Forwarded From: Erik Parker <netmaskat_private> http://www.montrealgazette.com/PAGES/990130/2229372.html Web of disruption Hacker, 16, suspected of wide campaign Paul Cherry, the Gazette RCMP investigators sifting through data in a computer seized from a brash 16-year-old Montreal-area hacker say they are finding trails of cybermischief that run through Ottawa, Massachusetts and as far away as Norway. The boy was online at home when the RCMP came knocking this week. He appears to have attempted to hack into important computer systems in different parts of the world, an investigator close to the case said. The boy is suspected of trying to hack into the NASA computer network and an RCMP Web site. Companies in Norway are also interested in the 16-year-old's activities, police say. A person who identified himself as the hacker called The Gazette last night. Asked several questions about details of the case that had not yet been reported anywhere, he correctly answered all of them. He said he wanted to be interviewed so he could say he is a successful hacker who has penetrated sensitive U.S. university and government sites. Cautioned that what he said might incriminate him, he answered: "I don't care. I've told (the RCMP) already," and added: "I'll be a hacker forever." He described himself as a bored teenager who left high school months ago and spends most of his time hacking into computers and sharing details, through computer chat rooms, of his exploits with a group of friends who call themselves Segfault. He started hacking about six months ago and has already penetrated a U.S. army computer network, he said. "At the beginning I was, like, excited. At the end it was, like, lame because it was so easy. Like, it was so sad. Our whole team, we hack to get better and better stuff." Asked whether he fears a prison term, he said that if he "went to jail over this" his team of hackers would disable "Montreal in one second." While he didn't complain about the RCMP raid on his "box," he said he couldn't understand why they took away a book on computer coding that he had bought for himself at Christmas. The RCMP investigators handling the case are treating it seriously. "We executed a search warrant on Wednesday, and when we entered the house he was online and quite busy," said Sgt. Jacques Desilets, who is heading the investigation. No charges have been laid yet, but investigators say they have found the 16-year-old's recent computer activity stretches beyond causing the slowdown of a Nova Scotia Internet-service company, the incident that led police to him. "We're getting requests right, left and centre on this,'' Desilets said. "This kid was extremely busy. He was all over the place in the States, Canada and Europe. Netmask rules. At this point in time we're still trying to figure out the extent of his activities. We don't know the extent of the damage he has caused." The technology division of the RCMP commercial-crime unit in Montreal is composed of four officers and is expected to double in size within a year. Desilets said the 16-year-old is one of the top hackers ever uncovered by authorities in Quebec. "He has frozen up services for five hours at a company in Norway where people couldn't use (the Internet). Our investigators have been in touch with the authorities in Norway, and they are quite interested in seeing us lay charges against this fellow here." An investigator who was going through the computer's data logs said that if anyone guarding a computer Internet network warned the hacker to leave the electronic premises, he would quickly launch an attack on its servers, sending them a blitz of confusing electronic data that caused shutdowns. "I remember that," the young caller said last night, launching into computer lingo. "I shut it down for five hours because the (administrator) was E-mailing all my shells. É So I just killed him for five hours." The RCMP investigation of the boy began in Montreal around Christmas after the division learned of complaints out of Toronto that a hacker was wreaking havoc with systems in Ontario. As that investigation progressed, the RCMP in Halifax were called by an Internet company there. The company's computers were being assaulted electronically during the first three weeks of January by what is referred to in hacker circles as a "smurf attack." The hacker sends unreadable electronic data to a computer site, paralyzing the network servers and blocking service to customers. In the case of the Nova Scotia company, thousands of customers were affected. "While it didn't bring the system crashing down, it slowed the system enough that the company was receiving many complaints," said Sgt. Al Langille of the Nova Scotia RCMP's commercial-crimes unit. The sergeant himself was a customer of the Internet company and had problems receiving E-mail before the investigation started. Through computer logs, the Nova Scotia RCMP tracked the hacker through a series of computer networks, including one at the Massachusetts Institute of Technology in Cambridge, Mass., to a server in Montreal. University computer systems are often used by hackers as a way to disguise their route to an intended victim, Langille said. They are selected because many users are logged on at one time, so hacker activity is hard to detect. The search also brought investigators to World Wide Web sites and the Internet Relay Chat network, where they eventually found two people bragging online about how they had invaded the Halifax Internet company. The RCMP unit in Halifax contacted its Montreal counterpart and told it the hacker had been traced to a local computer service. The Montreal unit found out whose account it was. "They had an investigation going on at the same time, and we came to realize it was the same person during a phone call," Langille said. The Nova Scotia division was looking for a second hacker in that province, but said it didn't expect to make an arrest yesterday. Langille said he couldn't reveal whether the two hackers are believed to have worked together. The RCMP aren't sure when the 16-year-old questioned here will be charged. The computer seized at his home is being thoroughly examined. The boy was detained in his parents' house Wednesday night as the RCMP investigators questioned him. He was not in custody, but could face up to 10 years in jail. "We have a lot of work to do in the investigation before we know exactly what he will be charged with and when,'' Desilets said. "But with what we have in front of us at this point in time, in all likelihood he will be charged. "We have numerous organizations and people to contact to complete the investigation. I can see it stretching for weeks maybe." -o- Subscribe: mail majordomoat_private with "subscribe isn". Today's ISN Sponsor: Internet Security Institute [www.isi-sec.com]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:17:57 PDT