Stakes are higher for hackers since Sept. 11, experts say

[InfoSec News <isn () c4i org>]

http://www.siliconvalley.com/mld/siliconvalley/3845088.htm

Sun, Aug. 11, 2002

SAN FRANCISCO (Reuters) - In 1997, a teenager who hacked into a Bell
Atlantic network inadvertently crashed the computer, leaving 600
homes, a regional airport and emergency services without phone service
and disabling communications to the air traffic control tower for 6
hours.

The teen pleaded guilty and received a sentence of 2 years probation,
a $5,000 fine and community service. But in the near future, that
scenario could land someone in jail for life if a death were to result
from a plane crash or a delay in reaching medics on the phone.

``That is a realistic scenario,'' said William Reilly, an attorney at
San Francisco-based Cyber Security Law.

U.S. prosecutors and judges are cracking down on cyber crimes more
aggressively than ever, Reilly said. The airplane hijack attacks in
September have been used to justify harsher treatment for computer
crimes in the name of national security, Reilly and others said.

That reality dampened the mood at the 10th annual DefCon hacker
conference held in Las Vegas last weekend, despite diversions that
included ``Hacker Jeopardy'' games, a techno music dance party, cheap
beer and private strippers. The event is the world's largest gathering
of computer anarchists and rogue programmers, who prefer to operate
under aliases.

``The act of hacking itself has a political dimension,'' said Richard
Thieme, an author, former Episcopalian priest and father figure to
many hackers. ``Before Sept. 11, it could not be defined in and of
itself as an act of terrorism.''

While most hackers at the event maintained their instinctual distrust
of authority, some have been quietly offering their skills to the U.S.  
government since the attacks, experts said. ``There is more of an
awareness that we're all in this together,'' said Thieme, who spoke at
the conference. ''They're much more realistic. They've lost their
dream.''

NEW CYBERCRIME LAWS

Of concern to many hackers is the U.S. Patriot Act enacted late last
year and a new bill called the Cyber Security Enhancement Act
overwhelmingly approved by the House of Representatives last month.

The Patriot Act raised the maximum sentence for breaking into a
computer network from 5 years to 10. The Cyber Security Enhancement
Act calls for up to life imprisonment for hackers who recklessly cause
or attempt to cause someone's death.

``What was a misdemeanor pre-Patriot Act could be a felony now with a
five- to 10-year sentence,'' said Simple Nomad, a DefCon speaker who
works for security company BindView Corp. ''That scares a lot of
people.''

As a result, hackers who formerly acted out of boredom or to seek a
challenge are now directing their energy into ''hacktivism,'' the use
of computer hacking for political purposes, he and others said.

For example, there is more research into protecting anonymity on the
Web. Such technologies include ``digital drop boxes'' and
steganography, which is the science of hiding messages in things such
as digital images, Simple Nomad says.

Pursuits of such evasive technologies even further pits hackers
against law enforcers who in the 1990s all but lost the battle to
prevent the widespread availability of strong cryptography, used to
keep messages secret.

The FBI and other agencies have stepped up their monitoring of the
Internet after finding Internet-related information on computers
seized from Al Qaeda, the group blamed by the Bush administration for
the Sept. 11 attacks.

Hackers now ``are more concerned about the political fall-out and that
the government will take away more of their rights,'' hacker Rain
Forest Puppy said.

RENEWED PATRIOTISM

For some, however, the Sept. 11 attacks prompted a renewed sense of
patriotism. For example, Thieme says he knows of several hackers who
are using their skills to aid U.S. intelligence agencies.

``There was a huge surge to do the job,'' he said. ``Suddenly the CIA
and all those (federal) guys weren't the enemy anymore.''

``There have been flares and flashes of patriotism that I think a lot
of hackers hadn't experienced before,'' Simple Nomad said.

At least one U.S. federal official concurs.

``I'm guessing you'll see some of that because the computer
underground tends to be pretty patriotic,'' said Don Cavender, a
supervisory special agent in the FBI's computer training unit.

``In the three months (immediately) post-Sept. 11, I could have
reached out to the underground community and gotten a better response
than before,'' said Cavender, one of the few federal agents at DefCon
who wasn't in stealth mode.
 


-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.