Jonathan James (convicted cybercriminal)

From Wikipedia, the free encyclopedia

For the unrelated Swedish music producer and IT-security specialist, see Jonathan Nicholas William James

Jonathan James (b. December 12, 1983), a.k.a. "c0mrade", is an American hacker who was the first juvenile incarcerated for cybercrime in the United States.^[1] The South Florida native was 15 years old at the time of the first offense and 16 years old on the date of his sentencing.

Contents 1 Initial DoD intrusion 2 NASA intrusion 3 Arrest, conviction and sentencing 4 Tactics 5 References 6 External links

[edit] Initial DoD intrusion

Between August 23, 1999, and October 27, 1999, James committed a series of intrusions into various systems, including those of BellSouth and the Miami-Dade school system.^[2] What brought him to the attention of federal authorities, however, was his intrusion into the computers of the Defense Threat Reduction Agency, a division of the United States Department of Defense, the primary function of which is to analyze potential threats to the United States of America, both at home and abroad. James later admitted to authorities that he had installed an unauthorized backdoor in a computer server in Dulles, Virginia, which he used to install a sniffer that allowed him to intercept over three thousand messages passing to and from DTRA employees, along with numerous usernames and passwords of other DTRA employees, including at least 10 on official military computers.^[1] It was this use of the sniffer that would later earn him a charge of illegal wiretapping (although he would later plead out of it).

[edit] NASA intrusion

After these system intrusions were detected, a previous intrusion was also traced back to James, into NASA computers this time. These attacks occurred on June 29-30, 1999, during which James targeted a number of computers at the Marshall Space Flight Center in Huntsville, Alabama. NASA alleged that James had downloaded proprietary software worth $1.7 million dollars.^[1] This intrusion, when detected, caused NASA to shut down its computers for three weeks that July, costing $41,000 to check and fix its systems.^[3]

It was later revealed that the precise software obtained was the International Space Station's source code controlling critical life sustaining elements such as oxygen filtering. However James had not been able to get the source code to compile because it was missing critical external libraries on which it relied.^{[citation needed]}

[edit] Arrest, conviction and sentencing

James' house was raided around six o'clock on the morning of January 26, 2000, by agents from the Department of Defense, NASA and local police. James was formally indicted six months later. On September 21, 2000, he entered into an agreement with the U.S. Attorney Guy Lewis: he would plead guilty to two counts of juvenile delinquency in exchange for a lenient sentence.^[1]

James was sentenced to six months in prison and probation until the age of eighteen, and was required to write letters of apology to NASA and the Department of Defense. He was also banned from using computers for recreational purposes.^[4] However, the judge in the case later reversed her decision and allowed James to serve his six months under house arrest, with probation until the age of twenty one. James later violated that probation and was then subsequently taken into custody by the United States Marshals Service and flown to an Alabama federal correctional facility where he ultimately served his six months.^{[citation needed]}

Legal experts said that, given the extent of his intrusions, he would have served at least ten years if he had been an adult. Both Attorney General Janet Reno and prosecuting attorney Guy Lewis issued statements claiming the James case was proof the Justice Department was willing to get tough with juvenile offenders accused of cybercrime.^[5]

Although the case was sealed due to his age, he did speak to the media about the charges as part of his plea agreement.^{[citation needed]}

[edit] Tactics

Although the specific details aren't clear, it has been said that on his Gateway Pentium 266^[3] he used the popular nmap port scan to scan hosts for, among other things, then-largely unknown flaws in several of Sun Microsystem's remote procedure call services in order to gain unauthorized access to the computer systems. Once on a system, he would search for information on it, and try to branch out. He would usually set up a sniffer to get further access to the network.

[edit] References

1. ^ ^{a b c d} Newton, Michael (2004). The Encyclopedia of High-Tech Crime and Crime-Fighting. Checkmark Books, an imprint of Facts on File Inc.. ISBN 0-8160-4979-3. 
2. ^ Grossman, M. "Computer crime: Changing the public's perception". The Miami Herald, October 12, 2000.
3. ^ ^{a b} Harrison, L. "Bedroom NASA hacker set to bite pillow in choky". The Register, September 22, 2000. Retrieved March 4, 2007.
4. ^ Lynch, I. "Nasa hacker gets six months downtime". Information World Review, November 21, 2000. Retrieved March 4, 2007.
5. ^ Stout, D. (2000). "Youth Sentenced in Government Hacking Case". The New York Times, September 23, 2000. Retrieved March 4, 2007.

[edit] External links

• Document detailing the Indictment
• Defaced BellSouth Website