Extradition of Hackers : Spain & Israel & Ukraine
Update - May 10 , 2006
Gary McKinnon, 40, accused of mounting the largest ever hack of United States government computer networks including Army, Air Force, Navy and NASA systems arrives at the Bow Magistrates Court for the last hearing of his extradition case, in central London Wednesday May 10, 2006. McKinnon, has been indicted in the states of New Jersey and northern Virginia on charges of illegally accessing 97 computers, causing US$700,000 (400,000 pounds, euro588,000) in damage. The alleged hacker who has claimed he was searching for suppressed evidence of UFOs was arrested in 2002 and has fought against extradition. (AP Photo/Lefteris Pitarakis)
AP – LONDON. A British court recommended Wednesday that Gary McKinnon, 40, of London be extradited to the United States to face charges in the largest attack on U.S. government computer networks including Army, Air Force, Navy and NASA systems. He has been indicted in New Jersey and Virginia for allegedly hacking into U.S. government computers between February 2001 and March 2002. He was arrested in 2002 and has fought his extradition.
UK National High Tech Crime Unit Notice
8 June 2005
A British man wanted in the United States for allegedly carrying out "the biggest military computer hack of all time" is due to appear at Bow Street Magistrates Court today (8 June 2005).
Arrested in November 2002 by officers from the National Hi-Tech Crime Unit, part of the National Crime Squad, Gary McKinnon, 39, of north London faces extradition over claims he gained illegal access and made alterations to US military and NASA computers over a 12-month period from 2001 to 2002.
Using software available for download on the Internet, McKinnon -- an unemployed computer systems administrator -- allegedly hacked into 92 separate networks operated by the US Army, Navy, Air Force and the Pentagon.
The US government estimated the the cost of tracking and correcting the alleged problems to be about $1 million (£570,000).
McKinnon was indicted in 2002 by a US grand jury on eight counts of computer-related crimes in 14 different states and was arrested yesterday (8 June) by the Metropolitan Police's Extradition Unit.
The US indictment said he hacked into an Army computer at Fort Myer, Virginia, obtained administrator privileges and transmitted codes, information and commands before deleting about about 1,300 user accounts.
It alleged he also "deleted critical system files" on the computer, copied a file containing usernames and encrypted passwords for the computer and installed tools to gain unauthorised access to other machines.
– end –
US/CID Computer Crime Manual - (25/2/05)
CCIU Investigative Results (22/9/04)
06/27/05; Vol. 24 No. 16
The long arm of the Army’s cybercrime unit
By Dawn S. Onley
For three months last year, an Army soldier stationed in Afghanistan
installed on more than 200 computers illegal software that captured users’ keystrokes
and, ultimately, caused about $25,000 in damage.
The software gave the soldier access to passwords, credit card data and other sensitive information from users of the compromised computers. A team of agents with the Army’s Computer Crime Investigative Unit, a division within the Army Criminal Investigation Command charged with securing all Army networks, traveled on short notice to the hostile area to analyze the affected computers.
Their investigation led them to the suspect, whom officials declined to name because he accepted nonjudicial punishment in lieu of a court martial.
Daniel T. Andrews, CCIU’s acting director, said the soldier did not misuse or disclose any of the sensitive data he had collected and that the case was referred to the military justice system for disciplinary action. But Andrews said the case is an example of the work performed daily by CCIU agents and analysts.
“CCIU agents respond to and investigate network intrusions and other computer-related
felonies across the globe,” Andrews said. “Given the so-called borderless
nature of Internet-based crime, many of CCIU’s cases
involve investigative leads in foreign countries, adding even more complexity
to cases that can often involve hundreds of thousands of dollars in damages.”
One such case occurred three years ago.
Gary McKinnon, a computer administrator from London, faces extradition
for charges that he hacked into military and NASA computer systems, deleting
files and blocking access to the Internet, officials said. The incident
occurred over a 12-month period during 2001 and 2002. CCIU gathered evidence
and led the international investigation that resulted in McKinnon’s arrest.
Special agent Brent A. Pack, operations officer of the Fort Belvoir, Va.-based unit, said nabbing the hacker involved “collecting, examining and reporting more than 1T of electronic evidence.”
McKinnon was indicted by a U.S. grand jury in 2002 on eight counts of computer crimes and is scheduled for an extradition hearing on July 27 in London.
A pending case against a technology company was a bit easier to solve, officials said. In early 2002, ForensicTec Solutions Inc. of San Diego broke into dozens of sensitive Defense systems while conducting routine business for a government client, according to ForensicTec president Brett O’Keeffe, who spoke with GCN at the time of the incident. The government accused O’Keeffe and other ForensicTec employees of discussing the security vulnerabilities with the news media in an attempt to build their new business.
O’Keeffe said he notified military officials right away. “All we did was expose a vulnerability that others could exploit,” O’Keeffe said in the interview. “We didn’t create a vulnerability, we just showed it.”
O’Keeffe said company employees gained access to computers at a Texas
Army base that held records of radio encryption techniques, and personnel files
listing Social Security numbers, security clearances and credit card numbers.
Employees also roamed a NASA system’s vendor records, which included company
O’Keeffe has since pleaded guilty to a misdemeanor charge in the incident and faces up to a year in jail when he is sentenced on Aug. 1, according to John Parmley, an assistant U.S. attorney.
Parmley said two co-defendants, Aljosa Medvesek and Margaret Ann Lauffer, who also worked at ForensicTec, pleaded guilty to unauthorized access and will also be sentenced later this year.
On the front door of the CCIU lab is a logo with an eagle holding a computer mouse. Inside the lab, computer technicians gather forensic evidence by taking computers apart to see what damage a hacker did and how he accomplished his intrusion.
The unit has portable forensic equipment that allows agents to remove hard drives for extensive examination. The agents can perform analysis on any type of operating system.
“Most of the Internet-based attacks we see are attempts to exploit any variety of vulnerabilities in computer operating systems or other software code,” Andrews said. “Without identifying any specific threat, the arsenal of cyberexploits is dynamically evolving and becoming more potentially malicious with time.”
CCIU operates on a yearly budget of $1 million, a jump from $500,000 in
its earlier years. That figure does not include personnel pay or real estate
facilities, Andrews said.
He attributed the hike in budgetary dollars to the realization that computer security is vital to military operations.
“Senior Army officials understand the importance of enterprisewide network security and the significance of maintaining a robust investigative force capable of swiftly responding to cyberattacks, assessing the extent of damage and bringing cybercriminals to justice,” Andrews said. Special agents assigned to CCIU usually come from law enforcement backgrounds and undergo extensive computer network training.
Army unit’s wall of ‘fame’ is expanding
Mug shots of hackers busted by the Army’s Computer Crime
Investigative Unit and other federal authorities are proudly hung on a wall
dubbed the “Hackers Without Computers Club.” Currently on the wall are
photographs of The Deceptive Duo—Robert “Pimpshiz” Lyttle and Benjamin “The-Rev” Stark—so dubbed for their
part in computer hacks against public and private Web sites.
Also pictured on the CCIU wall is Chad Davis, known as “minphasr” of “Global Hell,” who hacked an Army Web page. Davis received six months in jail and three years of supervised release, and was ordered to pay $8,054 in restitution.
4Law : The Russian biggest Newswire Portal Lenta.ru Remarks the Reliability of the Full PDF Indictment version Concern US Military Mass Hacks , in his Page , as well as the 4Law (B.GRG Ltd.) Site with link to the file here. Russian Language - Click the Tittle.
- Page Saved (12/6/05)