The life and death story of a hacker who hacked the Pentagon and NASA at the age of 15
As a rule, hackers try to lead a secretive lifestyle and maintain anonymity. Many succeed, but some of them are gaining popularity against their own will. This happened, for example, with Kevin Mitnick or Robert Morris. But there are other computer geniuses, about whose fate much less is known than about their exploits. One of these guys who left a noticeable mark in the history of world hacking was called Jonathan James. This is a man with a vivid but tragic life history that ended with an early and mysterious death.
As soon as Jonathan James was named by journalists in their numerous publications: and the youngest, but at the same time the most talented hacker in America, who managed to infiltrate NASA servers, hack the Pentagon, steal the software that controls the ISS, and install a backdoor on the servers of one of the American military departments. And all this - at the age of fifteen. As a further development of his unique career, Jonathan James became the first minor in the United States to go to jail precisely on hacking charges. At the same time, the general public knows very little about him: in the English-language Wikipedia, a modest page of one and a half screens is devoted to James, and even less in the Russian-language one. But this guy's story, without a doubt, deserves a much more detailed story.
ChildhoodJonathan Joseph James (Jonathan Joseph James) was born on December 12, 1983 in a small, as we would say, "urban village" Pinecrest, located in Miami-Dade County, Florida. The town has a population of just over 18,000, but despite this, it publishes its own newspaper, The Pinecrest Tribune, twice a month. Also in the town of Pinecrest is the state-known landscape "park of culture and arts of South Florida". This village, which occupies a modest area of seven and a half square miles, is perhaps unremarkable in the eventful history of the United States. Well, other than being home to one of North America's most talented hackers.
Jonathan grew up in the most ordinary family by American standards: his father, Robert James, was a programmer, his mother was a housewife. At the age of six, he began to take an interest in computers and regularly sat at the keyboard of his father's home machine, playing games. In interviews published after the death of his son, Robert James recalled that he repeatedly installed various parental controls on the PC, because Jonathan was stuck at the screen all night long, which negatively affected his studies at school. But he invariably looked for cunning ways to get around the restrictions imposed by his parents. Apparently, this was the very first hacking experience of young Jonathan James. With age, the boy's interests gradually changed: having played enough games, he began to gradually learn the C language. Once Jonathan completely surprised his own father: after returning from work, he found that his son had taken down Windows along with all the software from his personal computer, and then installed Linux there in order to test an unfamiliar operating system and understand how it works.
When Jonathan was 13 years old, his passion for high technology seemed to his parents too painful and dangerous to health. At the family council, it was decided to take away the computer from the teenager, at which he spent most of his free time during the day and almost all nights. In response, Jonathan ran away from home, and categorically refused to return until he was given back access to the staff. As an argument, the young man insisted that programming and video games do not affect his studies at school, where he invariably receives high marks. Which, however, is not surprising: a little later it turned out that Jonathan had successfully hacked into the computer network of educational institutions in Miami-Dade County and periodically corrected his own scores in the report cards. Around the same time, Jonathan James came up with the nickname C0mrade, under which he communicated with other hackers on the forums and in personal correspondence.
Through hardship to the starsJonathan quickly got bored of the dalliance with electronic gradebooks, and he decided to choose a bigger goal for himself. The first serious victim of the fifteen-year-old hacker C0mrade was AT&T BellSouth, one of the largest telecommunications companies in the United States, headquartered in Atlanta, Georgia. Little is known about the details of this hack, and moreover, BellSouth itself learned that the company's servers were attacked by C0mrade only when the hacker himself confessed to this episode after the arrest. "We are regularly attempted to be hacked," BellSouth spokesman Spero Canton told the Tampa Bay Times, "and around the time Jonathan talks about, there really was one incident." Apparently, this hack did not cause any damage to BellSouth, since the main goal of C0mrade was not profit, but entertainment and testing its own knowledge. Later he told reporters: “I know UNIX and C like the back of my hand, because I read a lot of books and constantly hung out at the computer. The most difficult thing is not penetration into the system, but training and acquiring knowledge, so that later you can understand what can be done about it. "
Inspired by his success, Jonathan decided not to stop there. Sitting at night in his room at a Pentium-266 keyboard, he looked for vulnerable servers to which he could connect bypassing the security system installed by the admins. On June 29, 1999, one such server was discovered in Huntsville, Alabama. Having installed malware on it, the young hacker was able to increase his own privileges in the system and gain access to 13 other computers on the compromised network. As it turns out, the server and network that C0mrade penetrated belongs to a NASA unit called the Marshall Space Flight Center. This government research organization develops and tests advanced rocket engines, as well as the creation of communication systems and software for the International Space Station.
Among other interesting information, to which Jonathan James got access, were the source code of the program, which serves to control the critical elements of the life support of the International Space Station. According to NASA specialists, this software was designed to maintain the physical environment in the living quarters of the ISS, including control over temperature and humidity. Experts estimated the cost of this software at 1.7 million dollars, although James himself later argued that "these sources turned out to be complete junk, and do not pull for such an amount." By the way, after this comment, part of the source code for the ISS, to which he got access, was rewritten completely.
Following the discovery of the intrusion, Marshall Center staff disconnected the compromised server and computers from the network for 21 days in order to analyze the reasons and chronology of the hacking. This caused NASA $ 41,000 in direct damage. Around the same time, NASA security passed information about the attack to the FBI, and federal agents began a painstaking search for a mysterious powerful hacker who encroached on the US national space program. Who attended classes at Miami-Dade Community College during the day, along with other schoolchildren, and wandered the network at night in search of vulnerable servers that he could penetrate out of pure curiosity.
Crime and PunishmentOn a September evening in 1999, Jonathan James discovered during a network scan that an unknown well-wisher had installed a backdoor on one of the servers in Dulles, Virginia. The Trojan allowed virtually anyone to connect to the server from the Internet, which C0mrade immediately did. Then the young hacker did not yet know that the compromised server belonged to the Defense Threat Reduction Agency (DTRA), one of the divisions of the US Department of Defense that analyzes external threats to the country's national security. Without thinking twice, James installed a sniffer on the server and began to analyze the traffic passing through it in search of logins, passwords and other interesting information.
The catch turned out to be rich. Between September and October 1999, he was able to intercept the credentials of DTRA users, which gave him access to 10 computers of the Department of Defense, and allowed him to download more than 3,300 letters from mailboxes of Pentagon employees. Jonathan studied their contents with interest and examined the files found on the compromised computers, while not paying due attention to the issues of anonymity. Naturally, the successful penetration into the internal network of one of the Pentagon's subsidiaries (as the US Department of Defense claimed - the first in history) could not go unnoticed. The investigation did not last long and ended on January 26, 2000 - on that day, Defense Department agents and police from the Pinecrest Law Enforcement Department were ordered to arrest the hacker.
“I confess that that day I became a very popular dude in college when these guys in bulletproof vests and with machine guns broke into my house,” Jonathan James later told reporters with a smile. His home was ransacked and agents seized six devices: four desktop PCs, a laptop and one pocket computer. After his arrest, Jonathan began to actively cooperate with the investigation and tell the police about how he managed to commit all these break-ins. “They were, of course, worried that a minor could easily get into the network of a government organization,” the hacker said later. “Their main problem is that they do not pay due attention to security. But they seem to at least understand it. "
It played into the hands of James, first of all, that he did not take any destructive actions in the compromised systems - he did not change passwords, did not delete files, and did not run viruses. In addition, he was a minor: at the time of the crimes he was only 15 years old, and on the day of the announcement of the verdict he had just turned 16. If Jonathan James were an adult, he would face at least 10 years in prison and a heavy fine. But due to his young age, and also because he made a deal with the investigation, voluntarily pleading guilty to two incriminated episodes (hacking NASA and the US Department of Defense), the court found him guilty of "crimes committed by minors", since other criminal articles under the laws state to him at this age could not be applied. The punishment also turned out to be very humane: James received six months of house arrest and a ban on the use of a computer for entertainment purposes (but he could still sit at the keyboard if it was necessary for his studies). In addition, the hacker had to issue a written apology for the deed by NASA and the US Department of Defense.
However, the leniency of the sentence, apparently, did not go to the advantage of James. Soon he was detained by the police on the street for violating the terms of house arrest, and in addition, traces of drugs were found in his analyzes. As a result, the court changed the suspended sentence to real, and Jonathan went to jail for another six months, which he was supposed to spend in a juvenile correctional center. This was the first time in the United States that a teenager went to prison on charges of committing a computer crime, and therefore the story attracted increased attention from the press. In an interview with the Miami Herald, Jonathan James said he was determined to quit hacking. “It's not worth it,” he told the reporter, “I did it just for fun, for me it was a game, and they put me in jail. I don't want this to happen again. I can find other things for fun. "
After serving the full sentence measured by the judge, Jonathan was released and for some time disappeared from the sight of the special services and the press, deciding to lead an ordinary secluded life in his parents' house in Pinecrest. Unfortunately, this solitude, like the life of Jonathan James itself, did not last long.
Death of a heroOn January 17, 2007, a group of hackers led by renowned cyber underground figure Alberto Gonzalis launched a series of massive attacks on major US trade and financial organizations. Among the victims were the popular American supermarket chain TJX, BJ's "wholesalers' club", Boston Market, Barnes & Noble, Sports Authority, OfficeMax and several other commercial enterprises. As a result of the attack, hackers stole credit card information and personal information from millions of these firms' customers, and the firms themselves (as well as their reputations) suffered significant damage.
During the investigation of the incident, the United States Secret Service contacted Gonzalis's associates involved in this crime. Several of them knew each other and communicated on hacker forums with Jonathan James, which also came under suspicion. The fact that an unknown hacker hiding under the pseudonym "JJ" collaborated with Alberto Gonzalis added weight to these suspicions. The attacker stole credit card details and PINs by hacking into the wireless office supply chain OfficeMax, and later handed the stolen one to Gonzales by creating an anonymous mailbox for him. Nickname "JJ" coincided with the initials of Jonathan James. This circumstance, as well as an online acquaintance with the members of Alberto Gonzalis's team, was enough for Secret Service agents to break into the houses of Jonathan James himself, his brother and his girlfriend. Later, however, investigators came to the conclusion that the mysterious anonymous "JJ", most likely, was a close friend of Gonzales Steve Watt, who often signed on the network with the pseudonym "Jim Jones". During the searches, the agents did not find anything that would connect James with this crime. They found only a rifle in his house, which they did not seize, since it was officially registered.
Later, Jonathan James's father Robert recalled that after returning from prison, he suffered from depression and was often in an anxious and depressed state. The search and constant surveillance that Jonathan felt did not add to his peace of mind. Shortly after the Secret Service agents broke into the hacker's house, Robert called him asking if investigators could find something that would allow them to press charges. Jonathan replied in the negative. This was the last conversation between father and son.
On Sunday, May 18, 2008, 25-year-old Jonathan James was found dead in the bathroom of his home with a gunshot wound to the head from the same officially registered rifle that the agents did not seize during the search. Nearby was a suicide letter addressed to his father, brother and girlfriend. Among other things, it contained Jonathan's passwords to his PayPal and MySpace account. In this note, Jonathan wrote: “I do not believe in our 'justice' system - perhaps my actions today and this letter will be a serious signal to the public, but I have lost control of the situation, and this is my only way to fix it. To be honest, I have nothing to do with this whole TJX story. Even though Chris (Scott) and Albert Gonzales are the most dangerous and destructive hackers the feds have ever caught, I am far more seductive [as a victim] to public opinion than these two random idiots. That is life. Remember, it’s not that you win or lose, but that I personally win or lose by being in prison for 20, 10, or even 5 years for a crime that I didn’t commit. This is my way of winning, but at least I'll die free. "
In the hacker environment, rumors still circulate that the circumstances of Jonathan James's death were staged, and the real cause of his death was allegedly top-secret information that he managed to get on the servers of NASA and the Pentagon. The same, they say, is due to the keen interest in his person on the part of the US Secret Service. But the official investigation ruled that James committed suicide [Roskomnadzor], and all other versions are just idle speculation.
Be that as it may, the short life of Jonathan James is forever inscribed in the history of world hacking, no matter how pathetic it sounds. A short obituary published by the Miami Herald said: “Jonathan, who graduated from Beth Am High School in 1995, will be remembered by friends and family as an exceptionally intelligent young man who never did anything by the rules. A computer genius by all definitions of the term, he has continually amazed friends, family, and government with his accomplishments. He will be greatly missed by his brother, father, aunt, uncle, cousins, grandparents, as well as many, many friends. "
The authors of the obituary forgot to mention the fact that Jonathan "C0mrade" James was not just a hacker and computer genius, but a hacker and computer genius who did not do anything bad in his life, in general. It is all the sadder that his life ended so early.
|Vote for this post
Bring it to the Main Page