Not all hackers are evil. Some are just trying to show off, and others are simply too curious for their own good.
However, this supposedly benign group can often end up in much bigger trouble than they had previously imagined. Sometimes, these hackers might inadvertently cause serious financial damage to companies and government institutions. But, other times, they may simply end up way in over their heads, involving the military and security services.
These hobbyist hackers are distinct from state-sponsored hackers, even if they end up targeting government networks because they’re simply doing it for the hell of it, rather than as part of a coordinated effort.
The idea of hacking a government network might not sound like fun for you or me, but these guys live for it.
Robert Tappan Morris
Back in 1988, the internet was a fairly new phenomenon, having only recently been opened up from the US military’s ARPANET program.
Morris decided to find out how many computers were connected to the internet and created a program to find out. His program, now considered the first ‘worm’ would work its way from machine-to-machine, replicating itself every time.
This would let Morris count just how many machines were actually online. Of course, it didn’t get the user’s permission to install itself on the machine and the worm exploited several flaws in the targeted operating systems.
While it was benign in intention, it was far from low-key. Morris’ worm used a lot of memory from each machine it infected, and it was estimated that the slowdown caused by the infection significantly harmed productivity, costing some companies as much as $53,000.
Morris, just 23 at the time, became the first person convicted under the 1984 Computer Fraud and Abuse Act for gaining unauthorized access to “federal interest” computers. He was sentenced to three years of probation, 400 hours of community service and fined $10,500.
Melissa Virus
In 1999 David L. Smith, a 31 year-old amateur programmer from New Jersey released a virus onto the internet, named after a Floridian stripper he liked.
It was distributed through a Microsoft Word email attachment with the virus sending the email to the first 50 contacts in a user’s Microsoft Outlook contact list.
However, once on the machines, Melissa didn’t do much. It simply sat there hogging memory. In fact, Smith said during his trial that it was meant to be a harmless joke:
“I did not expect or anticipate the amount of damage that took place. When I posted the virus, I expected that any financial injury would be minor and incidental. In fact, I included features designed to prevent substantial damage. I had no idea there would be such profound consequences to others.”
He could have faced up to five years in jail, but thanks to his cooperation with authorities Smith was only convicted for 20 months in jail with three years of supervised release during which time he was forbidden from using a computer without court approval, 100 hours of community service and a $5,000 fine.
Gary McKinnon
Possibly the saddest story in the list, Gary McKinnon became famous as the hacker suffering from Asperger’s Syndrome who hacked the US military’s computers to find out about UFOs.
Starting in February 2001, McKinnon hacked into 97 military and NASA computers from his girlfriend’s aunt’s house in London. The US authorities claimed that he had deleted critical files from operating systems which shut down networks and weapon systems. McKinnon also posted a notice on the US military’s website stating “Your security is crap”.
McKinnon claims he didn’t delete any files, although he did leave a threat on one computer reading:
“US foreign policy is akin to Government-sponsored terrorism these days … It was not a mistake that there was a huge security stand down on September 11 last year … I am SOLO. I will continue to disrupt at the highest levels …”
McKinnon was first interviewed by British police in March 2002 and his computer was seized by authorities. In November 2002, he was indicted by a federal grand jury in Virginia on seven counts of computer-related crime, each of which carried a ten-year jail sentence.
Following a back-and-forth about his extradition to the US for trial, which eventually wound its way to the European Court of Human Rights, the British government blocked the extradition in October 2012 — nearly ten years after the indictment. The reasoning given by then-Home Secretary was that:
“Mr McKinnon is accused of serious crimes. But there is also no doubt that he is seriously ill […] He has Asperger’s syndrome, and suffers from depressive illness. Mr McKinnon’s extradition would give rise to such a high risk of him ending his life that a decision to extradite would be incompatible with Mr McKinnon’s human rights.”
Read more about internet security on Tech.Co