Forwarded From: Erik Parker <netmask@303.org>
http://www.montrealgazette.com/PAGES/990130/2229372.html
Web of disruption
Hacker, 16, suspected of wide campaign
Paul Cherry, the Gazette
RCMP investigators sifting through data in a computer seized from a brash
16-year-old Montreal-area hacker say they are finding trails of
cybermischief that run through Ottawa, Massachusetts and as far away as
Norway.
The boy was online at home when the RCMP came knocking this week.
He appears to have attempted to hack into important computer systems in
different parts of the world, an investigator close to the case said.
The boy is suspected of trying to hack into the NASA computer network and
an RCMP Web site. Companies in Norway are also interested in the
16-year-old's activities, police say.
A person who identified himself as the hacker called The Gazette last
night. Asked several questions about details of the case that had not yet
been reported anywhere, he correctly answered all of them.
He said he wanted to be interviewed so he could say he is a successful
hacker who has penetrated sensitive U.S. university and government sites.
Cautioned that what he said might incriminate him, he answered: "I don't
care. I've told (the RCMP) already," and added: "I'll be a hacker
forever."
He described himself as a bored teenager who left high school months ago
and spends most of his time hacking into computers and sharing details,
through computer chat rooms, of his exploits with a group of friends who
call themselves Segfault.
He started hacking about six months ago and has already penetrated a U.S.
army computer network, he said.
"At the beginning I was, like, excited. At the end it was, like, lame
because it was so easy. Like, it was so sad. Our whole team, we hack to
get better and better stuff."
Asked whether he fears a prison term, he said that if he "went to jail
over this" his team of hackers would disable "Montreal in one second."
While he didn't complain about the RCMP raid on his "box," he said he
couldn't understand why they took away a book on computer coding that he
had bought for himself at Christmas.
The RCMP investigators handling the case are treating it seriously.
"We executed a search warrant on Wednesday, and when we entered the house
he was online and quite busy," said Sgt. Jacques Desilets, who is heading
the investigation.
No charges have been laid yet, but investigators say they have found the
16-year-old's recent computer activity stretches beyond causing the
slowdown of a Nova Scotia Internet-service company, the incident that led
police to him.
"We're getting requests right, left and centre on this,'' Desilets said.
"This kid was extremely busy. He was all over the place in the States,
Canada and Europe. Netmask rules. At this point in time we're still trying
to figure out the extent of his activities. We don't know the extent of
the damage he has caused."
The technology division of the RCMP commercial-crime unit in Montreal is
composed of four officers and is expected to double in size within a year.
Desilets said the 16-year-old is one of the top hackers ever uncovered by
authorities in Quebec.
"He has frozen up services for five hours at a company in Norway where
people couldn't use (the Internet). Our investigators have been in touch
with the authorities in Norway, and they are quite interested in seeing us
lay charges against this fellow here."
An investigator who was going through the computer's data logs said that
if anyone guarding a computer Internet network warned the hacker to leave
the electronic premises, he would quickly launch an attack on its servers,
sending them a blitz of confusing electronic data that caused shutdowns.
"I remember that," the young caller said last night, launching into
computer lingo. "I shut it down for five hours because the (administrator)
was E-mailing all my shells. É So I just killed him for five hours."
The RCMP investigation of the boy began in Montreal around Christmas after
the division learned of complaints out of Toronto that a hacker was
wreaking havoc with systems in Ontario.
As that investigation progressed, the RCMP in Halifax were called by an
Internet company there.
The company's computers were being assaulted electronically during the
first three weeks of January by what is referred to in hacker circles as a
"smurf attack." The hacker sends unreadable electronic data to a computer
site, paralyzing the network servers and blocking service to customers. In
the case of the Nova Scotia company, thousands of customers were affected.
"While it didn't bring the system crashing down, it slowed the system
enough that the company was receiving many complaints," said Sgt. Al
Langille of the Nova Scotia RCMP's commercial-crimes unit. The sergeant
himself was a customer of the Internet company and had problems receiving
E-mail before the investigation started.
Through computer logs, the Nova Scotia RCMP tracked the hacker through a
series of computer networks, including one at the Massachusetts Institute
of Technology in Cambridge, Mass., to a server in Montreal.
University computer systems are often used by hackers as a way to disguise
their route to an intended victim, Langille said. They are selected
because many users are logged on at one time, so hacker activity is hard
to detect.
The search also brought investigators to World Wide Web sites and the
Internet Relay Chat network, where they eventually found two people
bragging online about how they had invaded the Halifax Internet company.
The RCMP unit in Halifax contacted its Montreal counterpart and told it
the hacker had been traced to a local computer service. The Montreal unit
found out whose account it was.
"They had an investigation going on at the same time, and we came to
realize it was the same person during a phone call," Langille said.
The Nova Scotia division was looking for a second hacker in that province,
but said it didn't expect to make an arrest yesterday. Langille said he
couldn't reveal whether the two hackers are believed to have worked
together.
The RCMP aren't sure when the 16-year-old questioned here will be charged.
The computer seized at his home is being thoroughly examined. The boy was
detained in his parents' house Wednesday night as the RCMP investigators
questioned him. He was not in custody, but could face up to 10 years in
jail.
"We have a lot of work to do in the investigation before we know exactly
what he will be charged with and when,'' Desilets said.
"But with what we have in front of us at this point in time, in all
likelihood he will be charged.
"We have numerous organizations and people to contact to complete the
investigation. I can see it stretching for weeks maybe."
-o-
Subscribe: mail majordomo@repsec.com with "subscribe isn".
Today's ISN Sponsor: Internet Security Institute [www.isi-sec.com]
Received on Thu Mar 11 17:17:11 1999