After being arrested in his Cambodian apartment in September 2012 it took two years before Gottfrid Svartholm went on trial in Denmark.
The Swede and his 21-year-old co-defendant stood accused of hacking computer mainframes operated by US IT giant CSC. It developed into the largest case of its kind ever seen in the Scandinavian country.
The case broadly took shape along two lines. The prosecution insisted that Gottfrid and his Danish accomplice, both experts in computer security, had launched hacker attacks against CSC back in April 2012 and maintained access to those systems until August that same year.
The defense claimed it was a case of mistaken identity and that others had carried out the crimes, remotely accessing Gottfrid’s computer after comprising its security.
Evidence was produced by the prosecution which showed discussion taking place between hackers with the names “Advanced Persistent Terrorist Threat” and “My Evil Twin”. The topic in hand was the security and setup of CSC’s databases and systems. These people were Gottfrid and his IT consultant co-defendant, the prosecution said.
From the beginning, Gottfrid’s position was that his computer, from where the attacks had taken place, had been compromised. This version of events was supported by respected security expert Jacob Appelbaum who gave evidence for the defense not only in this case, but also in Gottfrid’s Swedish trial, a case in which he was partly acquitted.
Speaking with Denmark’s TV2 earlier today, Gottfrid’s lawyer Luise Høj said that her client should be found not guilty since it had been established that third parties had carried out the crimes.
“My recommendation has always been that the investigation has focused on finding clues that point to my client, even though the tracks have also pointed in another direction,” Høj said.
“I have recommended that the court dismiss the case based on the remote access argument. It is clear that my client’s computer has been the subject of remote control, and therefore he is not responsible.”
But it wasn’t to be. This morning the Court of Frederiksberg found both Gottfrid and his accomplice guilty of hacking-related offenses concerning CSC. Confidential information including police drivers’ license records, social security information plus criminal records were accessed unlawfully during 2012.
Dismissing the remote control defense, Judge Ulla Otken said the hacking of CSC had been both “systematic and comprehensive.”
All three judges and four of six jurors returned guilty verdicts. Two jurors voted to acquit after concluding that the remote access defense could not be ruled out.
Following his extradition from Sweden, Gottfrid has spent 11 months behind bars in Denmark. His Danish accomplice, who refused to give evidence to the police and maintained silence right up until his trial in September, has spent 17 months in jail.
Update: Gottfrid was sentenced to 3.5 years in prison but has already filed an appeal. Minus the time served he is likely to be released August 2015. His accomplice was sentenced to six months but walked free having already served the time in pre-trial custody.