http://www.canada.com/components/printstory/printstory.asp?id={798707C2-6240-43A1-9698-ED6E6B1F146C} Gary Dimmock The Ottawa Citizen Sunday, January 20, 2002 The key informant who led to the capture of a prominent U.S. hacker wanted for breaching military and government computers across the continent was a 15-year-old Halifax boy who agreed to go undercover on Internet chat lines to ensnare his cyber outlaw friends that had long eluded authorities. The boy, whose identity is shielded by law, is a former member of hV2K (high voltage 2000), a hacker group that breached a Department of National Defence computer system within 10 minutes in November 1999. Inexperienced and easy to track, the boy quickly agreed to turn evidence against the group's leader, Russell Sanford, when the Mounties came calling in February 2000 -- almost three months after hV2K hacked some 60 military and government computers. In exchange for his evidence, the boy was spared prosecution. The boy was tracked by U.S. authorities after the hacker group breached several state-owned computers in Texas. A specialized computer-intrusion team in Texas enlisted the Mounties to raid the boy's home, seize his computer and question him about the group's mysterious, hard-to-trace leader. In a taped interview with the RCMP, the boy told them everything, then suggested he spy on his hacker associates to help build evidence against them. "What I can do is like go on the Internet and get those guys ... I'm not going to tell them anything. I'd seriously bring down a lot of pretty big people that are doing the whole e-commerce hacks," the boy told an RCMP officer. "I could get you so much information." The RCMP officer then thanked the boy and said, "Anything that you can help me out with, I'm still learning myself." In the interview, conducted without a defence lawyer or his parents, the boy was also questioned by military police. The boy detailed how the hackers penetrated a top-security Department of National Defence computer system. It is not known if the boy went on to inform on any other hacker associates. At the time, the leader of his hacker group, Russell Sanford, kept in close contact with notorious associates, including "Mafiaboy," the 17-year-old Montrealer sentenced last year for jamming five major Internet sites. Mr. Sanford also created exploit programs for Global Hell, the hacker group that successfully attacked sites run by the White House. Months after the boy turned evidence, his one-time hacker friend, then 17, was the subject of a joint Canada-U.S. investigation. Investigators were granted a special "no-knock" warrant for his arrest because they feared his "specialized knowledge" allowed him to destroy electronic evidence on even a second's warning. In April 2000, U.S. law-enforcement agencies raided Mr. Sanford's home in Irving, Texas, a Dallas suburb, seizing his computers and rousing him from sleep to question him. He was arrested on charges of breaching computers owned by a Wisconsin publishing company and five government agencies, including the U.S. Postal Service, the Texas State Auditor's Office and Canada's Department of National Defence. Months later, Mr. Sanford was spared jail time and sentenced to five years' probation on condition he keep the peace, stay offline, submit to random polygraph tests and pay $45,000 U.S. in restitution -- the value prosecutors said he caused in damage, although none of the sites he hacked ever denied service to the public. In January 2001, he was caught selling LSD, a violation of his probation. His probation was revoked and he was sentenced to two years in Hutchins State Jail. Mr. Sanford told the Citizen how easy it was to hack into one of Canada's National Defence computer networks. "I still believe that in the end, when the public begins to realize how unsecure governments really are, that all my crimes will have been worthwhile." And he has no hard feelings for his former hacker friend who turned him in. "At first I was really angry. Now I'm not. I'd actually like to talk to him some day," said Mr. Sanford, now 19. - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Mon Jan 21 2002 - 03:49:57 PST