[ISN] Mafiaboy opened eyes to computer crime Mafiaboy opened eyes to cybercrime

From: InfoSec News (isnat_private)
Date: Mon Feb 24 2003 - 03:14:20 PST

  • Next message: InfoSec News: "Re: [ISN] Sixth-grader charged in grade switch caper"

    The Gazette 
    February 23, 2003
    He was a Montreal-area teenager with a rudimentary knowledge of
    computer hacking, but he single-handedly crippled the lucrative U.S.  
    e-commerce market for brief periods in February 2000.
    In the process, the 15-year-old nicknamed Mafiaboy provided the RCMP
    with its first and finest example of a high-tech cross-border
    investigation, an international conference on policing and security
    was told yesterday.
    The case also opened the eyes of the federal government, prompting it
    to get legislation on the table to help combat cybercrime, RCMP Sgt.  
    Marc Gosselin said yesterday.
    Gosselin, the lead Canadian investigator in the Mafiaboy case, said
    it's not easy to get evidence in denial-of-service attacks, in which
    hackers secretly crack into numerous computers, using those "zombie"  
    computers to send multiple requests to a server to try to overwhelm it
    and shut it down.
    "The evidence in this type of case is very volatile. It can be there,
    but when it's gone, it's gone," Gosselin said.
    Gosselin is hopeful that federal legislation to fight the growing
    problem of cybercrime, currently in second reading in Parliament, will
    The new law will require corporations and Internet service providers
    to save information - including e-mails and hard-drive contents - and
    hand it over to police.
    Existing legislation already allows police to obtain warrants obliging
    Internet service providers to hand over information and tap into
    computer hard-drives.
    The RCMP's National Technological Crime Unit has continued to increase
    in size, but between international and local cases the staff is
    swamped, Gosselin said.
    And Christopher Painter, deputy chief of the computer crimes division
    of the U.S. Justice Department, noted: "Even if it appears to be a
    domestic crime, often if they are sophisticated, (hackers) will bounce
    their attacks through several different countries to evade detection
    or capture."
    Mafiaboy was not a computer whiz kid, but what the investigation
    revealed to authorities was that you didn't need an extensive
    knowledge of computers to cripple the system.
    "He basically had no hacking skills. He used somebody else's tools
    that were user friendly," said Gosselin. "He never actually hacked, he
    was using user IDs and passwords and software to do the job."
    Mafiaboy was sentenced in September 2001 to eight months in a youth
    detention centre after pleading guilty to 58 charges.
    They included five denial-of-service attacks on the Yahoo, CNN, eBay,
    Dell and Amazon Web sites.
    Another 52 charges involved illegally accessing computers, including
    those of universities in the United States and some as far away as
    Denmark and South Korea.
    The Mafiaboy presentation was one of the last during a three-day
    conference organized by the Law Commission of Canada examining the
    problems of private and public policing in Canada.
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Mon Feb 24 2003 - 06:05:05 PST