A black-hat is a term in computing for someone who compromises the security of a system without permission from an authorized party, usually with the intent of accessing computers connected to the network. The term white hat is used for a person who is ethically opposed to the abuse of computer systems. The term cracker was coined by Richard Stallman to provide an alternative to using the existing word hacker for this meaning. The somewhat similar activity of defeating copy prevention devices in software which may or may not be legal in a country’s laws is actually software cracking.
(Source)(In No Particular Order)
Jonathan James: James gained notoriety when he became the first juvenile to be sent to prison for hacking. He was sentenced at 16 years old. In an anonymous PBS interview, he professes, “I was just looking around, playing around. What was fun for me was a challenge to see what I could pull off.”
James’ major intrusions targeted high-profile organizations. He installed a backdoor into a Defense Threat Reduction Agency server. The DTRA is an agency of the Department of Defense charged with reducing the threat to the U.S. and its allies from nuclear, biological, chemical, conventional and special weapons. The backdoor he created enabled him to view sensitive e-mails and capture employee usernames and passwords.
James also cracked into NASA computers, stealing software worth approximately $1.7 million. According to the Department of Justice, “The software supported the International Space Station’s physical environment, including control of the temperature and humidity within the living space.” NASA was forced to shut down its computer systems, ultimately racking up a $41,000 cost. James explained that he downloaded the code to supplement his studies on C programming, but contended, “The code itself was crappy . . .certainly not worth $1.7 million like they claimed.”
Given the extent of his intrusions, if James, also known as “c0mrade,” had been an adult he likely would have served at least ten years. Instead, he was banned from recreational computer use and was slated to serve a six-month sentence under house arrest with probation. However, he served six months in prison for violation of parole. Today, James asserts that he’s learned his lesson and might start a computer security company.
Adrian Lamo: Lamo’s claim to fame is his break-ins at major organizations like The New York Times and Microsoft. Dubbed the “homeless hacker,” he used Internet connections at Kinko’s, coffee shops and libraries to do his intrusions. In a profile article, “He Hacks by Day, Squats by Night,” Lamo reflects, “I have a laptop in Pittsburgh, a change of clothes in D.C. It kind of redefines the term multi-jurisdictional.”
Lamo’s intrusions consisted mainly of penetration testing, in which he found flaws in security, exploited them and then informed companies of their shortcomings. His hits include Yahoo!, Bank of America, Citigroup and Cingular. When white hat hackers are hired by companies to do penetration testing, it’s legal. What Lamo did is not.
When he broke into The New York Times’ intranet, things got serious. He added himself to a list of experts and viewed personal information on contributors, including Social Security numbers. Lamo also hacked into The Times’ LexisNexis account to research high-profile subject matter.
For his intrusion at The New York Times, Lamo was ordered to pay approximately $65,000 in restitution. He was also sentenced to six months of home confinement and two years of probation, which expired January 16, 2007. Lamo is currently working as an award-winning journalist and public speaker.
Kevin Mitnick: A self-proclaimed “hacker poster boy,” Mitnick went through a highly publicized pursuit by authorities. His mischief was hyped by the media but his actual offenses may be less notable than his notoriety suggests. The Department of Justice describes him as “the most wanted computer criminal in United States history.” His exploits were detailed in two movies: Freedom Downtime and Takedown.
Mitnick had a bit of hacking experience before committing the offenses that made him famous. He started out exploiting the Los Angeles bus punch card system to get free rides. Then, like Apple co-founder Steve Wozniak, dabbled in phone phreaking. Although there were numerous offenses, Mitnick was ultimately convicted for breaking into the Digital Equipment Corporation’s computer network and stealing software.
Mitnick’s mischief got serious when he went on a two and a half year “coast-to-coast hacking spree.” The CNN article, “Legendary computer hacker released from prison,” explains that “he hacked into computers, stole corporate secrets, scrambled phone networks and broke into the national defense warning system.” He then hacked into computer expert and fellow hacker Tsutomu Shimomura’s home computer, which led to his undoing.
Today, Mitnick has been able to move past his role as a black hat hacker and become a productive member of society. He served five years, about 8 months of it in solitary confinement, and is now a computer security consultant, author and speaker.
Kevin Poulsen: Also known as Dark Dante, Poulsen gained recognition for his hack of LA radio’s KIIS-FM phone lines, which earned him a brand new Porsche, among other items. Law enforcement dubbed him “the Hannibal Lecter of computer crime.”
Authorities began to pursue Poulsen after he hacked into a federal investigation database. During this pursuit, he further drew the ire of the FBI by hacking into federal computers for wiretap information.
His hacking specialty, however, revolved around telephones. Poulsen’s most famous hack, KIIS-FM, was accomplished by taking over all of the station’s phone lines. In a related feat, Poulsen also “reactivated old Yellow Page escort telephone numbers for an acquaintance who then ran a virtual escort agency.” Later, when his photo came up on the show Unsolved Mysteries, 1-800 phone lines for the program crashed. Ultimately, Poulsen was captured in a supermarket and served a sentence of five years.
Since serving time, Poulsen has worked as a journalist. He is now a senior editor for Wired News. His most prominent article details his work on identifying 744 sex offenders with MySpace profiles.
Robert Tappan Morris: Morris, son of former National Security Agency scientist Robert Morris, is known as the creator of the Morris Worm, the first computer worm to be unleashed on the Internet. As a result of this crime, he was the first person prosecuted under the 1986 Computer Fraud and Abuse Act.
Morris wrote the code for the worm while he was a student at Cornell. He asserts that he intended to use it to see how large the Internet was. The worm, however, replicated itself excessively, slowing computers down so that they were no longer usable. It is not possible to know exactly how many computers were affected, but experts estimate an impact of 6,000 machines. He was sentenced to three years’ probation, 400 hours of community service and a fined $10,500.
Morris is currently working as a tenured professor at the MIT Computer Science and Artificial Intelligence Laboratory. He principally researches computer network architectures including distributed hash tables such as Chord and wireless mesh networks such as Roofnet.
According to the coverage, in 1994 Levin accessed the accounts of several large corporate customers of Citibank via their dial-up wire transfer service (Financial Institutions Citibank Cash Manager) and transferred funds to accounts set up by accomplices in Finland, the United States, the Netherlands, Germany and Israel.
In 2005 an alleged member of the former St. Petersburg hacker group, claiming to be one of the original Citibank penetrators, published under the name ArkanoiD a memorandum on popular Provider.net.ru website dedicated to telecom market. According to him, Levin was not actually a scientist (mathematician, biologist or the like) but a kind of ordinary system administrator who managed to get hands on the ready data about how to penetrate in Citibank machines and then exploit them.
ArkanoiD emphasized all the communications were carried over X.25 network and the Internet was not involved. ArkanoiD’s group in 1994 found out Citibank systems were unprotected and it spent several weeks examining the structure of the bank’s USA-based networks remotely. Members of the group played around with systems’ tools (e.g. were installing and running games) and were unnoticed by the bank’s staff. Penetrators did not plan to conduct a robbery for their personal safety and stopped their activities at some time. Someone of them later handed over the crucial access data to Levin (reportedly for the stated $100).
In human terms, it’s a case of a trusted, 11-year employee gone bad. Lloyd built the Novell NetWare computer network at Omega South and then blew it up with a software time bomb after he fell from corporate grace and was ultimately fired for performance and behavioral problems. Today, he faces a sentence of up to five years in prison.
In a business sense, the loss of its key manufacturing programs cost Omega, which builds measurement and instrumentation devices for customers like NASA and the U.S. Navy, more than $10 million, dislodged its footing in the industry and eventually led to 80 layoffs.
The 1996 incident set off an intense investigation that brought together the U.S. Secret Service and one of the world’s top data recovery and forensics experts to piece together the evidence that would ultimately lead to Lloyd’s arrest and conviction
Facing jail time, public wrath and a fortune in potential fines, the 30-year-old sender of the fast-spreading Melissa computer virus did what hundreds of criminals have done before. He agreed to go undercover.
Federal court documents unsealed at the request of the Associated Press show that for almost two years, Smith – then out on bail – worked mostly full time cruising the dark recesses of the Internet while the FBI paid his tab.
What did the FBI get? A windfall of information about malicious code senders, leading directly to two major international arrests and pre-empting other attacks, according to federal prosecutors.
What did Smith get? Just 20 months in federal prison, which was about two years less than the minimum sentencing requirement, and about 38 years less than he faced when initially charged.
Sometimes it takes a thief to catch a thief, said former federal prosecutor Elliot Turrini, who handled Smith’s case and agreed to the reduced sentence.
About 63,000 viruses have rolled through the Internet, causing an estimated $65 billion in damage, but Smith is the only person to go to federal prison in the United States for sending one.
The computer hacker known as “Mafiaboy,” who crippled several major Internet sites including CNN, arrives in court Thursday, Jan. 18, 2001 in Montreal, Canada. He pleaded guilty on Thursday to 55 charges of mischief. The trial of the 16-year-old Montrealer, who can not be identified under Canadian law, was set to begin Thursday on 66 charges relating to attacks last year on several major Web sites, as well as security breaches of other sites at institutions such as Yale and Harvard.
Mark Abene (born 1972), better known by his pseudonym Phiber Optik, is a computer security hacker from New York City. Phiber Optik was once a member of the Hacker Groups Legion of Doom and Masters of Deception. In 1994, he served a one-year prison sentence for conspiracy and unauthorized access to computer and telephone systems.
Phiber Optik was a high-profile hacker in the early 1990s, appearing in The New York Times, Harper’s, Esquire, in debates and on television. Phiber Optik is an important figure in the 1995 non-fiction book Masters of Deception — The Gang that Ruled CyberspaceHacking News