[ISN] 'Stung' Russian Hacker Guilty

From: InfoSec News (isnat_private)
Date: Thu Oct 18 2001 - 00:41:28 PDT

  • Next message: InfoSec News: "[ISN] Security UPDATE, October 17, 2001"

    By Michelle Delio 
    7:31 a.m. Oct. 17, 2001 PDT  
    Russian computer cracker Vasily Gorshkov was found guilty Tuesday of
    20 charges of conspiracy, computer crimes and fraud, according to
    court papers filed by the Washington state district prosecutor.
    Gorshkov was arrested in April in an FBI sting operation that provoked
    some protests. Agents used a digital wiretap to gather details about
    Gorshkov's computer, and then hacked into the machine to gather some
    of the evidence that was used to prosecute him.
    Kenneth E. Kanev, Gorshkov's lawyer, protested the agents' actions,
    but last May, U.S. District Judge John C. Coughenour of Seattle
    rejected the motions for dismissal. He said that Gorshkov and his
    alleged partner, Alexey Ivanov, knew enough about computers to
    understand that networked systems often record user information, and
    therefore they should have had "no expectation of privacy."
    "This case set a number of important precedents in the area of
    cyberlaw," said California criminal attorney Thomas Manning.
    "Expectation of privacy is a crucial standard to meet when people's
    activities are being monitored. It ties into Fourth Amendment rights
    protecting against unreasonable search and seizure. But if there is no
    expectation of privacy on a public network, that really changes how
    agents can gather information."
    Manning also said that precedents set in this case open the door to
    agents to "hack back" to gather evidence against criminal hackers.
    According to an official from the Washington state district
    prosecutor's office, the maximum sentence Gorshkov could receive for
    each count is five years.
    New York criminal lawyer Ed Hayes doubts that Gorshkov will spend a
    century in jail. "If I was him, though, I'd be preparing to spend at
    least five or six years behind bars, perhaps less with time off if he
    Gorshkov will be sentenced on Jan. 4, 2002.
    Gorshkov, 26, along with Ivanov, 20 -- currently in custody in New
    Jersey awaiting trial -- allegedly cracked hundreds of computer
    systems, stole sensitive client and financial information, and then
    attempted to blackmail the companies whose systems had been
    penetrated, requesting payment for the safe return of the data.
    Several of the companies approached by the pair contacted the FBI, who
    responded by creating a computer security firm, named "Invita,"
    complete with office, employees and a decoy computer network. They
    contacted Ivanov and offered him a job if he could crack the Invita
    Ivanov hacked into Invita, and was told he would be hired. He showed
    up in Seattle in November 2000 for the interview with Gorshkov, and
    both demonstrated their cracking abilities for the undercover agents.
    But the agents had installed a sort of electronic wiretap on the
    computers that the two used during their demonstration. The program
    recorded the passwords Gorshkov used on computer systems in Russia and
    his Internet accounts. The agents were able to use this information to
    hack into the machines Gorshkov used and gather 260 gigabytes of
    evidence pointing to the pair's criminal activities.
    During the trial, Kanev challenged the FBI's right to use evidence
    gathered in what he claimed was illegal entry into a computer system,
    and unauthorized wiretapping.
    Kanev contended that the tactics used by the agents to gather evidence
    were illegal in Russia, but the judge ruled against Gorshkov since
    companies outside of Russia were affected by his activities.
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Thu Oct 18 2001 - 02:58:19 PDT