Hector Xavier Monsegur, also known by the hacker alias "Sabu," helped federal authorities prevent or mitigate more than 300 cyber-attacks that were being planned or carried out by others. So when it came time to sentence him for his role in the attacks, Monsegur, a former leader of the sophisticated group of hackers known as LulzSec, was sentenced to time served - seven months in prison - plus one year of supervised release.

In aiding the government in its investigations, Monsegur sometimes worked around the clock and engaged co-conspirators in online chats that were critical to confirming their identities and whereabouts, prosecutors say.

Monsegur's cooperation enabled the government to prevent or mitigate attacks on the computer servers of U.S. and foreign governments, international intergovernmental organizations and private corporations, according to prosecutors. The victims included the U.S. Armed Forces, the U.S. Congress, NASA, Visa, MasterCard, PayPal, Fox Broadcasting and Sony Pictures Entertainment.

The former Lulzsec leader also provided authorities with information on vulnerabilities in certain critical infrastructure, including at a U.S. water utility, that enabled law enforcement to secure that infrastructure, prosecutors say.

Monsegur pleaded guilty in August 2011 to multiple charges, according to the U.S. Attorney's Office for the Southern District of New York. As part of his agreement with the government, Monsegur helped federal investigators to identify, locate and arrest eight of his co-conspirators, authorities say (see: LulzSec Leader Strikes Deal with Feds).

U.S. District Judge Loretta A. Preska, who imposed the sentence on Monsegur on May 27, said, "The fact that Monsegur immediately chose to cooperate and went back online ... allowed the extraordinary cooperation."

Kimberly Peretti, an attorney at Alston & Bird who helped put fraudster Albert Gonzalez behind bars, says the case is "one of a kind." She adds: "Don't expect to see this recurring frequently on an ongoing basis. But it does highlight how effective it can be for someone to provide insight into [cybercrime]."

Hacking Background

Monsegur was a member of the hacktivist groups Anonymous and two of its splinter groups, Internet Feds and LulzSec.

Along with other members of Anonymous, Monsegur took responsibility for a number of cyber-attacks between December 2010 and June 2011, including distributed-denial-of-service attacks against the websites of Visa, MasterCard and PayPal, as retaliation for the refusal of these companies to process donations to WikiLeaks, as well as hacks or DDoS attacks on foreign government computer systems, authorities say.

As a member of the hacking collective Internet Feds, he participated in various cyber-attacks that involved online destruction, intimidation and criminality, authorities say. Members of Internet Feds engaged in a series of cyber-attacks that included breaking into computer systems, stealing confidential information, publicly disclosing stolen confidential information, hijacking victims' e-mail and Twitter accounts and defacing victims' Internet websites.

For instance, Monsegur and other Internet Feds members conspired to hack: the website of Fine Gael, a political party in Ireland; computer systems used by security firms HBGary Inc., and its affiliate HBGary Federal, LLC, which involved the theft of confidential data on 80,000 user accounts; and computer systems used by Fox Broadcasting Co., from which Internet Feds stole confidential data relating to more than 70,000 potential contestants on "X-Factor," a Fox television show.

In May 2011, Monsegur, along with others, formed the group LulzSec. The group took part in cyber-assaults on the websites and computer systems of business and government entities in the U.S. and throughout the world, authorities say. In one incident, LulzSec hacked Sony Pictures Entertainment and stole confidential data concerning approximately 100,000 users of Sony's website (see: Sony Pictures Hacker Pleads Guilty).

Cooperation with Law Enforcement