When people hear of the word ‘hacker’, they usually think of those who are considered black hat hackers. As opposed to white hat hackers, who hack computer systems to help patch flaws in the security, black hat hackers hack for more illicit gains. Whether it is for money, personal information or just for the thrill of it, black hat hackers wreak havoc on computer systems and usually leave a trail of victims behind.
In this post, we will briefly look into the lives, motivations and outcomes of 10 hackers who have made the headlines by targeting and hacking into large organizations and even governments. Some bear good intentions while other have no qualms of hacking for personal benefit, but no matter what their reasoning is, these are hackers that keep major organization on their toes when it comes to the security measures they employ in their systems.
How You Are Helping Hackers Steal Your Data
(Guest writer: Lenin VJ Nair) We know hackers are all around us, and that's why we are extra... Read more
1. Hector Xavier Monsegur (Sabu)
Sabu is well known as one of the founders of LulzSec, the infamous black hat hacker group that broke into and stole information from government and corporate websites, all mainly "for the lulz" or in other speak, entertainment. His real identity was eventually discovered by the FBI and he was given a choice: turn informant or go to prison.
Monsegur chose the former and co-operated with the FBI, hacking with his Lulzsec team all the while keeping tabs of their activities and reporting to the feds. This eventually lead to the capture of the other members and the end of Lulzsec. Monsegur spent a mere 7 months in jail due to his co-operation. Count him lucky because his original sentence was supposed to be a good 26 years.
2. Kevin Mitnick
Kevin Mitnick was a hacker before computers were cool, or mainstream. His first hack was done when he was 15, back in 1978, through a method known as social engineering, involving a ticket puncher and dumpster diving. Basically, he could get all the free bus rides he wanted with a counterfeit punch card.
His first computer hack though was for unauthorized access to the computer systems of Digital Equipment Corporation. He was jailed for 12 months plus a 3-year supervised release. He broke the 3-year agreement when he hacked into Pacific Bell’s voice mail computers, and an arrest warrant was released in his name, which he succeeded in avoiding for 2.5 years.
During his time on the run, he went on a hacking spree, using cloned cellphones to hide his location and breaking into the systems of some of the largest cellular and computing companies. He was eventually caught and made to serve 5 years in prison. He now runs a computer security firm, Mitnick Security Consulting.
3. Gary McKinnon (Solo)
According to US prosecutors, Scottish hacker Gary McKinnon was responsible for committing the "biggest military computer hack of all time" – he hacked into 97 US military and NASA computers in 2002. And it wasn’t just a simple break in as the incident happened less than a few months after 9/11.
He did real damage to US military infrastructure, halting munitions supply to the US Navy’s Atlantic Fleet and for some reason, he left taunting, anti-American messages on the computers. McKinnon has Asperger’s Syndrome and when he was caught, McKinnon, he claimed that he was only looking for proof of UFOs, anti-gravity technology and free energy suppression.
The US government tried to extradite him for trial but could not do so due to his medical condition, and the fact that medical experts consider him a suicide risk should he be made to leave the UK to stand trial. At the end of a 10-year tug-of-war, prosecutors decided to drop any plans to prosecute him on UK soil due to the complications of him being in the UK and the evidence and witnesses being in the US.
4. Ehud Tenenbaum (The Analyzer)
At the age of 19 in 1998, Israeli hacker Ehud Tenenbaum was the head of a group of hackers that managed to break into the computer systems of the NASA, the US and Israeli military, and several US and Israeli universities. They installed backdoors to get classified information. Then-US Deputy Department of Defence John Hamre called it "the most organized and systematic attack to date" – they thought the hack was done by the Iraqi government.
In order to stop the attacks and capture the hackers, several branches of the US government assembled their agents and started an investigation (codenamed Solar Sunrise). They finally manage to capture the Tenenbaum and his team. In 2001, he was sentenced to 18 months in prison of which he served only 8 months.
He was later arrested again in 2008 for hacking into financial institutions and stealing credit card numbers – damages totalled around $1.5 million. He pleaded guilty and accepted a plea bargain for his cooperaton in the investigation.
5. Jonathan James (c0mrade)
When he was 15, Jonathan James was caught breaking into the BellSouth and Miami-Dade school system. This led to the discovery that he had backdoor access to a division of the US Department of Defence – basically he had access to thousands of employee messages.
He had also hacked NASA and obtained the source code for life support functions at the International Space Station. The intrusion caused NASA to shut down their computers for three weeks, and $41,000 to patch the system. James was arrested and made to serve 6 months in a federal correctional facility.
Later in 2007, James was under suspicion of helping some of his hacker friends commit a massive computer hacking spree which compromised the credit information of millions of people. He repeatedly denied involvement but was raided by the Secret Service nonetheless. In 2008, he committed suicide by gunshot to the head, believing that he would not receive proper justice.
6. Edward Snowden
Edward Snowden became a household name by blowing the lid off the NSA’s spying program. The agency had been spying on regular Americans in an unprecedentedly massive scale. How did Snowden get his hands on evidence to prove that allegation? Well, he didn’t really need to rely on hacking tools. Like Mitnick, all he had to do was use social engineering – oh, and he took advantage of a broken security policy to get access to the files.
You see, Snowden was working as a system administrator for the NSA and was able to access the majority of their top secret documents, and there was basically no one auditing him for potential leaks. If he couldn’t get a document, all he had to do was get the credentials of someone who had access – people already assume sysadmins had access to them already.
After the revelations, Snowden fled to Russia where he obtained political asylum.
7. Andrew Auernheimer (weev)
weev is a grey hat hacker and Internet troll, first gaining notoriety for claiming responsibility for a hack done on Amazon where books on gay issues were reclassified as pornography. He is very well known for his trolling antics, once becoming the president a group dedicated to trolling the web with malware, website hacking and shock images.
From this group came Goatse Security, a grey hat group created to distance themselves from the trolling antics of the former. In 2010, he helped find a vulnerability on the AT&T website that exposed the emails of iPad users, some of which include those owned by celebrities and military officials.
While they eventually turned over the exploit to AT&T, they had first gone to a news agency to share their discovery. This lead to a criminal investigation where he was charged by the FBI for the hack and was given 41 months of jail time.
8. Julian Assenge (Mendex)
Today, Julian Assenge is known as the creator and public face of Wikileaks, the online organization that publishes leaked government and corporate documents. But before all that, way back in the late 80’s at the young age of 16, he was known as Mendex and together with two other hackers formed International Subversives, what they consider to be an ethical hacking group.
He went on to hack into several high profile targets such as the US Department of Defence, NASA, Lockheed Martin, just to name a few. He was eventually caught while hacking into Nortel in 1991 at the age of 20. He pleaded guilty to 35 charges. He managed to avoid heavy penalties due to perceived non-malicious intent and a disrupted childhood, caused by his mother being part of a controversial New Age group and frequently moving about.
9. Jeremy Hammond
Jeremy Hammond is a political activist and he uses his computer hacking skills to aid in his activism. For example, during the 2004 DEFCON, he encouraged "electronic civil disobedience" to the audience as a form of protest against the annual Republican National Convention.
He founded HackThisSite, a way to train would be hackers with all the tools of the trade, describing itself as “a non-profit organization that strives to protect a good security culture and learning atmosphere”. He mostly got into trouble with the law with his activism, from refusing to follow police orders when protesting.
But what finally got him arrested (and a 10 year sentence) was the hacking of the private intelligence firm, Stratfor, in 2012. He had leaked an obtained client list to Wikileaks and donated an additional million dollars via stolen credit cards to several charities. An interesting titbit you might like was that Hammond was actually caught by Sabu (from #1) who was working with the FBI as an informant at the time.
10. The Jester
The Jester is an internet vigilante and self-described grey hat hacktivist. His real identity is unknown except for the fact that he is a former soldier that had served tours in Afghanistan and elsewhere. The Jester made a name for himself by hacking several websites he perceives as anti-American.
His first public attack was against the Taliban and other related jihadist groups on the Internet. He also hacked the website of the Westboro Baptist Church for disrespecting the funerals of American troops. He has also DDoS several websites that he claims are endangering American troops abroad, such as Wikileaks.
Not only that, he has hacked countries that show support for Snowden, such as Ecuador, DDoS-ing their stock exchange and tourism website. The Jester is still active on Twitter and his blog, where he gives his opinions regularly.