As British hacker Gary McKinnon fights to avoid extradition to the US, we look at some of the most well known cases of malicious acts online - and the damage it caused.
Gary McKinnon’s fight against extradition to the US for hacking into military computers has focused attention on ‘Black Hat’ hackers and cyber criminals – those who attack computer systems for malicious reasons such as terrorism, vandalism or financial gain.
Here is a list of some of the most well-known such individuals and their work, which offers insight into the many ways computer systems can be breached. But it is important to remember that many of them don’t follow the current trend in hacking for financial gain, and this just describes the individuals who got caught...
The military superhacker - Gary McKinnon
The ‘superhacker’ Gary McKinnon, currently fighting his extradition to the US, is accused of committing the ‘biggest military computer hack of all time’. Between 2001 and 2002 he allegedly hacked into US Army, Navy, Air Force as well as NASA computers causing around $700,000 damage. Perhaps most seriously, he is also accused of altering and deleting files at a US Naval Air Station and causing its computer systems to shut down not long after 11 September 2001.
McKinnon is alleged to have carried out his hacking from his North London home. He has been arrested though never charged in the UK, but could face life rather than a couple of years in jail if he refused a plea bargain and was found guilty. He has never denied the charges, claiming he was motivated by curiosity and found his way in due to poor security.
The social engineer - Kevin Mitnick
Computer security consultant Kevin Mitnick hacked into Motorola, Nokia, Sun Microsystems and Fujitsu Systems, among others. According to Mitnick, he did not use software programs or hacking tools to compromise computers but instead used social engineering to gain passwords and codes. He is now in charge of his own computer security consultancy.
In his book ‘The art of deception’, he said that it was innocuous information that was the prized target of social engineers. He said: “Penetrating a company’s security often starts with the bad guy obtaining some piece of information or some document that seems so innocent, so everyday and unimportant, that most people in the organization don’t see any reason why the item should be protected and restricted.”
The Russian wire-frauder - Vladimir Levin
The Russian programmer was responsible for one of the largest and best-organised wire fraud schemes, where he transferred around $10 million from Citibank into bank accounts in Europe and the US. According to the bank, all but $400,000 was recovered as his accomplices around the world tried to withdraw funds.
In 1995, he was arrested in transit going through Heathrow Airport and, in 1998, extradited to the US where he was sentenced to three years in jail. It was not revealed how Levin managed to break into the Citibank systems, but it was claimed he did not have the technical ability to break into systems but may have been able to purchase the information needed for just $100.
The creator of the first worm - Robert Morris
Currently an associate professor at MIT, Morris was responsible for creating the first computer worm on the internet in 1988 – the Morris Worm, which security experts said changed the face of online security.
Morris said that it was first intended to gauge the size of the internet by self-replicating and not intended to cause damage. However the code contained a bug which allowed a worm to self-replicate in a single machine multiple times, causing thousands of computers to grind to a halt.
Although he was punished with a fine, he was lauded by some for revealing flaws in the online security. Morris later became one of the founders of the company Viaweb, which was later sold to Yahoo for around $45 million to be renamed Yahoo Store.