- The Washington Times - Wednesday, September 7, 2016

A Florida man will serve 20 days in jail for computer hacking after he exploited a security flaw on the Lee County Elections Office website as “a silly political stunt” for a local candidate.

David Michael Levin of Estero, Fla. pleaded guilty in a Fort Myers courtroom Tuesday to a single misdemeanor count in connection with hacking the Lee County elections website. He’ll serve 20 days in jail followed by two years of probation, a local CBS affiliate reported.

Levin, 31, was initially charged with three counts of felony hacking related to intrusions suffered by the Lee County website as well as the state’s Division of Election upon being arrested in May.

Authorities began investigating Levin after he explained how he breached the Lee County website in a YouTube video uploaded in late January by Dan Sinclair, a candidate at the time in the local election’s supervisor race. In one of the clips, Levin showed how he used a technique known as a SQL injection to gain access to a database containing log-in credentials for the elections website, then used those details to sign-on to the site as incumbent Sharon Harrington.

Levin outlined the hack in a Jan. 27 report that was issued by his company, Vanguard Cybersecurity, and emailed to an elections official by Mr. Sinclair. The email was then forwarded to the Florida Department of Law Enforcement, who in turn interviewed Levin at his house in early February. Authorities confiscated his computer and iPhone while executing a search warrant a few days later and eventually filed the felony hacking charges after securing digital proof of the intrusions against both websites in addition to Levin’s admission.



In the plea deal entered Tuesday, Levin took responsibility for his actions and formally apologized to Ms. Harrington.

“When I found information that could be used to damage you and your office, I presented it to Dan Sinclair, who I had worked with,” Levin admitted. “I then took part in a publicity stunt to advance Mr. Sinclair’s campaign.”

“I’m sorry about what I did, your Honor. It was a silly political stunt,” Levin said in court, according to the CBS affiliate. “I didn’t think I was going to get in and I did. I’ve never done anything like it before and I’m not going to do anything like it again.”

Christopher Crowley, a defense lawyer for Levin, stood by his client’s conduct while speaking to a local NBC affiliate following Tuesday’s hearing.

“After [Levin] did it, he reported it to the agencies themselves and actually did a report to show them how vulnerable it was,” the attorney said. “So yes, he did commit a crime, but he also did a service to the agencies he hacked into.”

Levin will serve his jail sentence during the weekends so he can attend law school during the week, the CBS affiliate reported.

Investigators previously determined that Mr. Sinclair played no part in orchestrating the hack and declined to charge him in the matter. The election’s supervisor hopeful ultimately lost his bid for office after garnering only 10 percent of the vote during the state’s primary last month.

Ms. Harrington told NBC2 that the SQL injection used by Levin allowed him to access an old database that was no longer being used but was still connected to the internet.

“You could be in Siberia and perform the attack I performed on the Lee elections website,” Levin said in one of the YouTube videos. “There’s more sensitive information I could have had access to.”

The FBI last month issued a warning to election officials across the country after offices in Arizona and Illinois were both targeted in recent cyberattacks.

Sign up for Daily Newsletters

Manage Newsletters

Copyright © 2021 The Washington Times, LLC. Click here for reprint permission.

Please read our comment policy before commenting.

 

Click to Read More and View Comments

Click to Hide