The NASA hacker: Scapegoat or public enemy?

Summary:An unemployed North Londoner has been accused of committing the biggest military computer hack of all time by the US government while authorities in Britain chose to release him without charge

Gary McKinnon has a lot to worry about. His job prospects are bleak. He will shortly have to leave his home in North London and could be facing up to 70 years in a US federal prison — a prospect that terrifies him.

His actions have been well recorded. Over a period of years he managed to bypass the security of what should be the most sophisticated IT systems on the planet, many of which belong to the US Department of Defense (DoD) and NASA.

That was back in 2002 and he has already been investigated thoroughly by the legal authorities in this country and released without charge. No one in the UK justice system considered him a threat. But the slow-working cogs of the US legal system have finally clicked into action leaving him hanging in limbo awaiting an extradition hearing later this month.

The unemployed UFO enthusiast was, metaphorically speaking, able to walk right in, look around and make himself at home in what are supposedly some of the most secure systems in the world. Although breaking into the DoD required a combination of ingenuity and hours of mindless drudgery, ultimately it was the "dangerously lax IT systems" that made it possible, he claims. And as for the "minor" damage to the systems concerned, it was not deliberate but happened accidentally while he was trying to cover his tracks.

Mckinnon, now 39, admits that there was a period of his life when he was "addicted" to computers. It threatened his life, his health and his relationships at the time, but he couldn't leave them alone.

His interest in IT was sparked, as it was for many others, by an interest in science, science fiction and the unknown. It was the search for proof of extraterrestrial life and a potential cover-up around the events of 11 September, 2001, that led him to the restricted government sites to begin with.

His story raises some critical issues around the rights of British citizens accused of committing a crime in the US, the state of IT security internationally and the possible existence of antigravity technology in a US military establishment.

Q: Why do you think the US authorities behaved the way they did, with an extradition order?
A :Well, the reason they give is that I, on my own, closed down the entire metro district of Washington for a few days, including a weapons station, which I dispute. My thing was being quiet and not being seen and getting the information out. And also, when I was there, you do a NetStat routine and you see all the other connections to that machine and there is a permanent weakness for foreign hackers because their security is not even lax, it is non-existent. You wouldn’t believe it.

They might claim that by installing a remote control program, I opened them [the systems] up, but the access was already there. I didn't even have to crack passwords.

What about the damage you are said to have caused?
What they call damage is really just them realising that they have been accessed without authorisation. Then they say things like I deleted 300 users, deleted systems files and such. That was one instance when I did a batch file to clean up all my stuff. I think once and only once, though perhaps I ran it on the root drive of the "c:" drive. But it certainly wasn’t every machine I was on and, if you believe them, they talk about 94 networks being damaged.

Topics: Security

About

Colin has been a computer journalist for some 30 years having started in the business the same year that the IBM PC was launched, although the first piece he wrote was about computer audit. He was at one time editor of Computing magazine in London and prior to that held a number of editing jobs, including time spent at the late DEC Compu... Full Bio

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.