In a high-stakes game of Internet cat and mouse, the FBI is hunting an Israeli master hacker who orchestrated the penetration of military and university research computers.
Deputy Defense Secretary John Hamre said last month that although the intrusion appeared to have been aimed at systems that contained unclassified personnel and payroll records, it was “the most organized and systematic attack the Pentagon has seen to date.”
And computer experts noted that because information is shared within any organization, classified data could be available even on unclassified systems. And even unclassified data could be changed or erased.
The computer whiz, who uses the Internet name “Analyzer,” boldly gave an interview with an online magazine.
And Analyzer supporters have threatened retaliation if the FBI cracks down on the hackers responsible for the electronic break-ins.
Those threats should be taken seriously, warns computer expert Dane Jasper, a partner in Sonic, a Santa Rosa, Calif., Internet provider. He helped the FBI track down two Sonoma County teenagers who Analyzer allegedly coached through the series of military computer raids.
Most government and university computers are woefully unprotected, he said.
“If these systems are so important to the federal government, why isn’t someone paying attention to patch the security?” he asked.
Analyzer and the two teens penetrated computers in February using a weakness that already had been identified by computer security teams. The teams provided a quick software patch - but the hacked systems didn’t use it.
The first report came Feb. 3 from the Massachusetts Institute of Technology’s plasma energy lab, followed by break-ins at a series of military locations, including the Naval Undersea Warfare Center. They were followed by reports from NASA and other universities.
One of the teenagers has claimed 200 institutions were hacked.
In the interview with the Internet magazine AntiOnline, Analyzer said the penetrations were innocent and even helpful to their targets.
“I always kinda help the servers I hack,” Analyzer said.
He claimed he patches the holes he finds - but hints that a malicious hacker could have done much more.
In NASA’s computer, he boasted he found “the name of the guards … and in what times they do their patrolling.”
And Analyzer and the two teenagers he coached planted “back door” program instructions in some computers that could be used in the future by anyone knowing their codes.
“They could delete everything on the hard drives, the file systems - they could insert false data,” Jasper said.
An unknown ally of the hackers has already done some damage. The Web site of Internet service provider NextDex was taken over by someone purporting to be Analyzer who defended the teenagers in what amounted to a warning shot.
“It would have been a lot easier to remove everything on their hard drives than it was to change their Web page - that’s frightening,” Jasper said.
It was Jasper and his Sonic experts who identified the Sonoma hackers and discovered the existence of Analyzer.
After receiving a warning from MIT that someone using Sonic had penetrated the plasma lab - and a court order obtained by the Air Force demanding data on the penetrators - Sonic monitored all calls coming through its system from the Sonoma County town of Cloverdale.
The Israeli hacker had frequent online communications with the teenagers, Jasper said.
“At least two of those were step-by-step tutorials on how to penetrate servers,” he said.
On Feb. 25, FBI agents raided the boys’ homes and carted away evidence.
In an interview with AntiOnline, one of the boys, a 16-year-old Cloverdale High School student who uses the code name “Makaveli,” gave a simple explanation for their deeds: “It’s power, dude. You know, power.”