Friday, July 14, 2006

Government Treats Computer Hacker With Kid Gloves

A computer consultant working in an FBI field office in Springfield, Illinois managed to hack into the FBI's classified secret database which contained information about the federal witness protection program and counterintelligent activities among other things. And if that wasn't bad enough, he also gained access to hundreds of FBI employee user names and passwords, including that of FBI Director Robert Mueller. His sentence: six months home detention and $20,000 in restitution. The State Journal-Register reports:

A former Springfield man accused of hacking into computers at the local FBI field office was sentenced in federal court in Washington Thursday to six months of home detention and ordered to pay $20,000 in restitution to the agency.

Joseph T. Colon, 28, a computer consultant who did some work in the Springfield field office in 2004, was accused of using software he downloaded from the Internet to access the FBI's classified secret database. The database contains, among other things, information about the witness protection program and counterintelligence activities.

Federal prosecutors said Colon gained access to hundreds of user names and encrypted passwords, including that of FBI Director Robert Mueller.

They did not think Colon was trying to compromise national security or use the information for financial gain. Still, they said in court papers, the FBI was forced to take significant steps to make sure there was no harm from Colon’s actions.

He pleaded guilty to four misdemeanor counts of intentionally exceeding his authorized computer access. Federal prosecutors had recommended a year in prison and $42,500 in restitution, while Colon’s attorney asked for a year’s probation.

His sentence includes three years’ probation following his release from house arrest. Colon, who is married with three children, moved from Springfield to Maryland about 10 months ago, according to his attorney. He formerly lived in the 8100 block of Tack Lane on the south side of Lake Springfield.

At the time of the crimes, Colon was an information technology specialist for BAE Systems, a contractor employed by the FBI to help the agency convert to a new classified computer networking system that was part of the now-abandoned Trilogy project.

According to court documents, Colon and the Springfield FBI’s information technology department felt the transition work was being bogged down by bureaucratic delays from the FBI’s Washington field office for “such routine and mundane tasks as setting up workstations, printers, user accounts and to move individual computers from one operating system to another.” Each step of the work required a “ticket,” which could take from one to three days to obtain.

An agent in the Springfield FBI information technology department gave Colon a password to allow him access to the agency’s secret internal computer network where usernames and passwords were kept in special files, according to a court document filed by Colon’s attorney.

Now granted the guy was initially granted access his supervisor should never have given him to the internal computer network, but he clearly abused the limited privilege he was granted. This guy is not even a government employee and look at the sensitive information he was easily able to access and the value of that information in the wrong hands. Incidentally, his employer, BAE, is a British-owned company.

No comments: