According to investigators and court documents, the cases that arose out of the February 2006 incident, in which computers at the university crashed after being used to store hacker programs, represent both ends of the spectrum of cyber-crime: from the disgruntled student to the sophisticated organized crime syndicate.

Ryan Goldstein, the Pennsylvania student known by the login ID Digerati who was indicted last month for causing the crash and for conspiring to launch Internet attacks against several Web discussion forums from which he had been barred, was essentially a cyber-vandal out for revenge rather than a criminal seeking to profit from his work, say investigators.

Goldstein has pleaded not guilty and faces trial in March next year. If convicted, he faces a maximum of five years in jail and a $250,000 fine.

"The computer intrusions (Goldstein is charged with) were basically destructive nuisance attacks," Jerria Williams, spokeswoman for the FBI in Philadelphia, told United Press International.

But at the other end of the investigation lies the burgeoning world of online organized cyber crime, in which multinational gangs, often made up of people who know each other only by their screen names or login IDs, collaborate to steal passwords and bank account information from unsuspecting computer users; scam marketing schemes; and target researchers trying to develop anti-virus software.

Owen Walker, the 18-year-old with the screen name AKill who was arrested and had his computer seized last week by police in Waikato, New Zealand, was described by investigators there in a statement as the alleged head of an elite international cyber-crime ring known as the A-Team.

Walker has not been charged with any crime yet, but police say their inquiries are continuing.

Staff at the University of Pennsylvania first alerted the Philadelphia office of the FBI after hacker software was found on a server at the School of Engineering and Applied Sciences. The server crashed Feb. 26 after receiving 70,000 requests from other computers to download the program, which turned out to be a new target package for a hacker-controlled botnet.

Botnets, short for robot networks, are collections of computers that -- often unknown to their owners, who tend to be less computer-savvy or careful individuals -- have been compromised by hacker programs known as malware, short for malicious software.

The programs turn the infected computers into virtual slaves for hackers, known as bot-herders, who can use them to send spam e-mail, mount Internet attacks or commit other kinds of cyber crime. The computers are often also infected with programs known as key-stroke loggers that can steal passwords and other account information from users and send it back to the bot-herder.

Botnets can be used to mount the crudest form of cyberattack, called Distributed Denial of Service attacks, in which the thousands of slave computers overwhelm the server hosting a Web site or other target by flooding it with fake Internet traffic.

But in order to launch such an attack, the slave computers must each download targeting instructions and other malware. Since botnets can contain tens or even hundreds of thousands of computers, the downloads generate very heavy traffic, requiring a large-capacity server to handle it.

According to Patricia Hartman, a spokesman for the U.S. Attorney for the Eastern District of Pennsylvania, Goldstein prevailed upon Walker to use his botnet to launch DDoS attacks on several Internet discussion forums from which he had been banned.

The New Zealand hacker told him "basically, 'I can do it, but I need a place to load this software,'" said Hartman.

Martin Kleintjes, head of the New Zealand police's Electronic Crime Center, described Walker as "one of the world leaders" in developing malware.

"He's very bright, very skilled at what he's doing," he told a radio interviewer last week.

And indeed, when his software turned up on the university server, it raised some eyebrows. "This program was viewed by the FBI as being very sophisticated," said Detective Inspector Peter Devoy of the Waikato police.

Kleintjes said investigators from the FBI, New Zealand police and the Dutch Independent Post and Telecommunications Authority had been able to use Goldstein's messages to Walker to track him down.

"There's this misconception out there that people can remain anonymous (on the Web), but that's not the case," he said. "The surveillance technology allows us to look at Internet traffic in between countries and work our way back" to the perpetrators.

He said that Walker had been "head of an international spy(ware) and bot ring" that had "infiltrated a large number of computers around the world with their malicious software" allowing "other cyber criminals �� who hire his services" to carry out "other types of cyber crime."

The U.S. indictment suggests that the botnet Walker used to help Goldstein was made up of at least 70,000 computers -- the number that tried over a four-day period to download the target package stored on the University of Pennsylvania server.

But New Zealand police say a separate investigation had linked Walker with a malware scheme based in the Netherlands, alleged to have infected 1.3 million computers world wide.

"The Netherlands is the world's third-largest distributor of malware and was chosen because of its superior data transmission infrastructure," said a statement.

Community
Email This Article
Comment On This Article

Related Links
Cyberwar - Internet Security News - Systems and Policy Issues