British Hacker Indicted in U.S.
Wed Nov 13, 4:12 AM ET
By TED BRIDIS, Associated Press Writer
WASHINGTON (AP) - The chief suspect in what U.S. authorities are calling the largest ever successful hacking effort against American military networks
is an unemployed British computer administrator who worked from his home computer.
Gary McKinnon, 36, of London was indicted in federal courts in Virginia and New Jersey on Tuesday on eight counts of computer-related crimes. These
included break-ins over 12 months at 92 separate U.S. military and National Aeronautics and Space Administration networks across 14 states, including
two at the Pentagon (news - web sites). McKinnon also was accused of hacking the networks of six private companies and organizations.
McKinnon, known on the Internet as "SOLO," remains free although he was briefly held by British authorities, U.S. Attorney Paul McNulty said. He
said the Justice Department (news - web sites) will seek to extradite McKinnon, an exceedingly rare move in international hacking cases.
McKinnon was charged in "the biggest hack of military computers ever, at least ever detected," McNulty said. He estimated the damage, including the
cost to reinstall software on the affected computers, at $900,000.
Officials said they intend to prosecute McKinnon separately in Virginia and New Jersey. McKinnon faces up to 10 years in prison plus fines of $250,000
on each of eight counts, McNulty said.
Using automated software available on the Internet, McKinnon used his home computer to scan tens of thousands of computers on U.S. military networks,
looking for ones that might suffer from flaws in Microsoft Corp. Windows NT operating system software, McNulty said. Many of the computers he broke
into were protected by easy-to-guess passwords, investigators said.
McKinnon downloaded sensitive, but not classified, information about subjects that included Navy shipbuilding and munitions, investigators said. But
there was no evidence that he offered the information to foreign governments or terrorist organizations, McNulty said.
"I suppose he was hoping to gain access to classified information," McNulty said, acknowledging that authorities weren't certain of a motive for
U.S. officials sought to reassure the public that only about 100 of the military's networks were apparently vulnerable to break-ins out of tens of
thousands that McKinnon allegedly probed.
"If this guy was scanning tens of thousand of military networks, that signals to me the military does a pretty good job of protecting its systems,"
said John Frazzini, a former supervisor for the U.S. Secret Service on its Electronic Crimes Task Force.
But some civilian experts expressed astonishment that this many U.S. military systems were so vulnerable to techniques derided by many hackers as
"I don't see this as a big win for the government," said Marc Maiffret, co-founder of eEye Digital Security Inc., which sells security software.
Maiffret said measures the military should have taken to prevent such break-ins were a "lesson 101-type thing."
McKinnon also was accused of disrupting military networks in Washington and New Jersey. Prosecutors said he deleted important files, including 1,300
user accounts, and caused the failure of computers controlling the network for the military district in Washington. That resulted in the loss of
e-mail and Internet access in March for 2,000 users for three days.
Authorities said a separate break-in, just after the Sept. 11 terror attacks, at the Earle Naval Weapons Station in Colts Neck, N.J., effectively shut
down its network of about 300 computers for a week. That station replenishes munitions and supplies for the Atlantic fleet.
The military hacking took place over 12 months, starting in March 2001, and investigators said they detected the intrusions as early as June. But they
did not issue warnings internally about these hacking methods until March 2002, when a Navy memo urgently instructed computer experts to search their
systems for the specific hacker tools McKinnon allegedly used.
| Report Post
posted on 14/11/2002 at 00:01
It tells you something when some Hacker dweeb can cut into our National Defence with a $99 programme....
Apparent;ly heads will roll at Earle !