[unisog] Successful prosecution of system breakers

Peter Van Epp vanepp at sfu.ca
Sun Jun 9 16:51:29 GMT 2002

> On Fri, Jun 07, 2002 at 08:25:54AM -0400, Stan Horwitz wrote:
> > 
> >  I doubt that many
> > universities have the staff and resources to do any kind of forensics on
> > hacked systems.
> We did.  For our own particular reasons, we wanted to press charges
> against a particular individual.
> Simply looking at a net trace, and saying "Its obvious" doesn't
> work in court.
> -- 
> Pete Hickey               |                         |       VEIWIT
> Communication Services    | Pete at mudhead.uottawa.CA |   Makers of transparent
> University of Ottawa      |                         |      mirrors for
> Ottawa,Ont. Canada K1N 6N5|  (613) 562-5800x1008    |       dyslexics.

	What he said :-) I'm aware of 4 other successful prosecutions in Canada
in the last 10 or 12 years. We did one of them back in 92/93 as did UBC across
town in 95 and the U of Manitoba (I think) did one about 99 all thinking we
were first (except UBC) and finally there was mafiaboy in the last couple
of years. From the one we did, unless you are the start of the chain its 
hopeless, our boy never did anything (except the initial breakin to get an 
account to use) here. He looped through a minimum of 5 compromised systems
(most without logging) before cracking. If you caught his crack on the end
machine the traceback would be basically impossible because of the lack of logs
in the middle machines.
	It was also as Pete said a huge amount of work. The upside is we so far
haven't had to repeat. There was a huge drop in trouble just after the 
procsecution became public in 95. That is probably also in part due to the fact
that we (and UBC) stopped being the only Internet source in town about that 
time and it (was and is) much safer to crack from one of the local ISPs or now
days a cable modem or ADSL connection than us.

Peter Van Epp / Operations and Technical Support 
Simon Fraser University, Burnaby, B.C. Canada

More information about the unisog mailing list