Cops narrow gap on Web criminals
This week's arrest of a teen hacker shows that law enforcement is getting more savvy.
Computer hackers cruising the Internet these days should check their rearview mirrors. Those flashing lights might not be the modem. They could be the technology police.
With increased manpower, better know-how, and higher-profile cases, law-enforcement agencies from the US to Europe are joining forces to crack down on Internet crime. If savvy teenagers once could drive rings around technologically flat-footed cops, the police are catching up.
And they have a message for today's teens: Internet hacking is no longer a prank; it's a serious crime.
This week's arrest of a Montreal 15-year-old in connection with the wide-ranging attack on Internet sites such as Yahoo! and eBay earlier this year, is only the latest sign of the tougher stance.
While the young hacker made a number of simple blunders that led cybercops to him, the arrest comes at a key time. Just as police are trying to get the word out to teens, older activists are starting to copy their methods in order to launch their own politically motivated Web attacks.
If the trend catches on, the new cybercops may be called on to break up electronic civil disobedience actions much as their predecessors broke up antiwar protests in the Vietnam era.
"There are many motivations" for hacking, says Peter Hussey, executive vice president of Baltimore Technologies, an electronic-security company with US headquarters in Needham, Mass. While many teens do it strictly for the technological challenge, others "actually want to cause financial harm to the targets."
Little is known so far about the motivations for "Mafiaboy," the hacker arrested this week. He's the first person charged in connection with February's attacks. Canadian police have only charged him with hacking CNN. Finding other perpetrators, who covered their tracks better, will be hard.
For many teens, hacking represents the lure of a high-tech joy ride. Many defend their actions, saying they're simply exploring. By finding gaps in company security systems, hackers can teach companies a lot, they add.
"They like to believe that the work that they are doing is performing a service and allowing business to fix [problems]," says Jim Finn, a former hacker and now top executive at Unisys's information-security consulting group in Burlington, Mass.
Hackers make a distinction between their exploration and the willful destruction of "crackers." But with millions of dollars of e-commerce sales at stake, Internet companies take an increasingly dim view of both practices. So do government officials.
"It is important, first of all, that we ... let young people know that they are not going to be able to get away with something like this scot-free," US Attorney General Janet Reno said Wednesday. "There's got to be a penalty."
According to Canadian law, juvenile Internet offenders could get as many as two years of detention. In the US, laws vary by state. In New Hampshire, for example, the 17-year-old hacker "Coolio" could face up to 15 years in prison and a $4,000 fine. He has been charged with vandalizing an anti-drug Web site.
Despite a continuing shortage of network-savvy agents, the Justice Department is beefing up its Internet-crime expertise. Its computer-crime and intellectual-property section now boasts 18 prosecutors, more than three times the number it had in 1996. The department is spending some $100 million on fighting computer crime this year and wants to increase that total by one-third next fiscal year.
Federal agents aren't only getting better at tracking Internet crime, they're joining forces with law-enforcement agencies around the world. This week's Montreal arrest involved the FBI and the Royal Canadian Mounted Police. Last month, the FBI and the Mounted Police teamed with British police to arrest two teens charged with operating an international credit-card scam.
While the warning about hacking may be getting out to teens, adults are quickly picking up their methods. These activists - or "hactivists" - are targeting Web sites with which they disagree. Last fall, for example, one group hijacked China's Web site, which touted its human rights, and replaced it with another, proclaiming the Chinese had no rights.
Since then, some activists have become more aggressive, using the same tactics - which deny Web surfers access to the site - that hackers used in February.
That same month, the Federation of Random Action launched a denial-of-service attack against Occidental Petroleum to protest plans to search for oil in the ancestral land of a Colombian tribe.
The Web site of another group, the Electrohippies, explains the possibilities of e-disobedience: "What we're out to do is ... [extend] the philosophy of activism and direct action into the 'virtual' world of electronic information exchange and communications."
(c) Copyright 2000. The Christian Science Publishing Society