[ISN] Firing (and Hiring) Hackers

From: InfoSec News (isnat_private)
Date: Wed Oct 03 2001 - 00:22:22 PDT

  • Next message: InfoSec News: "[ISN] Revamped anti-terrorism bill hits House"

    By Jack Karp
    October 2, 2001 
    In March of 1999, Chris Wiest was dishonorably discharged from the
    United States Air Force Academy after being convicted by a military
    court of "illegally accessing a computer system and causing damage."
    Wiest's court-martial and discharge stemmed from the fact that Wiest
    had been using his Air Force computer to access Internet Relay Chat
    (IRC), an application that allows multiple users to chat interactively
    with one another through a single server. But because of security
    concerns, the Air Force Academy had prohibited the use of IRC among
    its cadets.
    Wiest admits he chose to do it anyway.
    "I made a decision that, yes, I'll do this and I'll accept the risks
    that go with it and, if I get caught, I am quite sure that I will be
    out on the tour pad marching some tours and paying the consequences
    for the choice of my actions," Wiest told "CyberCrime."
    But Wiest didn't end up marching tours. He ended up out of the Air
    Force, largely because the IRC program he was using had been set up
    illegally on a North Carolina Internet company's hacked servers. Wiest
    insists that he was not the one who set up the program and that
    someone else had simply given him the passwords. Despite the fact that
    the Air Force could find no evidence that Wiest had hacked the servers
    and that the Air Force's own investigators agreed that Wiest probably
    was not the hacker, Wiest was still dismissed from the service.
    Representatives from the Air Force Academy won't say exactly why Wiest
    was discharged, citing the pending legal case. But Drew Fahey, a
    former officer with the Air Force's Office of Special Investigations
    who investigated Wiest on the hacking charges, stands by the decision.
    "To be an officer in the Air Force requires utmost integrity and then
    honesty," Fahey said. "And he just did not portray that to me
    Hackers for hire?
    But that's not the tack US military and government personnel have been
    taking at recent hacking conventions such as Def Con, where "Meet the
    Fed" events have become regular recruiting sessions.
    "I think the objective of us coming and having a 'Meet the Fed' panel
    is to give folks who haven't crossed the line yet a positive
    alternative," Jim Christy, of the Office of the Assistant Secretary of
    Defense for Command, Control, Communications, and Intelligence, said
    at Def Con 9, held in Las Vegas this past July. "There's a whole lot
    of talent, but the talent can be misused, and the government and
    private sector can all use the talent."
    In recent years, representatives of the Air Force, the Department of
    Defense, and the Federal Computer Incident Response Team have all made
    their way to Def Con and other hacker gatherings in an attempt to turn
    hackers into recruits. At last year's Def Con 8, then-Assistant
    Secretary of Defense Arthur Money told attendees, "If you are
    extremely talented, and you are wondering what you'd like to do for
    the rest of your life, join us and help us educate our people."
    Money confessed to the assembled hackers that the Department of
    Defense (DOD) had been victimized 22,124 times by hackers in 1999,
    costing the department $25 billion. The large amount of damage was a
    result, according to government representatives, of the government's
    inability to recruit qualified technical staff.
    Money talks
    One of the biggest reasons the government has had difficulty hiring
    qualified technical workers is financial, Money admitted while
    speaking at Def Con 8. The financial rewards of working for the
    government are not as high as of working for a high tech security
    firm. But Dick Schaefer, director of infrastructure and information
    assurance for the DOD, was quick to add that "we have got some of the
    most sophisticated toys in the world. If you would like to get access
    to those toys and become part of a very elite team, we would like to
    talk to you."
    The government is backing up its recruiting attempts with money. A
    recent scholarship program sponsored by the National Science
    Foundation will award $8.6 million to 200 students studying computers
    at schools such as Carnegie Mellon, Purdue, Iowa State, and even the
    Naval Postgraduate School in exchange for those students agreeing to
    work as computer security professionals for the government after
    And, not satisfied with its recruiting efforts at home, the US
    government is looking abroad for hacking help as well. In April, "The
    Moscow Times" confirmed reports that US diplomats had tried to hire a
    Moscow hacker to break into Russia's Federal Security Service's
    network. The 20-year-old hacker, identified as "Vers," said he was
    asked to copy, alter, and delete files in exchange for $10,000. Vers
    instead went to the Russian government and told officials about the
    diplomats' offer.
    So why is the government suddenly being so aggressive in recruiting
    hackers? To find out, read part two of our story.
    Allies Out of Adversaries
    It makes sense that the government is now looking to create allies out
    of the hackers it has sometimes seen as adversaries. In the last few
    years, government and military websites have become the target of an
    embarrassingly high number of successful hacks.
    In 1998, two teenage boys from Cloverdale, California, were caught
    breaking into Pentagon and DOD computers. In 1999, a 19-year-old from
    Green Bay, Wisconsin, was arrested and charged with hacking into the
    Army's computer system, and another 19-year-old from Shoreline,
    Washington, was sentenced to 15 months in prison after pleading guilty
    to hacking the websites of NATO, the US Information Agency, and
    then-Vice President Al Gore. A group calling itself Masterz of
    Downloading took down both the FBI's and Senate's homepages that same
    year. And, according to attrition.org, a website that once documented
    and archived high-profile hacks, government sites successfully
    attacked so far in 2001 include those of the Federal Highway
    Administration, the Department of Health and Human Services, the
    Federal Law Enforcement Training Center, and the US Navy Fleet &
    Family Support Center.
    But teen-age hackers are the least of the government's concerns. It's
    international terrorists and foreign nations that really have
    government computer personnel worried, according to Air Force
    Lieutenant General Michael Hayden, who heads the National Security
    Agency. Last year, while speaking at a computer security conference in
    Baltimore, Hayden announced that cyberspace would become the next
    major military battlefield.
    And there have already been several "battles" illustrating his point.
    In 1999, Army General Henry Shelton, chairman of the Joint Chiefs of
    Staff, disclosed to reporters from the Reuters news service that the
    United States had tried to mount electronic attacks on Serbian
    computer networks during the NATO air campaign over the province of
    Kosovo. In 2000, as tensions and violence were on the rise in the
    Middle East, civilian hackers on both the Israeli and Palestinian
    sides of the conflict began defacing government and commercial
    websites, including websites belonging to US companies and nonprofit
    organizations with ties to Israel. And after a US spy plane collided
    with a Chinese fighter jet this past April, several US-based websites
    were allegedly hacked by Chinese hackers.
    "I would rather have my attention focused on what rogue states are
    doing to us than being harassed seven times a day figuring out what
    some guy is doing to us," Money said about trying to recruit hackers
    to help the government ward off such threats.
    Keeping recruits in check
    But the government may have a harder time than it expects keeping the
    hackers it recruits in check. Just this past May, an Air Force airman
    was arrested in Korea for hacking into approximately 50 Korean
    websites. The 24-year-old airman first class, who was stationed at
    Osan Air Base, was caught by Korea's National Police Agency Cyber
    Terror Response Center while hacking at his girlfriend's home in the
    Gyeonggi Province of Korea.
    And last year, the CIA admitted that it was investigating 160
    employees who had allegedly created and participated in a secret chat
    room they had hidden deep inside the bowels of the CIA's computers.
    The chat room, which was built by the agency's own computer personnel,
    existed for between five and 10 years before being discovered. Four
    CIA employees and nine CIA contractors were disciplined for the
    security breach and had their security clearances revoked, making them
    unemployable by the CIA. Another 18 employees received letters of
    reprimand, and many of them were suspended without pay for periods
    ranging from five to 45 days.
    Former Air Force Academy cadet Chris Wiest received a far more drastic
    punishment than a 45-day suspension, however, when he was charged with
    hacking into a company's servers to set up an unauthorized IRC chat
    room. Wiest, who still denies the allegations, was convicted of the
    lesser charge of "illegally accessing a computer system and causing
    damage" and discharged from the Air Force. His conviction, if not
    overturned on appeal, may bar him from ever becoming a lawyer, a goal
    he has been pursuing since his discharge.
    "I think an objective, reasonable person will conclude there's been an
    injustice," said Frank Spinner, Wiest's defense attorney. "This is a
    case about ineptitude on the part of the Air Force in trying to figure
    out what computer hacking is."
    Wiest is currently appealing his conviction. But whether he wins or
    loses, the government will have to learn a lot more about hacking if
    it intends to continue to recruit hackers into its ranks. For now,
    Chris Wiest is a casualty of that learning process.
    "I remember being terrified, absolutely terrified," Wiest said about
    his trial and discharge. "And especially, you know, this is all I was
    doing. I was chatting. The rest of this is ridiculous."
    This article is based on original reporting by "CyberCrime" segment
    producer Scott Pearson.
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Wed Oct 03 2001 - 02:19:23 PDT