http://seattlepi.nwsource.com/local/6420AP_WA_Hackers_Wrong_Turn.html
By Tom Sowa
The Spokesman-Review
August 20, 2007
SPOKANE, WASH. -- Growing up in rural Lacrosse, Wash., Robert Moore
reached adolescence and discovered he was a high school misfit.
Suffering from several ailments, including narcolepsy, Moore skipped
playing sports, the normal path to small-town popularity.
Instead he dived into computer technology and found his niche, tinkering
with software and understanding how computers connect to each other on
the Internet. He became a hacker, going by the nickname "mooreR" and
running a Web site with samples of software he developed.
"One of reasons I was so addicted to computers was I found I didn't need
the real world. I had the online world, where people loved me," he said.
That world eventually led him to international notoriety and a two-year
federal prison sentence for his part in a scheme to bilk
telecommunications companies out of more than $1 million in stolen
service.
Hackers, while portrayed often as bent on harming other computers, also
include a middle ground of enthusiasts who test computer security in
order to improve it. Moore said he was such an ethical hacker, but he
veered toward crime to make easy money.
He moved to Spokane, graduated from North Central High School and became
skilled enough to land several jobs, including a project for one firm
needing anti-spam software.
In 2005, a Florida man, Edwin Pena, found Moore's site and asked him to
create a tool for detecting certain types of network computers that
worked with a new technology, Voice over Internet Protocol, or VoIP.
About a year later, FBI agents showed up at Moore's north Spokane home
and arrested him, charging him with federal wire fraud and computer
hacking. They also arrested Pena in Miami. Pena, 25, jumped bail and
fled the country and is believed to be living in South America.
Moore, now 23, was nabbed because he designed the software tools Pena
used to bilk Internet phone companies of more than $1 million in unpaid
VoIP phone charges.
Next month, Moore will begin serving two years in a federal prison at a
site not yet revealed. The New Jersey federal judge who sentenced him
also ordered Moore to pay $152,000 in restitution to victims of the
scheme.
The case created international attention. It marked the first
large-scale hacking of the VoIP system. Moore used his 12 home computers
to find vulnerable network doorways, called ports.
He pleaded guilty to the charges, acknowledging his role but saying he
was just a provider of information that Pena misused for personal gain.
"What I did was totally wrong, and I have to pay for it," Moore said.
"But Edwin was the guy who stole the minutes and resold them. All I did
was find passwords for (network computers) that he wanted to use."
Many who wrote about or discussed the VoIP break-in said Moore's use of
fairly unsophisticated tools, coupled with some special software he
designed, pointed out major security holes in many corporate networks.
In most of the cases when he spotted vulnerable ports, the login
password was an easy-to-guess word like "Cisco" or "password." Security
experts say network managers should never leave those default passwords
in place.
After his arrest, friends of Moore started a site called FreeRobert.com,
calling attention to what they felt was heavy-handed federal
prosecution.
But federal prosecutors said Moore knew all along that what he was doing
constituted theft.
"This is a very serious crime, the first major attack on a new
telecommunications infrastructure," said Erez Liebermann, the New Jersey
assistant U.S. attorney who handled the case.
"He was a cooperative defendant," said Liebermann. "But apart from
telling us how they worked (the plan), nothing he told us led to any
other arrests." Moore and others believe at least one other hacker
helped Pena but has not been caught.
Moore never attended college and gained most of his skills from Internet
discussion groups. His goal, once released from prison, is to earn a
certificate in network security and work as a consultant, helping ensure
other companies can guard against hackers.
Before being contacted by Pena, whom he only communicated with by e-mail
or phone, Moore made a modest amount of money doing odd programming
jobs. When Pena offered him money, Moore said, he didn't resist.
He said it took three or four weeks before he was sure the work was
illegal. "I wasn't thinking straight. I knew it was wrong, and I knew I
would get caught eventually," he said.
Pena paid him $20,000. Part of the reason Moore took the job, he said,
was to help pay some of his parents' bills. His father, David, is
disabled and suffers from a chronic disease.
"The only big thing I bought for myself was a $2,600 Bowflex home gym. I
didn't spend a lot. I kept it in case it was needed," Moore said.
At the time he was arrested, he still had $8,000 from Pena in his bank
account, he said.
Since his arrest, Moore has been ordered to stay away from computers. He
communicates with his friends by phone. What kept him going during the
past year, he added, was the support friends and the hacker community.
"It really helped to have people call me, from all over, telling me they
had my back. They say they'll send money to the (prison) commissary in
my account. They really give me the confidence to keep on," he said.
---
Information from: The Spokesman-Review, http://www.spokesmanreview.com
Received on Tue Aug 21 00:25:57 2007