Sept. 11 raises stakes for hackers

The same hacking crime which carried a punishment of probation five years ago, soon could result in a life sentence if lives are threatened.
Written by ZDNET Editors, Contributor
SAN FRANCISCO--In 1997, a teenager who hacked into a Bell Atlantic network inadvertently crashed the computer, leaving 600 homes, a regional airport and emergency services without phone service and disabling communications to the air traffic control tower for six hours.

The teen pleaded guilty and received a sentence of two years probation, a $5,000 fine and community service. But in the near future, that scenario could land someone in jail for life if a death were to result from a plane crash or a delay in reaching medics on the phone.

"That is a realistic scenario," said William Reilly, an attorney at San Francisco-based Cyber Security Law.

U.S. prosecutors and judges are cracking down on cyber crimes more aggressively than ever, Reilly said. The airplane hijack attacks in September have been used to justify harsher treatment for computer crimes in the name of national security, Reilly and others said.

That reality dampened the mood at the 10th annual DefCon hacker conference held in Las Vegas last weekend, despite diversions that included "Hacker Jeopardy" games, a techno music dance party, cheap beer and private strippers. The event is the world's largest gathering of computer anarchists and rogue programmers, who prefer to operate under aliases.

"The act of hacking itself has a political dimension," said Richard Thieme, an author, former Episcopalian priest and father figure to many hackers. "Before Sept. 11, it could not be defined in and of itself as an act of terrorism."

While most hackers at the event maintained their instinctual distrust of authority, some have been quietly offering their skills to the U.S. government since the attacks, experts said. "There is more of an awareness that we're all in this together," said Thieme, who spoke at the conference. "They're much more realistic. They've lost their dream."

New cybercrime laws
Of concern to many hackers is the U.S. Patriot Act enacted late last year and a new bill called the Cyber Security Enhancement Act overwhelmingly approved by the House of Representatives last month.

The Patriot Act raised the maximum sentence for breaking into a computer network from 5 years to 10. The Cyber Security Enhancement Act calls for up to life imprisonment for hackers who recklessly cause or attempt to cause someone's death.

"What was a misdemeanor pre-Patriot Act could be a felony now with a five- to 10-year sentence," said Simple Nomad, a DefCon speaker who works for security company BindView "That scares a lot of people."

As a result, hackers who formerly acted out of boredom or to seek a challenge are now directing their energy into "hacktivism," the use of computer hacking for political purposes, he and others said.

For example, there is more research into protecting anonymity on the Web. Such technologies include "digital drop boxes" and steganography, which is the science of hiding messages in things such as digital images, Simple Nomad says.

Pursuits of such evasive technologies even further pits hackers against law enforcers who in the 1990s all but lost the battle to prevent the widespread availability of strong cryptography, used to keep messages secret.

The FBI and other agencies have stepped up their monitoring of the Internet after finding Internet-related information on computers seized from Al Qaeda, the group blamed by the Bush administration for the Sept. 11 attacks.

Hackers now "are more concerned about the political fall-out and that the government will take away more of their rights," hacker Rain Forest Puppy said.

Renewed patriotism
For some, however, the Sept. 11 attacks prompted a renewed sense of patriotism. For example, Thieme says he knows of several hackers who are using their skills to aid U.S. intelligence agencies.

"There was a huge surge to do the job," he said. "Suddenly the CIA and all those (federal) guys weren't the enemy anymore."

"There have been flares and flashes of patriotism that I think a lot of hackers hadn't experienced before," Simple Nomad said.

At least one U.S. federal official concurs.

"I'm guessing you'll see some of that because the computer underground tends to be pretty patriotic," said Don Cavender, a supervisory special agent in the FBI's computer training unit.

"In the three months (immediately) post-Sept. 11, I could have reached out to the underground community and gotten a better response than before," said Cavender, one of the few federal agents at DefCon who wasn't in stealth mode.

Editorial standards