This article can also be found in the Premium Editorial Download "Information Security magazine: Dollars and sense: Getting the security budget you need -- and spending it wisely."
Download it now to read this article plus other related content.
It's said that tragedies bring out the best and worst in people. The space shuttle Columbia tragedy brought out the worst in Trippin Smurfs.
The hacker gang that boasts owning scores of NASA boxes chose the day of the Columbia crash--Feb. 1--to hit at least 10 Jet Propulsion Lab servers and deface numerous NASA Web sites with protests about the looming war with Iraq.
The incident had nothing to do with the shuttle disaster, but, as one security observer noted, there will be little sympathy for this crew if they're ever brought to justice.
What can the Trippin Smurfs gang expect if they ever see the inside of a courtroom? They could try asking Brian T. Ferguson.
The 43-year-old Pittsburgh man expects no quarter from a federal court when he's sentenced next month for hacking the AOL account of New York Common Pleas Court Judge Kim D. Eaton.
Observers expect Ferguson will receive the maximum three-year sentence from a federal judge who will likely show sympathy toward his robed colleague.
Need another example? Try William Grace and Brandon Wilson, who will spend the next nine years behind bars for hacking a California court's network.
Using a password that Grace lifted while working as a consultant for police at a local Native American casino, the pair altered the records of family and friends, and dismissed their own drug charges and arrest warrants.
Officials say Grace and Wilson received unusually harsh sentences because they tampered with the integrity of the judicial system.
A little advice for Trippin Smurfs, as Principal Vernon said in The Breakfast Club, "Don't mess with a bull...you'll get the horns."
Failing Grade in Hacking
Hackers just keep getting younger. The latest to join the digital dark side is an 11-year-old middle school student in Port St. Lucie, Fla., who earned a failing grade for hacking into his teacher's grade book.
Wiggling his way out of lunch, the boy sauntered to his reading teacher's classroom and allegedly used her computer to alter his grades on five assignments.
School officials suspended the student for 10 days, and the principal is recommending his expulsion. But his troubles don't end there. Despite his age, the student faces felony charges.
It Wasn't That Bad
It's hard to say what lesson Boston College is trying to teach one of its computer whizzes, who was caught hacking into the university's network.
Officials say Douglas Boudreau, 21, broke into the school's computer labs and installed keystroke loggers and other sniffers. He allegedly used the gleaned data to alter his online records and charge more than $2,000 in goods and services to the accounts of other BC students, faculty and staff.
However, the school doesn't consider the incident too serious since Boudreau "did not sell the information or exploit it externally in any way." And since the suspended student is cooperating with the investigation, the school offered to pay for his lawyer to "ensure he is adequately represented."
Who Let the Dog In?
The irony was rich when a bomb-sniffing dog guided by a uniformed security guard swept a function room at last month's CyberCrime conference at Foxwoods in Connecticut. Given the heightened terrorism condition, the casino was conducting random security checks.
What session did the K-9 disrupt? A talk about cooperation with law enforcement on digital crime and terrorism probes delivered by Robert Weaver, head of the Secret Service's New York Electronic Crimes Task Force.
Weaver didn't miss a beat, and simply asked the dog's handler, "Is there something we need to know?"
Famed hacker Kevin Mitnick's return to cyberspace was greeted with appropriate welcomes from both sides of the digital divide.
Hackers marked the end of Mitnick's exile by defacing his newly minted Web site...twice.
On the other side, white hats at the Los Angeles chapter of the Information Systems Security Association (ISSA) have barred the convicted felon from its events.
The 15 minutes keeps ticking off for Mitnick. Stay tuned.
About the author:
Lawrence Walsh is the managing editor of Information Security.
This was first published in March 2003