Season 3 / Episode 49
Gary McKinnon, a British hacker with Asperger's, broke into NASA & U.S Army networks - to find evidence of UFO cover up. When he was finally caught and the US asked the US for his extradition - things got complicated.
- Episode 22
- Episode 23
- Episode 24
- Episode 25
- Episode 26
- Episode 27
- Episode 28
- Episode 29
- Episode 30
- Episode 31
- Episode 32
- Episode 33
- Episode 34
- Episode 35
- Episode 36
- Episode 37
- Episode 38
- Episode 39
- Episode 40
- Episode 41
- Episode 42
- Episode 43
- Episode 44
- Episode 45
- Episode 46
- Episode 47
- Episode 48
- Episode 49
- Episode 50
Born in Israel in 1975, Ran studied Electrical Engineering at the Technion Institute of Technology, and worked as an electronics engineer and programmer for several High Tech companies in Israel.
In 2007, created the popular Israeli podcast, Making History, with over 12 million downloads as of Oct. 2018.
Author of 3 books (all in Hebrew): Perpetuum Mobile: About the history of Perpetual Motion Machines; The Little University of Science: A book about all of Science (well, the important bits, anyway) in bite-sized chunks; Battle of Minds: About the history of computer malware.
Security Analyst at Cybereason
The U.S vs. Gary McKinnon
In 1989 the WANK worm devastated NASA’s Johnson Space Center in the days surrounding a shuttle launch. I remarked, in our episodes covering that story, how remarkable it was: that two teenagers could have, conceivably, disrupted the world’s most technically sophisticated apparatus from their bedrooms in Australia. But should I have been all that surprised? NASA hacking stories are not so rare as we might like to think.
On February 29th, 2012, Paul Martin, NASA Inspector General, testified before the U.S. House of Representatives’ Subcommittee on Investigations and Oversight. The subject of the hearing was a statement he authored, about the state of NASA cyber security. If you want to check out a video of Martin’s opening statement, you can find it on YouTube. As of the date of this recording it’s got just over 35 views, most of which can probably be attributed to our podcast team.
But I’m not just poking fun here (although maybe I am, a little). The fact is that while Paul Martin’s testimony made some news in the cyber security community back in 2012, the level of attention it received was hardly fitting with the content of its message. Because what he said was, really, quite remarkable. Two years, 5,408 malicious attacks. That averages to seven and a half hacks per day! You would think, under such conditions, Paul Martin would be speaking less like this…AND MORE LIKE THIS!
So NASA has weathered tens of thousands of malicious attacks since the WANK worm of 1989. Strangely enough, though, if you were to type “NASA hacker” into Google, it would return just one man’s name. Among thousands upon thousands of hackers, one has stood out from the rest. He went by the name “Solo”, and his story is the subject of today’s episode of Malicious Life.
Five years earlier, from August 2001 to October 2002, Solo was obsessively poking around in U.S. government computer systems: moving between access points and databases, combing over whatever documents, images and other data he could find. One prosecutor would later claim that his actions constituted “the biggest military computer hack of all time”.
Using a simple dial-up modem, Solo began by scanning for open ports, such as 139–the port used to access Windows computers. Any NASA admins that’d left port 139 unprotected potentially allowed Solo the opportunity to log in just the same as they could. As he explains it, in an interview with the BBC, quote: “The first scan would only identify Windows machines. After that you run a secondary scan saying, ‘OK, this is a Windows machine, but can I actually talk to it across the port?’ A few would go, and a few would still be left open. Then after that, there’s a third stage where you say, ‘OK, I can talk to them, is there a blank password?’ Then you do your harvesting, and you end up with a big list of administrator-level, powerful accounts.” Here, once again, NASA administrators failed to change their default passwords. Just as it was for the WANK worm authors, Solo used this oversight to gain control over some of the network’s most high-level accounts.
Finally, onto the unsecured computers he found, Solo uploaded RemotelyAnywhere, a remote access tool. Once inside, Solo could jump from computer to computer, center to center, with little resistance and few firewalls. He described traversing through NASA’s networks as being like, quote, “walking into another room.” It’s hardly surprising, then, that other malicious actors were also navigating NASA’s networks at the same time he was. Each time he accessed the network, he could see, through the software he was using, other users with IP addresses located around the world, from China to the Netherlands. Definitely not NASA personnel.
For awhile, he’d diligently covered his tracks. Choosing to use RemotelyAnywhere as a means of access was a sneaky move, because it’s a software tool not only used by hackers, but by business people doing work across distances. Ordinary employees can use RemotelyAnywhere to, say, access their work computers from home. Because of its legitimate uses, Solo was able to install the program onto NASA computers without any red flags being raised by any antivirus programs.
By controlling a computer from a remote access point, Solo knew that everything he was doing would show up on a screen somewhere in the United States. If he dragged his mouse, that mouse would move on the target’s screen–if he clicked on a folder, it’d open on his screen and the host machine’s screen. This meant, obviously, that he couldn’t work during normal 9-to-5 hours in the U.S. He couldn’t do anything during any time of day when a host machine’s screen might be spotted. Even a janitor who walked by, sweeping the floors, posed a threat. Imagine being that janitor, working late at night in a dark open office, seeing a computer going about its business, with nobody in the chair controlling it! Presumably, somebody would hear about it imminently.
Knowing this, Solo timed his access to when he was least likely to be spotted. After awhile, though, with no indication that he’d ever get caught, he grew in confidence, and started making more noise by posting hostile messages to his victim computers. “Your security system is crap,” he wrote on a U.S. Army computer towards the end of 2001, “I am Solo. I will continue to disrupt at the highest levels.”
While U.S. government investigators poured over data, in an attempt to find who they believed to be one of the most dangerous cyber terrorists in their nation’s history, a 36 year-old former hairdresser was living in his girlfriend’s aunt’s house in North London.
Gary McKinnon, codename “Solo”, was six years old when he and his mother moved from Scotland to England, and he was 14 when he got his first Atari 400 computer. His interest in it quickly grew into a fixation. “From about 14 to 17 I was completely blinkered” he later recalled, “learning programming, writing my own games. I was into graphics and artificial intelligence.” Gary learnt how to write in Basic, then the base-level language of computer code. In 1983 he saw the movie “War Games”, where a young Matthew Broderick hacks into the Pentagon. In 1985, he read ‘The Hacker’s Handbook’. And so, his path was borne.
Gary left school at 17, and became a hairdresser. He failed to complete his university degree due to struggles with advanced mathematics, but soon managed to find work in IT services. From 1994 to 2000, he found sporadic work in tech support for an ISP provider, a solicitations company, a telecommunications provider, and J.P. Morgan. By all accounts he was living a rather ordinary life in North London.
But to the U.S. government, he wasn’t just a hacker. He was an unknown entity, attacking U.S. military and defense systems, directly after the terrorist attack of 9/11. For all they knew, he could’ve been Al-Qaeda.
Gary McKinnon was ultimately arrested by the U.K.’s National High Tech Crime Unit in the morning of March 19th, 2002. They’d found him, in part, based on evidence of his IP and his girlfriend’s email address in the server logs of Binary Research, the distributor of RemotelyAnywhere. It turns out that he’d used his girlfriend’s email to sign up for a trial version of the program, before obtaining a crack. Classic mistake. When the police barged in at 8:30 in the morning, Gary was fast asleep, as usual, after a long night of hacking. They confiscated seven computers, including those owned by him and his girlfriend. At the police station, he admitted to hacking into U.S. government machines, and denied being a member of Al-Qaeda.
Gary wasn’t immediately charged with anything, but he could’ve faced anywhere between six months and four years in a U.K. prison. The prospect must not have been appealing and, now free on bail, he was to be temporarily barred from using any computer connected to the internet, and required to sign in with his local police station every evening. Things were only to get much worse from here. Later the same year, U.S. prosecutors charged Gary McKinnon with crimes that could’ve seen him in an American jail for as many as 70 years. A life sentence.
In 2005 the U.S. submitted a request, that Gary be sent from the U.K. to face U.S. prosecution. The motion was made on the grounds of a treaty signed by the two nations in 2003, to allow for more effective prosecution of suspected terrorists.
But was Gary a terrorist, or did he have some other reason for doing what he did?
Searching For UFOs
Majestic 12 is a popular conspiracy theory: a supposed organization formed by President Harry Truman in 1947 comprising scientists, and leaders in the government and military, who secretively conduct research on uncovered UFOs. Gary McKinnon was a member of the British UFO Research Association. He has told reporters of his belief that Majestic 12 has studied alien spacecraft, and reverse-engineered anti-gravity propulsion systems that are being hidden from public knowledge.
Plenty of people believe in aliens, UFOs and shadow government operations. Frankly, as far as conspiracy theories go, Majestic 12 is relatively harmless. You might call it crazy. I would too. But what’s crazier than thinking aliens have visited the Earth is actually going out and breaking into U.S. government databases, all on your own, to uncover the evidence. Gary did it, with some success: for over 13 months, from February 2001 to March 2002. For him, hacking was simply a means to a greater end. As he came across new computers and new databases, he combed over the files he found for any trace of evidence to UFO cover-ups.
He was so successful, in fact, that it became near-impossible for him to quit. He went unshaven for long stretches of time, ignoring friends and family, rarely leaving the house. “I’d stopped washing at one point,” he told a reporter for the BBC. “I wasn’t looking after myself. I wasn’t eating properly. I was sitting around the house in my dressing gown, doing this all night.” Depression set in. He stopped showing up to work. His relationship with his girlfriend began to deteriorate, and so she dumped him, even as he continued to live with her at her aunt’s home in North London. “I think I almost wanted to be caught,” he’d later recall, “because it was ruining me. I had this classic thing of wanting to be caught so there would be an end to it.”
This, it would seem, was America’s cyber terrorist. In most respects, Gary McKinnon was a much less interesting man than he’s been made out to be. Far from an Al-Qaeda operative, he was just a person who took his interests way too far. His was a script kiddie-level hack. Actually, most of what he did was achieved through publicly available tools, tied together by program he wrote, which allowed him to quickly, effectively, leverage that information.
He exploited known Windows vulnerabilities on computers without adequate password and firewall protections. The ease with which he did what he did would actually hurt him later on, following his arrest. You’ve heard the stories before: of hackers converted to the side of law enforcement following their arrests. Gary had no power to leverage in his plea deal, because his technical skill was so ordinary.
According to his own telling, Gary had found a folder on a Johnson Space Center computer titled “unfiltered”. Contained within was a thumbnail of a strange satellite image, depicting what looked to be some kind of spacecraft. It was cigar-shaped, with a clear dome on top. Alien or government-made, this had to be a UFO. As the high-resolution image slowly downloaded to his computer, though, a U.S. government employee took control of Gary’s mouse and, before he could do anything about it, clicked to sever his connection. He left without his photo, but unswayed.
Claiming that he found his first hard piece of evidence at the very moment he was first kicked off a U.S. government computer, after a whole year with no issue, is not believable to us. Even in a universe where they did exist, it’s hard to imagine that classified images depicting UFOs would sit on government computers connected to the open internet. The state has internal, offline networks for that level of sensitive information. It’s more likely that Gary either happened upon a honeypot–which would explain the highly coincidental timing of being shut out of the network at the exact moment he’d been building up to for a whole year–or that he simply misinterpreted a tiny thumbnail, or grainy image slowly coming through his 56k-bit dial-up connection. It is quite possible, no matter the legitimacy of his claim, that he himself believes it to be true.
So…a suspected terrorist? It seemed a bit harsh. Perhaps Gary was being made an example of. Perhaps he was a victim of his timing, having breached sensitive U.S. government and military systems in and around the time of the 9/11 terrorist attacks. Many saw his treatment as unjustified. Those who knew the history of NASA cybersecurity knew that Gary McKinnon was not only not a dangerous criminal, he was not even particularly unique.
More than anything else, his mental condition was cited as reason for leniency. It began when a woman saw Gary on T.V. and suggested he seek a mental health diagnosis. He agreed to be evaluated by Simon Baron-Cohen, director of the Autism Research Centre at the University of Cambridge. After a three-hour-long examination, Gary was diagnosed with Asperger’s syndrome. Baron-Cohen told reporters, quote, “He has got the classic patterns of Asperger’s. [McKinnon has] a very narrow attention span and got totally obsessed searching for information about UFOs….The other feature that was pretty classic was this social naïveté, not thinking about how he might be perceived by others.” The news came as a surprise to his mother, who hadn’t before understood what Asperger’s actually is, but you’d hardly feel the same if you’d known the man yourself.
Gary was at once a highly intelligent child–interested in cosmology from a very young age, constantly reading, self-taught in Beethoven and Beatles piano songs as a pre-teen–and troubled, in ways that made it difficult to associate with others. He’d shout uncontrollably if his mother brought him on a bus. By age 10 he developed a fear of the outdoors, and refused to play with other children. As all the other kids socialized, and came to know the rules governing society, Gary locked himself indoors, developing obsessions with all things aliens and computers.
You can see, then, how Gary became the person he did. His fear of public transport translated into fainting spells, any time he’d ride the London Tube as an adult. This, in turn, affected his job prospects. He had friends, but always felt most comfortable on his own. Long stretches of time spent in front of a screen, away from civilization, was his norm.
The Extradition Debate
Debate swelled over whether Asperger’s should factor into sentencing. It’s a difficult question. On one hand, because of the press attention it received, Gary’s case had the potential to set a precedent for future cybercrime cases to come. U.S. officials were wont to make an example of him. Make an exception on those grounds, and suddenly lawyers until the end of time have a new insanity defense.
On top of those more logical considerations, the Americans had reason to be angry. Gary McKinnon had managed to breach not just NASA, but nearly 100 computers from the U.S. Army, Air Force, and Department of Defense. He stole around 950 passwords, trashed around 1,300 user accounts. He deleted files at a naval weapons station, and a U.S. air station database, which had the effect of temporarily crippling the latter network. He’d downed the entire digital apparatus of the U.S. army at Washington D.C., 2,000 computers in all, for a full three days.
All this being said, you have to feel empathy for the guy. Even as a teenager, computers couldn’t just be a fun hobby for Gary: they were a pull, an insatiable obsession. He may have been a nuisance to the U.S. government, but he wasn’t after money, power, or laughs. By all accounts, he wasn’t enjoying the process at all. He was stuck.
A groundswell of support formed around Gary during his time awaiting trial. “Free Gary” t-shirts were printed. His mother wrote a book, and ran for local office. David Gilmour, guitarist for Pink Floyd, collaborated with the lead singers of The Boomtown Rats and The Pretenders for a cover of Graham Nash’s “Chicago” in support of, and featuring, Gary McKinnon. The harsh U.S. justice system became an easy enemy, and Brits at large rallied together in a “you can’t tell us what to do!” kind of way.
The tension grew greater and greater, until it reached the highest rungs of pop culture and politics. At a White House press conference in 2010, a U.K. reporter asks a question that seems to make the whole room grow awkward. It’s a thorny issue. Both President Obama and David Cameron deflect.
It would be a long 2000s for Gary McKinnon as he fought to stay in Britain, and as his likelihood of achieving it so swayed back and forth. At his first hearing, in April 2006, a note from the U.S. Embassy in London was submitted to evidence, stating that Gary wouldn’t be tried under the same conditions as dangerous terrorists. But the note was unsigned. Was it binding?
A Formal Block
Finally, in October 2012, after a decade-long battle, his case came to a close. The American extradition request to the U.K.–that Gary McKinnon stand trial for crimes punishable by decades in prison–was formally blocked. He was informed that he would face no criminal charges in the U.K., and could freely return to his normal life.
Gary evaded being sent to an American jail, but reading about his story and listening to his media interview, I have a feeling never the less suffered quite a lot for what he did. Keep in mind, during all this: as depressed as you or I might be, in the face of many decades in jail, the feeling must have been much worse for Gary, a man who believed the U.S. government was the kind of organization to engage in elaborate and corrupt cover-ups. It’s hard to imagine how terrified he felt, during all those years. In a 2009 press conference–a full seven years after his arrest–he talked of being “extremely stressed”. Quote: “I am very controlled, which is probably not a good thing, but inside the fires of hell are burning. It’s not a good place to be.”
Gary was with his mother when the news of his formal release came. “We hugged and he cried,” she said. “He felt as if he were dead. He had no job. He had no children. He felt he was useless. [. . .] He lost ten years of his life.”