****NASA Nabs E-mail Bomb Hacker

OTC  4/27/98 10:25 PM 

 WASHINGTON, DC, U.S.A., 1998 APR 27 (Newsbytes) -- By Bill Pietrucha, 
Newsbytes. NASA is starting to send almost as many people to court for 
computer crimes as they are sending astronauts into orbit. An Alabama 
hacker pled guilty late last week to launching an e-mail bomb attack, 
bringing the agency's recent guilty plea record to a perfect four of  four.

[Four out of four? NASA has been publicly hacked a LOT more than
 four times. Does this mean they acknowledged four attacks? Or only tried
 to prosecute four?]

   The Alabama-based hacker pled guilty in United States District Court 
for the Northern District of Alabama, for sending damaging  transmissions
to a NASA electronic-mail server system, in violation of  The Computer
Fraud and Abuse Act. The court withheld the identity of  the juvenile
offender, and ordered him to comply with probationary  conditions for 12
months. 
   An investigation by special agents from the Computer Crimes Division 
(CCD) in NASA's Office of Inspector General found that the offender 
launched an e-mail bomb attack last August 4 consisting of 14,000  e-mail
messages across a NASA network against another person using  network
systems in a commercial domain. 
   The use of NASA's network bandwidth caused a simultaneous attack 
against the agency's electronic-mail network server at the Marshall  Space
Flight Center in Huntsville, Alabama resulting in a loss of  network
services, CCD Director Thomas J. Talleur told Newsbytes. 
   Although the juvenile's attack was intended against another  individual,
and not directly against NASA, other recent cases were more  direct. 
   Earlier this month, a former Kennedy Space Center contractor employee 
pled guilty in Federal district court at Orlando, Florida, to a charge 
that he used his workstation to hack into the computers of several  Orlando
businesses. 
   Shawn Hillis, 26, of Orlando, Florida, a former employee of a NASA 
contractor Lockheed Martin Corp., used a NASA workstation at the  Kennedy
Space Center to gain unauthorized access to a computer network  domain
located at the University of Central Florida in Orlando, and  downloaded
password files to his NASA workstation. The unauthorized  access was
discovered by NASA systems operations employees at Kennedy  Space Center 
   As part of the plea agreement, the court ordered Hillis to make 
restitution to other victims in Florida, including: Time Warner Cable; 
Full Service Network, formerly of Maitland; Diamond Star Network,  Orlando;
Internet Access Group, Altamonte Springs; and Junto Net Press,  Winter
Park, Florida. 
   Hillis' case is set for sentencing on July 14. 
   "Both government and private industry sources cite the Internet,  inside
offenders, and certain foreign countries as the biggest threats  to the
national security of the United States," Talleur told Newsbytes.  "This is
just another example of an inside offender." 
   Two other inside offenders also recently pled guilty to using a NASA 
computer to download pornographic images from various Internet Web  sites
during duty hours. 
   Nicholas Catalano and Jeffery Miller, former employees of the  security
contractor at Goddard Space Flight Center, Greenbelt,  Maryland, pled
guilty to a charge of violating NASA regulations in  United States District
Court, Hyattsville, Maryland, and were each  sentenced to one year
probation, 40 and 30 hours of community service,  respectively, and a $175
fine. 
   Talleur cautioned that most computer hackers today fall into more 
serious categories than the four recent cases NASA successfully 
prosecuted. 
   "Today's hackers are not juveniles playing games," Talleur told 
Newsbytes. "The serious threats are coming from militias and other  fringe
groups who seriously want to disrupt and destroy the government,  as well
as from international terrorists and groups trying to spy by  computer. 
   "Computer security problems will get a lot worse before they get 
better," Talleur said, noting the growing sophistication, age, and  motives
behind hacking. 
   "Many computer hacking cases now involve individuals in their mid-20s 
to mid-30s," Talleur said, "and they're involved with a number of  fringe
groups who either perceive the government as the enemy, or are  trying to
obtain information to destabilize government security." 

[I'd love to see backing to this claim.]

=-=


Reply From: Roger Harrison ? 

>                         ****NASA Nabs E-mail Bomb Hacker
>    "Today's hackers are not juveniles playing games," Talleur told 
> Newsbytes. "The serious threats are coming from militias and other  fringe
> groups who seriously want to disrupt and destroy the government,  as well
> as from international terrorists and groups trying to spy by  computer. 

what on earth is Talleur talking about?  The Militia groups don't pose a
threat on the internet.  They don't want to disrupt and destroy the
government.  They want to help protect it.  I don't think you could cite
one single case of a militia engaging in computer hacking.

Roger Harrison
Eclipse Security