[ISN] Reformed Welsh hacker returns to computer crime

From: InfoSec News (isn@private)
Date: Mon Dec 06 2004 - 01:28:00 PST


http://www.pingwales.co.uk/security/welsh-hacker-returns.html

By Robert Andrews     
03 December 2004  

The Welsh hacker whose escapades sparked panic about a potential World
War III has returned to computer crime, planning a Hollywood-style
heist to steal a valuable painting.

But Mathew Bevan's latest electronic raid won't attract the long arm
of the law - it's just an experiment staged for a television show due
to be screened in December.

Bevan won notoriety 10 years ago when he was arrested on suspicion of
breaching and downloading data from US military computer networks in
an effort to uncover evidence of a UFO conspiracy.

Aged 21, he was charged with conspiracy after allegedly entering the
secret Air Force Research Laboratory system in New York using a
rudimentary PC in the back bedroom of his parents' Ely, Cardiff,
bungalow.

A British court later acquitted him after prosecutors abandoned their
case and Bevan, whose hacker alias was "Kuji", renounced hacking to
become a respected computer security consultant.

He has now been enlisted to join a crack team of five reformed
criminal masterminds set the challenge of using their underworld
expertise to pull off high-profile thefts for The Heist, a three-part
Channel 4 series starting Tuesday, December 7, at 9pm.

In the show, the Welshman teams up with arch villains like armed
robber Terry Smith, who once escaped from his jail term, and Joey
Pyle, a former gangster and friend of the Krays.

"Basically, a group of experts is brought together and set a task of
performing a robbery under strict conditions, as real-life as
possible," said Bevan, now 31, who studied computing at the University
of Wales Institute, Cardiff, and is originally from the Llandaf area
of the city.

"Each episode covers a different robbery or task and, in each, I am
the technology guru or hacker, monitoring and advising each step of
the way.

"No real criminals who intend to pull off these kinds of heists would
actually employ hacker skills to get the job done. The only hacker
skills used are my brains.

"It's very similar to performing penetration exercises, only the top
brass know what's going on, so essentially it is a real-life test of
the organisation. There's nothing like a bit of James Bond!"

But Bevan, who will appear on Richard & Judy ahead of the first
episode, sets his own brush with the law apart from those of the
ex-con colleagues on his team.

"I never threatened or hurt anyone with my actions," he said.  
"Everything I did was on a computer screen from my bedroom; some of
the other guys were a little more forceful with their actions. It
becomes clear that I have a completely different way of looking at
things than the others.

"Victims" in each of the three shows approved the simulated attacks,
welcoming the test of their own security. In the first episode, the
team is given four days to steal a painting, The View From The
Bandstand by UK artist Andrew Gifford, whilst on display during the
London Art Fair at the Business Design Centre.

Bevan is on board to scope out weaknesses in the electronic systems of
a building regarded as impregnable. In subsequent shows, he uses his
keyboard skills to attempt to smuggle a £1m car overseas and to kidnap
a prize racehorse.

"He's the only one of the ex-criminals in the series who hasn't been
convicted," said a Channel 4 spokesperson.

In his March 1994 hack - which has become part of internet folklore -
Bevan, who is from the Ely area of the capital and has explained he
turned to hacking at school to escape bullying, was also said to have
mounted attacks on Nasa, Nato and Pentagon computers.

Pursued by both Scotland Yard and the FBI, the case produced a
hailstorm of hype from news media revelling in computer crime stories
- normally the attention hackers crave, until they find themselves in
the dock.

Though reports claimed the Pentagon regarded Bevan as the number one
threat to US security, many of the headlines focused on accomplice
Richard Pryce's transfer of a database from a Korean nuclear
laboratory computer to the New York machine, which sparked fears of an
atomic spat between America and North Korea until it was discovered
the lab had, in fact, been in South Korea. Pryce pleaded guilty and
was fined £1,200.

Following his acquittal at Woolwich Crown Court in November 1997,
Bevan reformed and became a so-called "white hat" - a talented hacker
who turns his skills to benevolent or commercial use like auditing
security systems for a price.

Operating under the name Kujimedia, he has since worked as a
consultant for the likes of Nintendo and now lives in Wiltshire, from
where he advises leading brands on design, viral marketing and online
strategies.



_________________________________________
Open Source Vulnerability Database (OSVDB) Everything is Vulnerable - http://www.osvdb.org/



This archive was generated by hypermail 2.1.3 : Mon Dec 06 2004 - 06:00:22 PST