US cracks case of hacker who broke into military networks
Kuji June 26th, 2008By TED BRIDIS
Associated Press Writer
WASHINGTON – Federal authorities have cracked the case of an international hacker who broke into roughly 100 unclassified U.S. military networks over the past year, officials said Monday.
Officials declined to identify the hacker, a British citizen, but said he could be indicted as early as Tuesday in federal courts in northern Virginia and New Jersey. Those U.S. court jurisdictions include the Pentagon in Virginia and Picatiny Arsenal in New Jersey, one of the Army’s premier research facilities.
The officials declined Monday to say whether this person was already in custody, but one familiar with the investigation, who spoke only on condition of anonymity, said investigators consider the break-ins the work of a professional rather than a recreational hacker.
Authorities planned to announce details of the investigation Tuesday afternoon.
Officials said U.S. authorities were weighing whether to seek the hacker’s extradition from England, a move that would be exceedingly rare among international computer crime investigations.
Officials said this hacker case has been a priority among Army and Navy investigators for at least one year. One person familiar with the investigation said the hacker broke into roughly 100 U.S. military networks, none of them classified. Another person said the indictments were being drafted to reflect break-ins to a “large number” of military networks.
In England, officials from the Crown Prosecution Service, Scotland Yard and the Home Office declined comment Monday.
A civilian Internet security expert, Chris Wysopal, said that a less-skilled, recreational hacker might be able to break into a single military network, but it would be unlikely that same person could mount attacks against dozens of separate networks.
“Whenever it’s a multistage attack, it’s definitely a more sophisticated attacker,” said Chris Wysopal, a founding member of AtStake Inc., a security firm in Cambridge, Mass. “That’s a huge investigation.”
The cyber-security of U.S. military networks is considered fair, compared to other parts of government and many private companies and organizations. But until heightened security concerns after the Sept. 11 attacks, the Defense Department operated thousands of publicly accessible Web sites. Each represented possible entry-points from the Internet into military systems unless they were kept secured and monitored regularly.
It would be very unusual for U.S. officials to seek extradition. In previous major cyber-crimes, such as the release of the “Love Bug” virus in May 2000 by a Filipino computer student and attacks in February 2000 by a Canadian youth against major American e-commerce Web sites, U.S. authorities have waived interest in extraditing hacker suspects to stand trial here.
Once, the FBI tricked two Russian computer experts, Vasily Gorshkov and Alexey Ivanov, into traveling to the United States so they could be arrested rather than extradited. The Russians were indicted in April 2001 on charges they hacked into dozens of U.S. banks and e-commerce sites, and then demanding money for not publicizing the break-ins.
FBI agents, posing as potential customers from a mock company called Invita Computer Security, lured the Russians to Seattle and asked the pair for a hacking demonstration, then arrested them. Gorshkov was sentenced to three years in prison; Ivanov has pleaded guilty but hasn’t been sentenced.
But the Bush administration has toughened anti-hacking laws since Sept. 11 and increasingly lobbied foreign governments to cooperate in international computer-crime investigations. The United States and England were among 26 nations that last year signed the Council of Europe Convention on Cybercrime, an international treaty that provides for hacker extraditions even among countries without other formal extradition agreements.
There have been other, high-profile hacker intrusions into U.S. military systems.
In one long-running operation, the subject of a U.S. spy investigations dubbed “Storm Cloud” and “Moonlight Maze,” hackers traced back to Russia were found to have been quietly downloading millions of pages of sensitive data, including one colonel’s e-mail inbox. During three years, most recently in April 2001, government computer operators watched as reams of electronic documents flowed from Defense Department computers, among others.
In 1994, two young hackers known as “Kuji” and “Datastream Cowboy” were arrested in England on charges they broke into the U.S. Air Force’s Rome Laboratory. They planted eavesdropping software that allowed them to monitor e-mails and other sensitive information.
(Copyright 2002 by The Associated Press. All Rights Reserved.)