Hacker turns to vendors as IT PI

Steve Masters [05-12-1997]

One of the two hackers accused of almost starting World War III from his bedroom in the UK walked free from court on 21 November because the law is not set up to deal with cases like his, writes Sean Fleming.

In an interview with Computing, Matthew Bevan announced he is now considering a career in IT security.

Bevan was arrested on 21 June 1996 and charged with intent to secure access to computer systems belonging to the US Air Force and defence manufacturer Lockheed. His accusers maintained he knew that such access would be unauthorised.

More than three years and 14 court appearances later, the case has been dropped. The prosecution declared it would not be in the public interest to pursue the matter.

Bevan, who used the name Kuji, and Richard Pryce – known as Datastream Cowboy – stood accused of hacking into a research centre at Griffiss Air Force base in New York state. It took two years for the US authorities to admit the break-in had taken place.

In a statement to the court, US Air Force investigator Jim Christy said the incident cost the US Air Force $211,722 (#124,000) – exclusive of the cost of their investigations.

Christy outlined the events that almost brought East and West to the brink of war. He described how Datastream Cowboy (aged 16 at the time) hacked his way into a research facility in Korea. The US authorities became aware of this when they realised that the contents of the Korean Atomic Research Institute’s database had been deposited on USAF’s New York system.

‘Initially it was unclear whether the system belonged to North Korea or South Korea,’ Christy said. ‘The concern was that if it was North Korea, they would think the transfer of data was an intrusion by the US Air Force.’

It turned out to be South Korean data, but it is not hard to imagine the potential outcome had the 16-year-old found his way into North Korea’s system. The US press referred to Bevan and Pryce as ‘digital delinquents’.

Pryce walked out of court this summer with a #1,200 fine – not much of a slap on the wrists for actions that might have sparked a war. The lenience of his sentence was the key to Bevan escaping punishment altogether.

Simon Evenden, Bevan’s solicitor, told Computing why the prosecution chose not pursue his client. He stressed that in court, judge Jeffrey Rivlin QC made it clear that he felt the prosecution had in no way done anything wrong when preparing its case.

‘The case collapsed simply because it was not economically viable to take it forward. It would have cost hundreds of thousands of pounds to bring witnesses over from the US and because of what happened to Pryce, Matthew would probably only have been fined or given community service. So it was agreed that it was not in the public interests to continue.’

Had the case continued, getting the prosecution evidence to stand up in court could have proved problematic. It is unlikely the court would have accepted any evidence stored on a computer, unless it could satisfy itself it had not been tampered with. The US authorities were happy to supply copies of emails plus records showing times and dates at which computers were hacked into, but they would not allow the court access to original information.

In the light of the Bevan case, the defence and prosecution teams are to come together in an attempt to plug some of the gaps in the law. They will be arguing for changes to a system that is clearly finding it hard to keep pace with technological change.

From the horse’s mouth Interview with Matthew Bevan

Offered the choice between pleading guilty in the hope of the court being lenient or fighting it out, Matthew Bevan plumped for the latter. He explained why to Computing. ‘As far as I was concerned, I was charged with conspiracy, which was not true, and charged with working with Richard Pryce, which was not true. As well as having to prove that I did it, the prosecution would have had to prove there had been intent. I was accused of putting a sniffer on one of the computers. The point of a sniffer is to sit undetected on a computer monitoring who’s using it and copying their passwords. It’s not there to impair the performance of the computer. So, even if they could have proved I put it there, they couldn’t prove intent to cause damage.’ Bevan is now considering a career in IT security. ‘If I can find a job where I can get paid for doing the same sort of thing as hacking, I won’t complain,’ he said.