http://www.shanghaidaily.com/art/2005/11/18/214955/Prosecutors__039__office_approves_arrest_of_computer_hacker.htm Xu Fang 2005-11-18 THE Pudong New Area Prosecutors' Office yesterday ratified the arrest of Liu Kefan, a computer hacker with a master's degree, charging him with threatening a company to pay for his unsolicited services. Liu allegedly made use of his computer knowledge to intrude into the computer system of a Shanghai-based software company many times. He demanded 1.5 million yuan (US$185,185) in consultation fees and threatened to disclose security holes in the company's software products, prosecutors said. Liu, a 31-year-old Sichuan Province native, was a technology manager at a Shenzhen technology firm before he was caught. With his master's degree and good skills, he was quite reputable among young practitioners in the software industry. When Liu showed his company's product to a client in December 2004, the client said it wasn't as good as its competitor's. The client gave him the Website account and password for comparison. Liu allegedly used the password to access other systems and overcame all technical barriers. Excited and surprised, Liu intruded into the company's interior system and tracked its commerce for more than six months, prosecutors said. "At first, I didn't think of anything," Liu allegedly said. But as he studied the system further, Liu thought of helping the company fix security flaws with its software. He decided 1.5 million yuan was an appropriate fee. "Software security is the most important. The company's fame and my intellectual property are both worth the price," he allegedly said. Threatening e-mail On September 20, Liu sent an e-mail to the company's general manager, Wan Dong, asking for cooperation. "All the information in your system can be seen. Your company is just like a car loaded with powder. It's time to unload the powder and makes repairs to the main parts of the car," Liu allegedly wrote in the e-mail. Wan didn't take it seriously at first though he realized Liu was a professional. After being ignored, Liu threatened to reveal the security flaws to company's competitors and users. He also changed the password for some of the firm's clients on September 29, according to prosecutors. The clients called the company to find out what happened. Wan suspected it was Liu. Worried about the firm's reputation, Wan agreed to discuss terms with Liu. Liu was caught by police while waiting to negotiate with Wan. According to Criminal Law, those who threaten others to buy either commodities or services will be given a maximum sentence of three years. _________________________________________ Earn your Master's degree in Information Security ONLINE www.msia.norwich.edu/csi Study IA management practices and the latest infosec issues. Norwich University is an NSA Center of Excellence.
This archive was generated by hypermail 2.1.3 : Thu Nov 17 2005 - 23:56:05 PST