According to the indictment, between March 2001 and March 2002,
McKinnon, an unemployed computer administrator, hacked into and
damaged 92 computers belonging to the US Army, Navy, Air Force,
Department of Defense and NASA, and six computers belonging to
private businesses.
The indictment alleges that McKinnon, using the handle "Solo",
scanned a large number of computers in the .mil internet domain
name network, was able to access the computers and obtained
administrative privileges. Once he was able to access the
computers, McKinnon is alleged to have installed a remote
administration tool, a number of hacker tools, copied password
files and other files, deleted a number of user accounts and
deleted critical system files.
Once inside a network, he could then use the hacked computer to
find additional military and NASA victims. The estimated loss to
the various military organizations, NASA and the private businesses
is approximately $900,000.
OUT-LAW.COM spoke to Judy Prue, press officer for the National
Hi-Tech Crime Unit (NHTCU). She explained that NASA discovered its
system intrusion and identified the source as being in the UK – but
could not trace the hacker more accurately and contacted the NHTCU
for assistance.
The army and navy independently contacted the NHTCU. The NHTCU
then traced McKinnon based on his IP address and other information
which has not been disclosed.
McKinnon was charged on seven counts of hacking and on each
count faces a maximum sentence of 10 years' imprisonment and a
$250,000 fine. The US is bringing extradition proceedings in the
UK. But he plans to fight against extradition.
McKinnon was arrested in London in March, charged with
hacking-related offences and released on police bail; but after
lengthy discussions with the US authorities, it was deemed
appropriate to extradite him to the US for prosecution.
Procedurally this meant releasing McKinnon from his charges and
bail conditions – which has been done, meaning that he is
technically a free man.
However, the US prosecutors have said that they intend to serve
their extradition request in the UK and then arrest him.
The UK has anti-hacking laws in the Computer Misuse Act of 1990;
but the maximum prison sentence for a single offence is five years
– half the US maximum for similar offences. Although the UK law
allows McKinnon to be tried here for acts committed on US systems,
the view of UK and US authorities is that he should be tried where
the harm occurred.
Karen Todner, McKinnon's solicitor, is quoted by Associated
Press as accusing the US prosecutors of "political" motivation in
seeking extradition, "to make an example of Mr McKinnon." According
to the US Department of Justice, no "classified" files were
accessed but the case is being treated seriously because of the
"potential harm" that could have been done.
Ms Todner did not declare her client innocent, but stressed that
"he has no terrorist links whatsoever."
The indictment is available as a 14-page PDF from:
www.usdoj.gov/usao/vae/Pressreleases/mckinnonindict111202.pdf
Disclaimer: We hope you find OUT-LAW’s content useful. It’s prepared by the lawyers at Pinsent Masons. Please remember, though, that it’s intended as general information only. It’s not legal advice. If that’s what you’re seeking, please
contact us. See also: our
full disclaimer
