: “This case highlights that attackers leave evidence of their crimes, and sometimes the odds are so against them that they have absolutely no way of escaping their guilt.

This court case has been going on for months and for the perpetrators to change to a guilty plea at such a late date highlights that they knew the jury was going to reach its own guilty verdict.

This should act as a warning to other attackers.

Cybercrime is often seen as an untraceable crime that is executed in an invisible domain. However, while that historically was somewhat true, today law enforcement is significantly boosting their efforts to track and identify attackers.

Forensics can take longer to conduct than in physical attacks, but law enforcement won’t let attackers escape because of the length of time it takes to identify them.

This should act as a warning to the unprosecuted threat actors behind other major attacks. 

The crimes past threat actors commit may seem distant, but this doesn’t mean law enforcement has stopped looking.”

For more cybersecurity news, click here

Share this

Related News

cybaverse

CybaVerse: 87% of security professionals believe Mythos will increase cyber risk

CybaVerse, a UK based cyber security company that abolishes…

News

ciso

Malware targeting WordPress abuses Steam community profiles for command & control operations

GoDaddy researchers have reported malware infecting almost 2000 WordPress…

News

cybaverse

CybaVerse responds to VPN shutdown

Michael Jepson, Head of Penetration Testing at CybaVerse responds…

News

Scroll to Top