[ISN] US cracks case of hacker who broke into military networks

From: InfoSec News (isnat_private)
Date: Mon Nov 11 2002 - 23:00:46 PST

  • Next message: InfoSec News: "[ISN] Computer Break-Ins: Your Right to Know"

    Associated Press Writer
    November 11, 2002 
    WASHINGTON - Federal authorities have cracked the case of an
    international hacker who broke into roughly 100 unclassified U.S.  
    military networks over the past year, officials said Monday.
    Officials declined to identify the hacker, a British citizen, but said
    he could be indicted as early as Tuesday in federal courts in northern
    Virginia and New Jersey. Those U.S. court jurisdictions include the
    Pentagon in Virginia and Picatiny Arsenal in New Jersey, one of the
    Army's premier research facilities.
    The officials declined Monday to say whether this person was already
    in custody, but one familiar with the investigation, who spoke only on
    condition of anonymity, said investigators consider the break-ins the
    work of a professional rather than a recreational hacker.
    Authorities planned to announce details of the investigation Tuesday
    Officials said U.S. authorities were weighing whether to seek the
    hacker's extradition from England, a move that would be exceedingly
    rare among international computer crime investigations.
    Officials said this hacker case has been a priority among Army and
    Navy investigators for at least one year. One person familiar with the
    investigation said the hacker broke into roughly 100 U.S. military
    networks, none of them classified. Another person said the indictments
    were being drafted to reflect break-ins to a "large number" of
    military networks.
    In England, officials from the Crown Prosecution Service, Scotland
    Yard and the Home Office declined comment Monday.
    A civilian Internet security expert, Chris Wysopal, said that a
    less-skilled, recreational hacker might be able to break into a single
    military network, but it would be unlikely that same person could
    mount attacks against dozens of separate networks.
    "Whenever it's a multistage attack, it's definitely a more
    sophisticated attacker," said Chris Wysopal, a founding member of
    AtStake Inc., a security firm in Cambridge, Mass. "That's a huge
    The cyber-security of U.S. military networks is considered fair,
    compared to other parts of government and many private companies and
    organizations. But until heightened security concerns after the Sept.  
    11 attacks, the Defense Department operated thousands of publicly
    accessible Web sites. Each represented possible entry-points from the
    Internet into military systems unless they were kept secured and
    monitored regularly.
    It would be very unusual for U.S. officials to seek extradition. In
    previous major cyber-crimes, such as the release of the "Love Bug"  
    virus in May 2000 by a Filipino computer student and attacks in
    February 2000 by a Canadian youth against major American e-commerce
    Web sites, U.S. authorities have waived interest in extraditing hacker
    suspects to stand trial here.
    Once, the FBI tricked two Russian computer experts, Vasily Gorshkov
    and Alexey Ivanov, into traveling to the United States so they could
    be arrested rather than extradited. The Russians were indicted in
    April 2001 on charges they hacked into dozens of U.S. banks and
    e-commerce sites, and then demanding money for not publicizing the
    FBI agents, posing as potential customers from a mock company called
    Invita Computer Security, lured the Russians to Seattle and asked the
    pair for a hacking demonstration, then arrested them. Gorshkov was
    sentenced to three years in prison; Ivanov has pleaded guilty but
    hasn't been sentenced.
    But the Bush administration has toughened anti-hacking laws since
    Sept. 11 and increasingly lobbied foreign governments to cooperate in
    international computer-crime investigations. The United States and
    England were among 26 nations that last year signed the Council of
    Europe Convention on Cybercrime, an international treaty that provides
    for hacker extraditions even among countries without other formal
    extradition agreements.
    There have been other, high-profile hacker intrusions into U.S.  
    military systems.
    In one long-running operation, the subject of a U.S. spy
    investigations dubbed "Storm Cloud" and "Moonlight Maze," hackers
    traced back to Russia were found to have been quietly downloading
    millions of pages of sensitive data, including one colonel's e-mail
    inbox. During three years, most recently in April 2001, government
    computer operators watched as reams of electronic documents flowed
    from Defense Department computers, among others.
    In 1994, two young hackers known as "Kuji" and "Datastream Cowboy"  
    were arrested in England on charges they broke into the U.S. Air
    Force's Rome Laboratory. They planted eavesdropping software that
    allowed them to monitor e-mails and other sensitive information.
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Tue Nov 12 2002 - 02:01:01 PST