0

Gary McKinnon, an unassuming 46 year old Londoner who suffers from Asperger's syndrome and depression, is an unlikely man to be making headlines the world over once again. Indeed, across the last decade McKinnon has almost seemed to be a permanent fixture in news media feeds online and off, a thorn in the side of successive British Governments and a man who divides opinion whenever his name is mentioned. Thinking of him as the man who, according to US lawyers, committed "the biggest military computer hack of all time" helps to put the reasons why into perspective.

dweb-mckinnon Gary McKinnon, far from being some sinister master hacker, or indeed even a wannabe master hacker let alone a serious threat to US national security, is actually rather more correctly describable as a computer nerd with a UFO obsession. Sure, there is no denying, and McKinnon himself has not denied it, that starting back in 2001 and hot on the heels of the 9/11 terrorist atrocity, McKinnon somehow managed to access computers belonging to the US military and NASA. During a 13 month period from February 2001 through until March 2002, McKinnon apparently 'hacked into' 97 of them, including those at the Earle Naval Weapons Station where he is accused of deleting weapons logs and grinding the 300 computer network to a halt (by so doing paralysing munitions supplies for the US Navy Atlantic Fleet) as well as the US Army's Military District of Washington network where all 2000 computers were shut down for 24 hours as a result.

Going under the name of Solo, McKinnon is said to have posted notices on military websites stating "Your security is crap" - to be fair, he had a point. A not very good hacker, sitting alone in a bedroom in London, infiltrated what we are led to believe were vital military computer networks - all while he was looking for evidence of a global government conspiracy about little green men from outer space. The guy got the information he used to 'hack' these high security military networks by asking around on bulletin boards, and being email the passwords on request - passwords that were common knowledge in the hacking community. McKinnon is and was no terrorist, and no real threat to anyone other than the people who were meant to secure these military networks and managed to do nothing of the sort. Could the real reason that the US authorities have worked so hard over the last 10 years to get McKinnon onto US soil to stand trial actually be more to do with embarrassment at their ineptitude in the first place rather than real concern over where the threat to national security lay? McKinnon was a scapegoat, pure and simple. It's quite outrageous that successive US Governments have been unable to do the decent thing and just walk away from the whole mess.

Indicted by a Federal Grand Jury in November 2002 on multiple charges of computer-related crime, an extradition request was finally submitted by the US Government to deport McKinnon to the US to stand trial in 2004. In July 2006 the then UK Home Secretary, John Reid, signed the order so to do. It has only been the small matter of a US-UK treaty signed by then Home Secretary David Blunkett which meant US prosecutors, under the umbrella of anti-terrorism, didn't need to show any actual evidence to have a suspect extradited that enabled this whole farce to drag on as long as it has.

When in opposition, the now Prime Minister, David Cameron, appeared to support McKinnon when he stated that he was "a vulnerable young man" and insisted that there was "no compassion in sending him thousands of miles away from his home and loved ones to face trial". That opinion changed when Cameron took office, and the extradition appeals have gone on ever since. Until this week, when the current Home Secretary, Theresa May, ruled that it would be a breach of McKinnon's human rights to send him to the US to face trial due to his state of health and his state of mind.

Gary McKinnon may yet still face trial in the UK, but that will depend upon wether the Director of Public Prosecutions determines there is a reasonable chance of a successful prosecution. Given the media interest over the last 10 years I am inclined to think that it would be pretty hard to find a jury who have not yet formed an opinion of the man and the case. Throw in the undeniable fact that McKinnon has suffered mentally during this decade of uncertainty, and I think it likely that it will be decided he has suffered enough. I'm of the same opinion...

Edited by happygeek: unstuck

As Editorial Director and Managing Analyst with IT Security Thing I am putting more than two decades of consulting experience into providing opinionated insight regarding the security threat landscape for IT security professionals. As an Editorial Fellow with Dennis Publishing, I bring more than two decades of writing experience across the technology industry into publications such as Alphr, IT Pro and (in good old fashioned print) PC Pro. I also write for SC Magazine UK and Infosecurity, as well as The Times and Sunday Times newspapers. Along the way I have been honoured with a Technology Journalist of the Year award, and three Information Security Journalist of the Year awards. Most humbling, though, was the Enigma Award for 'lifetime contribution to IT security journalism' bestowed on me in 2011.

4
Contributors
7
Replies
9
Views
4 Years
Discussion Span
Last Post by gerbil
0

You talking rubbish Wavey See Click HereThe US and the UK should allow each other to prosecute in their repsective courts, it would avoid the extradition problem. I'm a Scouse Geek.

0

How. Everyone seems to think that their courts are fair and unbiased so if the US Gov had brought an action under the computer misuse act in a UK court who could complain.

1

Good idea, but you then have myriad countries prosecuting UK subjects on UK soil. Who's law do you enforce? English/Scottish or that other country's. I'm assuming that you could only work within the confines of 'English Law' in England and Wales. How stringent would the checks be on 'foreign' evidence? All governments would provide clean evidence, surely ? :) But I agree, still better than extradition.

The poor git has suffered enough IMO. We all know it's face-saving posturing nonsense by the US agencies / govt. Something to prevent others from trying to do the same thing. It was a massive embarrassment for them. Trying to turn the tables on this 'evil man'. If an Al-Qaeda operative got inside, you can imagine who the govt. would be pointing the finger at. Those security companies wouldn't get another contract for a millennium.

Edited by diafol

1

The law of the country in which the court is situted. In the end what would happen is that the US State/Embassy or Gov would appoint someone to server as their DPP here and would hire Solcitors/barrister as needed. Porbabley the same ones the CPS uses.

0

I'm no security expert, very far from it, but I am strongly of the opinion that if you connect an interesting network into the public domain then security is just a dream. Leased lines/pipes are available. If you need to have access over the web, then let it be to some unconnected domain with vetted information available and vetted feedback before any interface.
There's been a whole history of sensitive US networks being hacked. They're just not up to their job. "Instead, the alleged offences are serious and were sustained over a lengthy period. The allegations are in respect of a hacking exercise which took place over fourteen months and involving 96 computers in five US government departments" from the article referenced in a link above. They didn't notice? Or were just incapable of responding technically? Let Gary run free.
I'm not sure that I'd be able to respond sensibly to comparisons with jewellers' shops on Main Street.

Edited by gerbil

Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.