“Gary McKinnon was unlucky. He’s not even a very good hacker”
Lucky because that was the day UK Home Secretary, Theresa May, finally
announced that she would not allow him to be extradited to the US on health grounds.
For McKinnon the sense of relief was palpable: and he described May’s decision as liberation from “living with a dark and hollow feeling” for more than a decade since his arrest in March 2002.
But McKinnon’s bad luck actually started earlier, in fact it can now be revealed that it started almost from the first moment that he ventured onto the US’s defence network in February 2001.
McKinnon, who describes himself as a bumbling computer nerd, told an audience at the Infosecurity Europe event in 2006 that his exploits were first discovered because he was using remote control software and had miscalculated the time zone.
The truth is a little more clumsy even than that.
The hacker parade
McKinnon, a UFO enthusiast who was sure the US military had secret alien energy technology, was picked up following a penetration test on systems run by an internet service provider called Telewest. A penetration test is an exercise carried out by computer security experts to find weaknesses in a company’s systems.
Telewest had been alerted to the fact that a recruitment company that used its service had been hacked and wanted to know why and called in the experts.
The penetration testing company, working with Surrey Police, quickly found that a backdoor had been deliberately left open for remote maintenance by an engineer in the Telewest computers and that this had been discovered by hackers who had shared the information.
“Once we knew about the backdoor we just sat on it and watched,” said one of the investigators. “There was literally a parade of hackers coming through and using the system as a jumping off point to hide their tracks and McKinnon was one of those.”
The parade proved a rich source of information because the hackers sat inside the gateway and used it to share information with each other using chat room software and the investigators were able to log everything that they did.
“We recorded the chat logs and keystrokes of everything that they did, and we grouped their activity into three different parts. They were: information relating to the hack on the recruitment company, information relating to a hack into a number of top financial services organisations and a lot of junior ‘bollocksy’ people who were just kicking around and McKinnon was in the last group.”
Indeed the investigators backed up McKinnon’s claim to be a bumbling nerd . The text of the chat logs showed him to be a very junior hacker, one who was asking for information all of the time, though his hacking handle was ‘Solo’ he was certainly not alone.
The junior hacker
“He was asking for passwords to US systems and ways to access them that were common knowledge to the other hackers that were in there, he certainly did not hack an FBI database, he got his information from other hackers.”
Nonetheless, McKinnon was unlucky enough to be searching for secret UFO files while he was being watched, as were all of the other hackers who were now under surveillance.
He was now tracked as he made his way through the US systems. The investigators noting his coming and goings and backing up McKinnon’s version of events when he said that he wrote a few lines of code to look through the US military computers for blank admin and password fields.
Claims McKinnon made to me when I carried out the first interview with him after his arrest.
We had started by talking about McKinnon’s theories for alien energy sources and I had mentioned that it was possible that the US had actually stumbled upon anti-gravitics as research had been carried out Northrop-Grumman into the technology in the late 1950s and that at one point detailed information was accessible on the web but had then disappeared. McKinnon was distressed to find out that he might not have needed to hack to satisfy his curiosity if only he had known the right place to look. It prompted McKinnon to complain that journalists were just hackers who had permission, it was a statement he would repeat in later interviews.
During the interview McKinnon was at pains to stress that what he was doing was not that difficult.
We were sitting in his downstairs flat in Bounds Green, London and McKinnon went through his methods. How he would search for blank passwords and then once inside the US computers, install a remote access program called RemotelyAnywhere available to anyone to buy, so that he could come and go as he pleased.
McKinnon mentioned a network of 10,000 computers which had all been set up from the same computer, a claim backed up by the investigators.
“McKinnon was just looking for information and the way the US systems were set up made it easy for him,” said the investigator. “On one of the networks he went on there were 10,000 computers that had all been configured using an image from the first one to be set up. That meant that the first computers settings were copied onto all the others including the blank admin and password fields.
“On another there was a workstation that controlled the network and the administrator had left a window open that showed what the network was doing and then shrunk it. McKinnon installed his software on that and that meant that he could use it while the window was shrunk.
“We could watch him going from system to system and we could see what stuff he was looking for.”
McKinnon’s activities and those of the others using the Telewest gateway were packed into around six ‘intelligence packages” that were circulated to a number of police forces and organisations.
Each package contained the names of individuals and what they had been doing. Their addresses gleaned from tracking them back through the web, determining which police force got the package.
And it was here that McKinnon’s bad luck started again. He was London-based and came under the Met and his snooping on US defence computers brought him under the ambit of the now disbanded National High-Tech Crime Unit.
The NHTCU passed the package onto the US Embassy, at a time when the US was desperate to demonstrate that it was taking a hard line on hacking.
According to police and intelligence insiders, the US fixed on McKinnon as a scapegoat.
“There were a lot of people who thought he was being set up by the US.”
At the US Embassy the package landed on the desk of Ed Gibson, a trained lawyer, FBI liaison and computer security specialist, who went on to be the UK head of security for Microsoft, known affectionately in the computer industry as ‘Ed the Fed,’ and it was Gibson who decided that McKinnon should be brought to trial in the US.
In that he had the full support of the UK police, particularly Len Hynds, former head of the NHTCU: “I guess the point I might be making if I were still in law enforcement is that this case was based upon some excellent international cooperation.
“It was made crystal clear to me through discussions with the US Legal Attache (Ed) and US Military that McKinnon had caused significant disruption and posed a real threat.
“Essentially extradition relies on reciprocal arrangements being in place and I can quite understand the disappointment that the US will now be feeling. Imagine if it were the UK who were seeking extradition in similar circumstances,” said Hynds.
In truth though McKinnon was once again unfortunately in the wrong place at the wrong time, because in the months that preceded his arrest police officers on both sides of the Atlantic had been vigorously expressing their frustration at the failure of a number of high profile UK hacking cases that had involved the US.
Matthew Bevan, 21, known as ‘Kuji’ – and his alleged partner, 16 year old Jonathan Pryce, ‘the Datastream Cowboy’, had been acquitted in 1996.
Bevan, also in search of UFO files, was at one point suspected of being a foreign agent providing Pryce with instructions and passwords on how to enter US military systems.
Bevan had hacked into the Griffiss Air Force Base Research Laboratory in New York and now told Pryce how to hack into a research facility in Korea. Pryce then dumped the contents of the Korean Atomic Research Institute’s database on the USAF system prompting concerns that the incident might draw the attention of the North Koreans and trigger a potential world war.
Then when in July 2001, Raphael Gray, an 18 year old Welsh hacker, calling himself Curador escaped jail and instead received a three year psychiatric and community service rehabilitation order, after publishing the details of 26,000 credit cards online, police grumblings started.
Gray had been the subject of an FBI investigation and once again US and UK computer security experts expressed their anger and privately called for stiff sentences to be handed out as deterrents for hacking.
At the same time the NHTCU had come into being with precisely that aim in mind.
“Operational relationships like those that we built with Ed Gibson are essential instruments in the fight against organised crime at international level – lets hope that this decision does not unpick that good work, says Hynds, commenting on McKinnon, winning his fight against extradition.
The wrong place at the wrong time
So once again McKinnon’s actions played against him and the parallels with the other cases were unfortunate.
So were events, of the other packages, considered by the investigators to be more important most were dropped. The hackers who had stolen funds from banks and credit card companies had their cases quietly dropped by the police when the companies concerned changed their minds about prosecution that left McKinnon uncomfortably exposed and in the frame.
UFOs in the orchard
My acquaintance with McKinnon had started a lot earlier even though I did not know it, when I was rung one night by a hacker out of the blue on my mobile, at the same time McKinnon was presumably making his way through the US defence computers.
I took the call in the orchard of the house I was staying at because it was the only place that I could get a signal.
The hacker told me that his friends had got inside the US’s systems and that they were recovering huge amounts of information about UFOs and ballistics experiments. He said that they were even able to watch things that were going on inside the US facilities on web cams and asked me if I was interested in being provided with details.
I declined and suggested that they would be better off stopping what they were doing and destroying their hard drives and forgetting about the whole incident.
From the shadows
Around a year later, I was in the offices of the NHTCU carrying out research for a book I was writing, when McKinnon emerged by name from the shadows of the orchard.
During an interview with Hynds, he mentioned that they were about to arrest a Scottish hacker by the name of McKinnon who had been working his way through US defence computers and things started to fall into place.
McKinnon was arrested around two weeks later and I was rung by the same hackers who had contacted me in the orchard to ask if I would like to interview him.
When I met McKinnon he was a very worried and nervous man, obsessed with the idea that he would be anally raped in a US prison.
All conditions I could sympathise with. I did not tell him, but in 1996 I had written about an $80m fraud involving AT&T where the perpetrators, another hacking gang with members in France and the UK had been caught in an FBI sting that had lured them to the US.
As it was a fraud it was investigated by the US Secret Service, responsible for protecting the President and the currency.
When I had spoken to one of the secret service agents he had confided to me that the hacker arrested in France was a ‘pretty boy’ and that they had deliberately circulated his picture in the penitentiary that he was destined for.
McKinnon is not an ugly man, it was easily possible he could have suffered a similar fate.
And if McKinnon was paranoid then, another 10 years of worry must have eroded his mental health even more.
As I was leaving he asked me if I thought he would be extradited.
I told him I though not mainly because of the preposterous 70 year jail sentence that was being talked about. I told him that he would have to get newspapers and a pressure group and his MP behind him but that I thought as it would be a political issue that it would have to right to the end of the judicial process before it was over.
And now it has and McKinnon has been punished enough.
An edited version of this article was published in the Independent, Thursday 18th of October, 2012