US cracks case of hacker who broke into military networks

[InfoSec News <isn () c4i org>]

http://www.katu.com/news/story.asp?ID=52023

By TED BRIDIS
Associated Press Writer
November 11, 2002 

WASHINGTON - Federal authorities have cracked the case of an
international hacker who broke into roughly 100 unclassified U.S.  
military networks over the past year, officials said Monday.

Officials declined to identify the hacker, a British citizen, but said
he could be indicted as early as Tuesday in federal courts in northern
Virginia and New Jersey. Those U.S. court jurisdictions include the
Pentagon in Virginia and Picatiny Arsenal in New Jersey, one of the
Army's premier research facilities.

The officials declined Monday to say whether this person was already
in custody, but one familiar with the investigation, who spoke only on
condition of anonymity, said investigators consider the break-ins the
work of a professional rather than a recreational hacker.

Authorities planned to announce details of the investigation Tuesday
afternoon.

Officials said U.S. authorities were weighing whether to seek the
hacker's extradition from England, a move that would be exceedingly
rare among international computer crime investigations.

Officials said this hacker case has been a priority among Army and
Navy investigators for at least one year. One person familiar with the
investigation said the hacker broke into roughly 100 U.S. military
networks, none of them classified. Another person said the indictments
were being drafted to reflect break-ins to a "large number" of
military networks.

In England, officials from the Crown Prosecution Service, Scotland
Yard and the Home Office declined comment Monday.

A civilian Internet security expert, Chris Wysopal, said that a
less-skilled, recreational hacker might be able to break into a single
military network, but it would be unlikely that same person could
mount attacks against dozens of separate networks.

"Whenever it's a multistage attack, it's definitely a more
sophisticated attacker," said Chris Wysopal, a founding member of
AtStake Inc., a security firm in Cambridge, Mass. "That's a huge
investigation."

The cyber-security of U.S. military networks is considered fair,
compared to other parts of government and many private companies and
organizations. But until heightened security concerns after the Sept.  
11 attacks, the Defense Department operated thousands of publicly
accessible Web sites. Each represented possible entry-points from the
Internet into military systems unless they were kept secured and
monitored regularly.

It would be very unusual for U.S. officials to seek extradition. In
previous major cyber-crimes, such as the release of the "Love Bug"  
virus in May 2000 by a Filipino computer student and attacks in
February 2000 by a Canadian youth against major American e-commerce
Web sites, U.S. authorities have waived interest in extraditing hacker
suspects to stand trial here.

Once, the FBI tricked two Russian computer experts, Vasily Gorshkov
and Alexey Ivanov, into traveling to the United States so they could
be arrested rather than extradited. The Russians were indicted in
April 2001 on charges they hacked into dozens of U.S. banks and
e-commerce sites, and then demanding money for not publicizing the
break-ins.

FBI agents, posing as potential customers from a mock company called
Invita Computer Security, lured the Russians to Seattle and asked the
pair for a hacking demonstration, then arrested them. Gorshkov was
sentenced to three years in prison; Ivanov has pleaded guilty but
hasn't been sentenced.

But the Bush administration has toughened anti-hacking laws since
Sept. 11 and increasingly lobbied foreign governments to cooperate in
international computer-crime investigations. The United States and
England were among 26 nations that last year signed the Council of
Europe Convention on Cybercrime, an international treaty that provides
for hacker extraditions even among countries without other formal
extradition agreements.

There have been other, high-profile hacker intrusions into U.S.  
military systems.

In one long-running operation, the subject of a U.S. spy
investigations dubbed "Storm Cloud" and "Moonlight Maze," hackers
traced back to Russia were found to have been quietly downloading
millions of pages of sensitive data, including one colonel's e-mail
inbox. During three years, most recently in April 2001, government
computer operators watched as reams of electronic documents flowed
from Defense Department computers, among others.

In 1994, two young hackers known as "Kuji" and "Datastream Cowboy"  
were arrested in England on charges they broke into the U.S. Air
Force's Rome Laboratory. They planted eavesdropping software that
allowed them to monitor e-mails and other sensitive information.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.