[ISN] How the hacker's luck ran out

From: InfoSec News (isnat_private)
Date: Mon Jan 21 2002 - 00:22:08 PST

  • Next message: InfoSec News: "Re: [ISN] Backing Up Oracle's "Unbreakable" Vow"

    Gary Dimmock  
    The Ottawa Citizen 
    Sunday, January 20, 2002
    The key informant who led to the capture of a prominent U.S. hacker
    wanted for breaching military and government computers across the
    continent was a 15-year-old Halifax boy who agreed to go undercover on
    Internet chat lines to ensnare his cyber outlaw friends that had long
    eluded authorities.
    The boy, whose identity is shielded by law, is a former member of hV2K
    (high voltage 2000), a hacker group that breached a Department of
    National Defence computer system within 10 minutes in November 1999.
    Inexperienced and easy to track, the boy quickly agreed to turn
    evidence against the group's leader, Russell Sanford, when the
    Mounties came calling in February 2000 -- almost three months after
    hV2K hacked some 60 military and government computers.
    In exchange for his evidence, the boy was spared prosecution. The boy
    was tracked by U.S. authorities after the hacker group breached
    several state-owned computers in Texas.
    A specialized computer-intrusion team in Texas enlisted the Mounties
    to raid the boy's home, seize his computer and question him about the
    group's mysterious, hard-to-trace leader.
    In a taped interview with the RCMP, the boy told them everything, then
    suggested he spy on his hacker associates to help build evidence
    against them.
    "What I can do is like go on the Internet and get those guys ... I'm
    not going to tell them anything. I'd seriously bring down a lot of
    pretty big people that are doing the whole e-commerce hacks," the boy
    told an RCMP officer. "I could get you so much information."
    The RCMP officer then thanked the boy and said, "Anything that you can
    help me out with, I'm still learning myself."
    In the interview, conducted without a defence lawyer or his parents,
    the boy was also questioned by military police. The boy detailed how
    the hackers penetrated a top-security Department of National Defence
    computer system.
    It is not known if the boy went on to inform on any other hacker
    At the time, the leader of his hacker group, Russell Sanford, kept in
    close contact with notorious associates, including "Mafiaboy," the
    17-year-old Montrealer sentenced last year for jamming five major
    Internet sites. Mr. Sanford also created exploit programs for Global
    Hell, the hacker group that successfully attacked sites run by the
    White House.
    Months after the boy turned evidence, his one-time hacker friend, then
    17, was the subject of a joint Canada-U.S. investigation.  
    Investigators were granted a special "no-knock" warrant for his arrest
    because they feared his "specialized knowledge" allowed him to destroy
    electronic evidence on even a second's warning.
    In April 2000, U.S. law-enforcement agencies raided Mr. Sanford's home
    in Irving, Texas, a Dallas suburb, seizing his computers and rousing
    him from sleep to question him.
    He was arrested on charges of breaching computers owned by a Wisconsin
    publishing company and five government agencies, including the U.S.  
    Postal Service, the Texas State Auditor's Office and Canada's
    Department of National Defence.
    Months later, Mr. Sanford was spared jail time and sentenced to five
    years' probation on condition he keep the peace, stay offline, submit
    to random polygraph tests and pay $45,000 U.S. in restitution -- the
    value prosecutors said he caused in damage, although none of the sites
    he hacked ever denied service to the public.
    In January 2001, he was caught selling LSD, a violation of his
    probation. His probation was revoked and he was sentenced to two years
    in Hutchins State Jail.
    Mr. Sanford told the Citizen how easy it was to hack into one of
    Canada's National Defence computer networks. "I still believe that in
    the end, when the public begins to realize how unsecure governments
    really are, that all my crimes will have been worthwhile."
    And he has no hard feelings for his former hacker friend who turned
    him in. "At first I was really angry. Now I'm not. I'd actually like
    to talk to him some day," said Mr. Sanford, now 19.
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Mon Jan 21 2002 - 03:49:57 PST