****NASA Nabs E-mail Bomb Hacker
OTC 4/27/98 10:25 PM
WASHINGTON, DC, U.S.A., 1998 APR 27 (Newsbytes) -- By Bill Pietrucha,
Newsbytes. NASA is starting to send almost as many people to court for
computer crimes as they are sending astronauts into orbit. An Alabama
hacker pled guilty late last week to launching an e-mail bomb attack,
bringing the agency's recent guilty plea record to a perfect four of four.
[Four out of four? NASA has been publicly hacked a LOT more than
four times. Does this mean they acknowledged four attacks? Or only tried
to prosecute four?]
The Alabama-based hacker pled guilty in United States District Court
for the Northern District of Alabama, for sending damaging transmissions
to a NASA electronic-mail server system, in violation of The Computer
Fraud and Abuse Act. The court withheld the identity of the juvenile
offender, and ordered him to comply with probationary conditions for 12
months.
An investigation by special agents from the Computer Crimes Division
(CCD) in NASA's Office of Inspector General found that the offender
launched an e-mail bomb attack last August 4 consisting of 14,000 e-mail
messages across a NASA network against another person using network
systems in a commercial domain.
The use of NASA's network bandwidth caused a simultaneous attack
against the agency's electronic-mail network server at the Marshall Space
Flight Center in Huntsville, Alabama resulting in a loss of network
services, CCD Director Thomas J. Talleur told Newsbytes.
Although the juvenile's attack was intended against another individual,
and not directly against NASA, other recent cases were more direct.
Earlier this month, a former Kennedy Space Center contractor employee
pled guilty in Federal district court at Orlando, Florida, to a charge
that he used his workstation to hack into the computers of several Orlando
businesses.
Shawn Hillis, 26, of Orlando, Florida, a former employee of a NASA
contractor Lockheed Martin Corp., used a NASA workstation at the Kennedy
Space Center to gain unauthorized access to a computer network domain
located at the University of Central Florida in Orlando, and downloaded
password files to his NASA workstation. The unauthorized access was
discovered by NASA systems operations employees at Kennedy Space Center
As part of the plea agreement, the court ordered Hillis to make
restitution to other victims in Florida, including: Time Warner Cable;
Full Service Network, formerly of Maitland; Diamond Star Network, Orlando;
Internet Access Group, Altamonte Springs; and Junto Net Press, Winter
Park, Florida.
Hillis' case is set for sentencing on July 14.
"Both government and private industry sources cite the Internet, inside
offenders, and certain foreign countries as the biggest threats to the
national security of the United States," Talleur told Newsbytes. "This is
just another example of an inside offender."
Two other inside offenders also recently pled guilty to using a NASA
computer to download pornographic images from various Internet Web sites
during duty hours.
Nicholas Catalano and Jeffery Miller, former employees of the security
contractor at Goddard Space Flight Center, Greenbelt, Maryland, pled
guilty to a charge of violating NASA regulations in United States District
Court, Hyattsville, Maryland, and were each sentenced to one year
probation, 40 and 30 hours of community service, respectively, and a $175
fine.
Talleur cautioned that most computer hackers today fall into more
serious categories than the four recent cases NASA successfully
prosecuted.
"Today's hackers are not juveniles playing games," Talleur told
Newsbytes. "The serious threats are coming from militias and other fringe
groups who seriously want to disrupt and destroy the government, as well
as from international terrorists and groups trying to spy by computer.
"Computer security problems will get a lot worse before they get
better," Talleur said, noting the growing sophistication, age, and motives
behind hacking.
"Many computer hacking cases now involve individuals in their mid-20s
to mid-30s," Talleur said, "and they're involved with a number of fringe
groups who either perceive the government as the enemy, or are trying to
obtain information to destabilize government security."
[I'd love to see backing to this claim.]
=-=
Reply From: Roger Harrison ?
> ****NASA Nabs E-mail Bomb Hacker
> "Today's hackers are not juveniles playing games," Talleur told
> Newsbytes. "The serious threats are coming from militias and other fringe
> groups who seriously want to disrupt and destroy the government, as well
> as from international terrorists and groups trying to spy by computer.
what on earth is Talleur talking about? The Militia groups don't pose a
threat on the internet. They don't want to disrupt and destroy the
government. They want to help protect it. I don't think you could cite
one single case of a militia engaging in computer hacking.
Roger Harrison
Eclipse Security