Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » US cracks case of British hacker who broke into military networks

US cracks case of British hacker who broke into military networks

by Nikola Strahija on November 12th, 2002 US federal authorities cracked the case of an international hacker who broke into roughly 100 unclassified US military networks over the past year, officials. Officials declined to identify the hacker, a British citizen, but said he could be indicted as early as Tuesday in federal courts in northern Virginia and New Jersey.


Those US court jurisdictions include the Pentagon in Virginia and Picatiny Arsenal in New Jersey, one of the Army's premier research facilities.

The officials declined to say whether this person was already in custody, but one source familiar with the investigation, who spoke only on condition of anonymity, said investigators consider the break-ins the work of a professional rather than a recreational hacker.

Authorities planned to announce details of the investigation Tuesday afternoon.

Officials said US authorities were weighing whether to seek the hacker's extradition from England, a move that would be exceedingly rare among international computer crime investigations. Officials said this hacker case has been a priority among Army and Navy investigators for at least one year. One person familiar with the investigation said the hacker broke into roughly 100 U.S. military networks, none of them classified. Another person said the indictments were being drafted to reflect break-ins to a "large number" of military networks.

In England, officials from the Crown Prosecution Service, Scotland Yard and the Home Office declined comment Monday. A civilian Internet security expert, Chris Wysopal, said that a less-skilled, recreational hacker might be able to break into a single military network, but it would be unlikely that same person could mount attacks against dozens of separate networks. "Whenever it's a multistage attack, it's definitely a more sophisticated attacker," said Chris Wysopal, a founding member of AtStake Inc., a security firm in Cambridge, Massachusetts "That's a huge investigation."

The cyber-security of US military networks is considered fair, compared to other parts of government and many private companies and organizations. But until heightened security concerns after the Sept. 11 attacks, the Defense Department operated thousands of publicly accessible Web sites. Each represented possible entry-points from the Internet into military systems unless they were kept secured and monitored regularly.

It would be very unusual for US officials to seek extradition. In previous major cyber-crimes, such as the release of the "Love Bug" virus in May 2000 by a Filipino computer student and attacks in February 2000 by a Canadian youth against major American e-commerce Web sites, US authorities have waived interest in extraditing hacker suspects to stand trial here.

Once, the FBI tricked two Russian computer experts, Vasily Gorshkov and Alexey Ivanov, into traveling to the United States so they could be arrested rather than extradited. The Russians were indicted in April 2001 on charges they hacked into dozens of US banks and e-commerce sites, and then demanding money for not publicizing the break-ins.

FBI agents, posing as potential customers from a mock company called Invita Computer Security, lured the Russians to Seattle and asked the pair for a hacking demonstration, then arrested them. Gorshkov was sentenced to three years in prison; Ivanov has pleaded guilty but hasn't been sentenced.

But the administration of President George W. Bush has toughened anti-hacking laws since Sept. 11 and increasingly lobbied foreign governments to cooperate in international computer-crime investigations.

The United States and England were among 26 nations that last year signed the Council of Europe Convention on Cybercrime, an international treaty that provides for hacker extraditions even among countries without other formal extradition agreements. There have been other, high-profile hacker intrusions into US military systems.

In one long-running operation, the subject of a US spy investigations dubbed "Storm Cloud" and "Moonlight Maze," hackers traced back to Russia were found to have been quietly downloading millions of pages of sensitive data, including one colonel's e-mail inbox. During three years, most recently in April 2001, government computer operators watched as reams of electronic documents flowed from Defense Department computers, among others. In 1994, two young hackers known as "Kuji" and "Datastream Cowboy" were arrested in England on charges they broke into the US Air Force's Rome Laboratory. They planted eavesdropping software that allowed them to monitor e-mails and other sensitive information.

- article available at http://www.hindustantimes.com -


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »