Close
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    Lessons Learned from a Teenage Hacker

    By
    Larry Loeb
    -
    September 13, 2005
    Share
    Facebook
    Twitter
    Linkedin

      When the fire alarms are not sounding and calling us to immediate reactive action, security pros need to be kicking back a bit and taking a look at how a serious security problem unfolds. Thats why we should take a look at a Massachusetts teenage who pled guilty of, among other things, hacking—to see what, if anything, could have been done to prevent him and his buddies from succeeding in doing what they did.

      The juvenile pled guilty in federal court last week and was sentenced in connection with a series of hacking incidents into Internet and telephone service providers; the theft of an individuals personal information and the posting of it on the Internet; and making bomb threats to high schools in Florida and Massachusetts—all of which took place over a 15-month period. Victims of the juveniles conduct have suffered a total of approximately $1 million in damages, according to official estimates.

      /zimages/3/28571.gifIT administrators must “think like hackers,” claims one security veteran. Click here to read more.

      This budding sociopath snuck a program onto an ISP employees computer in 2004 that gave him remote access to it. Juvie could use it as his own. So, the first point is to ask where and when did the admin become aware of Juvies activities, if he did at all.

      In 2005, Juvie hacked the internal directory of a “major telephone provider” to get information on someone who had an account with them. He used this to hack the users cell phone (Hello, Paris!) and post the contents of the phone/messenger to the Internet.

      Juvies subtlety emerged even further as he then set up numerous free accounts for all his buddies, never thinking that a bunch of uncollected accounts might trigger a financial review program or anything like that. No, he was too busy hacking into one of the Big 3 like Equifax to get personal information on people that he then posted to the Internet. (Do you see a pattern emerging?)

      He then progressed this spring into wirelessly making bomb threats to a school and in June threatened a DDoS attack against a different “major telephone service” who refused to deal with him. Juvie shut down a significant portion of their Web services, just to show them who their daddy was.

      They caught him. How could they not, as he bounced higher and higher until they could see him quite clearly? He had a run of a year from the first incident until he self-destructed in the shakedown of a corporation. Sad, really.

      The judge imposed a sentence of 11 months detention in a juvenile facility, to be followed by two years of supervised release. During his periods of detention and supervised release, the juvenile is also barred from possessing or using any computer, cell phone or other electronic equipment capable of accessing the Internet.

      If Juvie had been an adult, he would have faced charges of three counts of making bomb threats against a person or property, three counts of causing damage to a protected computer system, two counts of wire fraud, one count of aggravated identity theft and one count of obtaining information from a protected computer in furtherance of a criminal act.

      While younguns trying to make their mark on the scene dont always find the best way to do it (think graffiti thats not art), this particular Juvie crashed and burned with a ferocity that may leave him a burned-out crisp. I keep hoping he can turn his talents away from the Dark Side, and I wonder who is in line to pull the same stupid kind of stunts in his place.

      /zimages/3/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.

      Larry Loeb
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.

      MOST POPULAR ARTICLES

      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Applications

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Applications

      Kyndryl’s Nicolas Sekkaki on Handling AI and...

      James Maguire - November 9, 2022 0
      I spoke with Nicolas Sekkaki, Group Practice Leader for Applications, Data and AI at Kyndryl, about how companies can boost both their AI and...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×