A British man could be facing 60 long years in prison. Why you ask? Gary McKinnon managed to “Hack” into US Military, and NASA computers using a program called “RemotelyAnywhere” with a goal of finding evidence of UFOs.
People typically use RemotelyAnywhere for remote support and administration. He used a Perl script which searched for blank passwords, and McKinnon says many of the computers he gained access to had not created unique passwords. Instead, they were still using default passwords so that he had simple, relatively easy access.
He planned when he’d log onto the computers very carefully during off hours so that no one would be curious why their mouse was moving on its own all over the screen. He was in London, and the computers were in the US, so he made the time change calculations and hoped no one would be there. At one point, he says that to his surprise, someone was there and noticed the cursor moving all by itself.
While he says he never caused any harm, the US is saying that their investigation into this totaled $700,000 in damages, and they’re in the process of trying to have him extradited to the US. He recently lost an extradition appeal, but is free on bond and could appeal the decision further.
With all the legal issues aside, what amazes me most is that these government computers were setup with default passwords! You’d think they’d have an IT professional setting up the computers and making sure that the passwords were initially changed!