Alleged hacker: U.S. defense sites poorly secured

Man accused of hacking government sites says he was initially trying to prove the feds know about the existence of extraterrestrials. Newsmaker: Gary McKinnon

A British man facing possible extradition to the United States says poor security was a major factor in his ability to have wandered through the IT systems of some key defense establishments.

Gary McKinnon, who is accused of hacking and causing damage to federal defense systems , also said that his actions, far from intending to cause harm, all started as an innocent attempt to prove that the U.S. Defense Department knows of the existence of extraterrestrials. Later he was driven by suspicions about federal policies and actions in the wake of the Sept. 11, 2001, terror attacks.

Gary McKinnon
Gary McKinnnon

In an interview with ZDNet UK, McKinnon, who is out on bail pending an extradition hearing later in July, said that he was "frightened" to find U.S. defense systems were open to "people from all over the world."

He claims that in one system he found that the local administrator's password was blank. Those in charge of the system, McKinnon said, had used "image-based installation techniques where most of the machines have the same BIOS, the same hard drive, the same hardware specification" just applied across different systems.

"So you don't even need to become domain administrator," he said. "That's 5,000 machines all with a blank system-level administrator password."

McKinnon said that there was no malicious intent in anything he did. "They might say that my installing a remote control program opened them up," he said, "but it didn't. The access was already there. I didn't even have to crack passwords."

McKinnon faces charges alleging "fraud and related activity in connection with computers" and covering the U.S. Army, Navy, Air Force and NASA. Some of the most serious allegations are that he did "intentionally cause damage without authorization by impairing the integrity and availability of data, programs systems and information," which possibly cost the authorities $35,000.

If extradited and convicted, McKinnon could be sentenced to up to 70 years in jail.

McKinnon now faces a long battle to stay out of the U.S. courts, but he says he is starting to receive a lot of support.

"For a few days (after the extradition attempt was announced in June), it was very dark. But I am feeling quite up now," he said. "We have been talking to Boris Johnson (a Conservative member of Parliament), who is leading an early-day motion against the 2003 Extradition Act along with the (NatWest Three)...so together we are trying to get a judicial review going and to change the law."

The NatWest Three is a group of former workers at U.K.-based NatWest Bank who are fighting extradition to the United States on charges related to the Enron financial scandal.

While others are fighting on McKinnon's behalf, he is left to do what he can at home--without the use of the Internet, as this would violate his bail conditions.

He was first investigated under the U.K.'s Computer Misuse Act in 2002 and released without being charged. McKinnon maintains that he has done nothing wrong with computers ever since. He maintains that the U.S. charges relate to activities he engaged in before he was investigated by the U.K. authorities.

Click here to read the full interview, including details McKinnon said he found of UFO evidence and antigravity technology.

Colin Baker of ZDNet UK reported from London.

 

Discuss Alleged hacker: U.S. defense sites poorly...

Conversation powered by Livefyre

Show Comments Hide Comments