In the first of a new series about IT people or organisations in trouble or 'Up Against It', we send Richard Morris to interview a curiously nondescript hacker from Crouch End called Gary, who gives an impression completely at odds with the 'evil Genius' described by US prosecutors who are applying for his extradition. Is Gary a stoned loner looking for evidence of UFOs, or a terrorist capable of influencing the US Government by intimidation and coercion?
Gary on US Military Security
‘What I did wasn't very clever. There were slightly lower-than-expected lines of defence. I searched for blank passwords, and wrote a tiny Perl script that tied together other people's programs that search for blank passwords, so you could scan 65,000 machines in just over eight minutes. There was a permanent tenancy of foreign hackers. You could run a command when you were on the machine that showed connections from all over the world, check the IP address to see if it was another military base or whatever, and it wasn't.’
Gary McKinnon, aged 42, claims that he is a UFO enthusiast who hacked into US military computers looking for evidence that aliens have visited Earth. If, on the other hand, the Pentagon and NASA are to be believed, he is an evil genius.
On talking to Gary, the first reaction is disappointment. He just doesn't seem to be anything like the 'Bond villain' that he is portrayed as. He doesn't even seem to be very IT Savvy. It strains belief to credit him with being the super-hacker called SOLO, who maliciously compromised the USs military capability. Gary is more 'Ealing Comedy' than 'Ernst Stavro Blofeld'
The US military claims that McKinnon, an unemployed systems analyst from Crouch End in London, left 300 computers at a US Navy weapons station unusable immediately after the September 11 terror attacks in 2001.
He is also accused of hacking into 53 US Army computers and 26 US Navy computers, including those at US Naval Weapons Station Earle in New Jersey, which is responsible for replenishing munitions and supplies for the Atlantic fleet.
Added to this litany of accusations are the assertions that he also hacked into 16 NASA computers, one US Department of Defence computer and one machine belonging to the US Air Force.
Gary on Intrusion Detection
'There was one occasion when a network engineer saw me and actually questioned me and we actually talked to each other via WordPad, which was very, very strange. He said to me “What are you doing?” which was a bit shocking. I told him that I was from Military Computer Security, which he fully believed.’
He was arrested in 2002 by the UK's national high-tech crime unit (since disbanded due to UK Government cutbacks) after he tried to download a grainy black and white photograph that he believed was a snapshot of an alien spacecraft. He came across it in a NASA computer housed in the Johnson Space Centre in Houston, Texas.
When investigators began to follow the trail of intrusions, they found McKinnon’s virtual fingerprints across the entire matrix of high-security computers that goes to support American military power.
US prosecutors claim that that the perpetrator was not a stoned loner in his dressing gown in a North London bedroom (McKinnon was a cannabis user) looking for evidence of UFOs but a sophisticated genius with links to international terrorism. It was, they claim, the havoc wreaked by Gary, known as Solo, which presented an ‘intentional and calculated [attempt] to influence and affect the US Government by intimidation and coercion’.
McKinnon, for his part, says the hack was inspired, in part, by what he calls ‘suppressed technology’, and also reading The Hacker’s Handbook the 1980s book by Hugo Cornwall (aka Peter Sommer) which explained in graphic detail how computer systems of the period could be hacked.
Meanwhile, Gary’s interest in extra-terrestrial activity comes from his stepfather who hails from a part of central Scotland that science-fiction fans like to call the UFO capital of the world, thanks to the high concentration of strange sightings across the night skies of Bonnybridge. By the age of 10, Mr McKinnon had joined the British UFO Research Association. Soon afterwards, he was teaching himself various programming language on his new Atari 2600. Friends convinced him to get a qualification in computers.
‘It wasn't just an interest in little green men and flying saucers. I believe that there are spacecraft, or there have been craft, flying around that the public doesn't know about,’ he says.
Fuelled by what he calls ‘a humanitarian need’ he hacked into dozens of US government computer systems and found it relatively easy to do.
‘I found out that the US military use Windows, so I assumed it would probably be an easy hack if they hadn't secured it properly.’ They hadn’t, so It was.
He claims that, in several raids, he discovered ‘future technology. ‘This technology is laughingly referred to as UFO technology. I think it's the biggest kept secret in the world because of its comic value, but it's a very important thing. Old-age pensioners can't pay their fuel bills, countries are invaded to award oil contracts to the West, and meanwhile secretive parts of the secret government are sitting on suppressed technology for free energy. I wanted to find out why this is being kept a secret when it could be put to good use.’
‘Don’t get me wrong. What I did wasn't very clever. There were slightly lower-than-expected lines of defence. I searched for blank passwords, and wrote a tiny Perl script that tied together other people's programs that search for blank passwords, so you could scan 65,000 machines in just over eight minutes.’
‘There was a permanent tenancy of foreign hackers. You could run a command when you were on the machine that showed connections from all over the world, check the IP address to see if it was another military base or whatever, and it wasn't.’
‘The General Accounting Office in America published a damning report saying that federal security is very, very poor.'
‘ I'd always be juggling different time zones. Doing it at night time there's hopefully not many people around. But there was one occasion when a network engineer saw me and actually questioned me and we actually talked to each other via WordPad, which was very, very strange. He said to me “What are you doing?” which was a bit shocking. I told him that I was from Military Computer Security, which he fully believed.’
‘NASA’s files were the most interesting to me though. There was a group called the Disclosure Project. They published a book which had 400 expert witnesses ranging from civilian air traffic controllers, through military radar operators, right up to the chaps who were responsible for whether or not to launch nuclear missiles. They are some very credible, relied upon people, all saying yes, there is UFO technology, there's anti-gravity, there's free energy, and it's extra-terrestrial in origin, and we've captured spacecraft and reverse-engineered it.’
‘In one report a woman is quoted as saying that in building eight of Johnson Space Centre they regularly airbrushed out images of UFOs from the high-resolution satellite imaging. What she said was there was there: there were folders called ‘filtered’ and ‘unfiltered’, ‘processed’ and ‘raw’, something like that. I got one picture out of the folder, and bearing in mind this is a 56k dial-up, so a very slow internet connection, in dial-up days, using the remote control programme I turned the colour down to 4bit colour and the screen resolution really, really low, and even then the picture was still juddering as it came onto the screen. But what came on to the screen was amazing. It was a culmination of all my efforts. It was a picture of something that definitely wasn't man-made. It was above the Earth's hemisphere. It kind of looked like a satellite. It was cigar-shaped and had geodesic domes above, below, to the left, the right and both ends of it, and although it was a low-resolution picture it was very close up. This thing was hanging in space, the earth's hemisphere visible below it, and no rivets, no seams, none of the stuff associated with normal man-made manufacturing.’
As he probed high-level computer systems in the United States, his life in Britain fell apart. He lost his job, and his girlfriend dumped him. Friends told him to stop hacking, but to no avail.
‘I'd stopped washing at one point. I wasn't looking after myself. I wasn't eating properly.’
Eventually, he started to get sloppy and began leaving behind clues. At one point, he began posting anti-war diatribes on the screens of the US government including:
‘U.S. foreign policy is akin to government-sponsored terrorism these days ... It was not a mistake that there was a huge security stand down on September 11 last year ... I am SOLO. I will continue to disrupt at the highest levels.’
But he insists that he never attempted to sabotage any operations.
It is estimated that McKinnon’s two-year wrecking spree through cyberspace caused upwards of $1 million in damage.
Though the files McKinnon hacked into were not, as the most of the media keep reporting ‘top secret’ none-the less the unclassified systems he broke into were still sensitive and important to the daily operations of the US military and NASA, but it's wrong to say that they were top-secret.
In fact classified - 'top-secret' - networks are almost completely isolated in both virtual and physical ways from the public internet.
For the most part, McKinnon broke into administrative systems, possibly through some publicly accessible webservers. It was certainly embarrassing but very far from being the ‘world's biggest military hack’ which some newspapers insist on calling it.
McKinnon maintains that the hacks were ‘morally correct.’
He believes that, if he is extradited to the US and found guilty he may be handed a 60 to 70-year jail sentence, but few journalists have challenged that figure, and it is uncertain where it has come from.
American sentencing guidelines have a wide range, and it's extremely rare for criminals to be given the maximum sentence, especially in a white collar crime like this.
A 60-year sentence is ‘extraordinarily unlikely,’ according to Scott Christie, who was the lead prosecutor in the case in New Jersey before going into private practice.
‘His general exposure would be in the range of between three and five years,’ he said.
After losing all his legal battles to avoid extradition and after having turned down a plea bargain Gary McKinnon has been given an 11th hour reprieve just days after his lawyers received a letter from the director of public prosecutions (DPP) stating it would take up to four weeks to deliberate over his confession to computer misuse. They hope that he will now be tried under English law.
The fact that Gary has been found to be suffering from Asperger’s syndrome should help his case.
His supporters say that instead of prosecuting him, the US government should thank him for pointing out massive computer security lapses in critical systems and that extradition would be ‘inhumane’.
Professor Simon Baron-Cohen, who diagnosed Mr McKinnon with Asperger's syndrome, pledged his support.
’We should be thinking of this as the activity of someone with a disability, not a criminal activity,’ he said. ‘There are questions as to whether he should be imprisoned at all. Someone was Asperger's would find it very difficult to deal with it.
’He believed that what he was doing was right.’
If you would like to nominate a person or organisation who you think ought to be interviewed by Richard Morris for the 'Up Against It' series, let us know.
