Briton Indicted as Hacker

[InfoSec News <isn () c4i org>]

Forwarded from: William Knowles <wk () c4i org>

http://www.washingtonpost.com/wp-dyn/articles/A45963-2002Nov12.html

By Brooke A. Masters
Washington Post Staff Writer
Wednesday, November 13, 2002; Page A11 

An unemployed British computer system administrator was indicted
yesterday in Alexandria and New Jersey on eight counts of computer
fraud for alleging penetrating about 100 U.S. government computers,
shutting down networks and corrupting data in what U.S. Attorney Paul
J. McNulty called "the biggest hack of military computers ever
detected."

> From February 2001 to March 2002, two federal grand juries alleged,
Gary McKinnon, 36, of London, exploited a known security problem with
Microsoft Windows NT and Windows 2000 to break into 92 computers at
NASA, the Pentagon, and more than a dozen military installations in 14
states.

Using software available on the Internet, he hacked into system
administrator accounts, deleted files and accessed "sensitive"  
information, said McNulty, . U.S. attorney for the Eastern District of
Virginia. The attacks culminated in a February break-in that shut down
2,000 computers at the Military District of Washington for three days,
officials said.

McKinnon has not been arrested, but McNulty said his office is working
with Britain's national high-tech crime unit to extradite him to the
United States. If the British courts agree to send McKinnon here, he
would be the first person to be extradited to face hacking charges,
said John Lynch, senior counsel at the Justice Department's computer
crime unit.

Authorities believe McKinnon, who used the screen name "Solo," acted
alone and was not connected to a terrorist group.

Federal officials said they believe McKinnon was looking for
information rather than simply causing damage, but they said they
believe he was not able to access any of the military's classified
computer systems. The damage and lost productivity caused by his
intrusions cost $900,000, officials said.

The case should send a message to hackers, McNulty said. "You cannot
act anonymously on the Internet," he said. "If you hack us we will
find you. We will prosecute you and we will send you to prison."

McKinnon is charged in Alexandria with seven counts of computer fraud
and in New Jersey with one count of causing intentional damage to a
protected computer for a 2001 break-in that forced the shutdown of the
computer network at Naval Weapons Station Earle in Colts Neck, N.J. If
convicted on all counts, he faces a maximum of 10 years on each one.  
He could not be located for comment.

The case "shows the far reach of computer crime and law enforcement's
commitment to tracking it down," said Ralph J. Marra Jr., first
assistant U.S. attorney for New Jersey.

McKinnon is accused of scanning more than 65,000 computers, seeking
systems where administrators had failed to install a protective patch
to the Windows program that had been publicly available for years.  
Once in, the hacker would exploit weak security -- users who left the
word "password" or their sign-on name as their passwords -- to access
individual accounts. He also installed a commercial software program
called "Remotely Anywhere," that allowed him to tap into the systems
and use the government's more powerful computers to scan other
computers for weaknesses.

"The lesson we learn from this one and every previous one that we just
don't heed is that you've got to be vigilant. You've got to scan for
vulnerabilities and fix them when you find them," said Mark D. Rasch,
senior vice president of Solutionary Inc., an Omaha computer security
firm. "Check to make sure the doors are locked."



*==============================================================*
"Communications without intelligence is noise;  Intelligence
without communications is irrelevant." Gen Alfred. M. Gray, USMC
================================================================
C4I.org - Computer Security, & Intelligence - http://www.c4i.org
*==============================================================*



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.