Sunday, October 25, 2009

Oct. 23, 1995: First Computer-Network Wiretap

1995: A federal judge for the first time authorizes a wiretap of a computer network. It leads to hacking charges against a young Argentine for breaking into sensitive U.S. government sites.
reno_f

Attorney General Janet Reno worried in 1995 about hacking turning the internet into the "Wild West of the 21st Century.
Dennis Cook/AP Photo

Arrested and later extradited to the United States was Julio Cesar Ardita, who was 21 at the time. His online name was “griton” — Spanish for “screamer.” The hacks, using a dial-up modem, were traced to his parents’ Buenos Aires apartment, located near the university where Ardita was studying computer science.

U.S. authorities said he first accessed a system at Harvard University’s Faculty of Arts and Sciences. Using a sniffer, he obtained passwords as users accessed other systems.

He then used this information to breach those systems, and continued the process to obtain access to computers at the Defense Department, Caltech, Northeastern University, the University of Massachusetts, NASA’s Jet Propulsion Laboratory, NASA Ames Research Center, the Naval Research Laboratory and the Naval Command Control and Ocean Surveillance Center — as well as systems in Argentina, Brazil, Chile, Korea, Mexico and Taiwan.

Although he was accused of accessing sensitive information, he did not steal any data. His motive appeared to be a hacking addiction. At the time of his 1998 extradition, Janet Reno acknowledged that a failure to combat hacking could create online chaos.

“If we aren’t vigilant, cybercrime will turn the internet into the Wild West of the 21st Century,” she said. “The Justice Department is determined to pursue cybercriminals at home and abroad.”

After detecting intrusions at Harvard, the FBI and the Naval Criminal Investigative Service applied for a search warrant and began to monitor activity using a program called I-Watch, run on a government computer installed at Harvard. It searched relentlessly through the goings-on of approximately 16,000 legitimate users of Harvard’s network in its attempt to pinpoint the hacker.

Matt Parsons, an FBI agent at the time, said the government went to great lengths to protect the privacy of Harvard’s network users. He said that the government isolated certain words the authorities believed the hacker was using, but did not immediately read those communications connected to those phrases.

“If a telltale word or phrase was intercepted, the monitoring computer initially would display up to 80 characters surrounding the target word or phrase,” he said. “If it remained ambiguous after these 80 characters were examined whether what had been intercepted was the activity of the intruder or a legitimate user, investigators used a computer utility program to look for further indicia of the intruder before actually examining the computer session.”

After more than two years battling and then waiving extradition, Ardita pleaded guilty in May 1998 in a Boston federal court to two counts of unlawfully intercepting and damaging government files.

One count concerned intercepting communications on the government computer orac.wes.army.mil, and one for transmitting a program named “zap” to mindy.nosc.mil — another government computer — in an attempt to damage its log files.

Ardita was fined $5,000 and sentenced to three years’ probation. A 2001 thesis at Argentina’s National Technical University footnoted Ardita as director of a firm called Cybersec S.A. Security System.

No comments:

Post a Comment