The Great Cyberheist - 3

After he agreed in 2003 to become an informant, Gonzalez helped the Justice Department and the Secret Service build, over the course of a year, an ingenious trap for Shadowcrew. Called Operation Firewall, it was run out of a makeshift office in an Army repair garage in Jersey City. Gonzalez was its linchpin. Through him, the government came to, in hacker lingo, own Shadowcrew, as undercover buyers infiltrated the network and traced its users around the world; eventually, officials even managed to transfer the site onto a server controlled by the Secret Service. Meanwhile, Gonzalez patiently worked his way up the Shadowcrew ranks. He persuaded its users to communicate through a virtual private network, or VPN, a secure channel that sends encrypted messages between computers, that he introduced onto the site. This VPN, designed by the Secret Service, came with a special feature: a court-ordered wiretap.

Francesco Bongiorni
2004-2007: “War driving” — searching for vulnerable retail-store networks.

Spring 2008: Being tailed in Miami by the Secret Service.

Gonzalez worked alongside the agents, sometimes all day and into the night, for months on end. Most called him Albert. A couple of them who especially liked him called him Soup, after his old screen-name soupnazi. “Spending this much time with an informant this deeply into a cybercrime conspiracy — it was a totally new experience for all of us,” one Justice Department prosecutor says. “It was kind of a bonding experience. He and the agents developed over time a very close bond. They worked well together.”
On Oct. 26, 2004, Gonzalez was taken to Washington and installed in the Operation Firewall command center at Secret Service headquarters. He corralled the Shadowcrew targets into a chat session. At 9 p.m., agents began knocking down doors. By midnight, 28 people across eight states and six countries had been arrested, most of them mere feet from their computers. Nineteen were eventually indicted. It was by some estimates the most successful cybercrime case the government had ever carried out.
“I did find the investigation exciting,” Gonzalez told me of turning against Shadowcrew. “The intellectual element. Unmasking them, figuring out their identities. Looking back, it was kind of easy, though. When someone trusts you, they let their guard down.”
He did say, however, that he “actually had a bad conscience” about it. “I had a moral dilemma, unlike most informants.” On another occasion, when he was discussing the same subject, Gonzalez wrote to me in a letter, “This distinction is very important . . . my loyalty has always been to the black-hat community.”
Those captured by the government with his help are less interested in this distinction. “Shadowcrew was not a forum of thugs,” a member who occasionally laundered money for Gonzalez told me. This casher served two years in prison thanks to Operation Firewall. “He was a coward who betrayed us all, and I suppose if you believe in karma, he got what he deserved in the end.”
Before being arrested, Gonzalez had actually vouched for this casher to the higher-ups at Shadowcrew. He had gone out of his way to help many members, according to the federal prosecutor in New Jersey, Scott Christie, who worked with him on Operation Firewall. Christie says that based on their exchanges when Gonzalez was being recruited as an informant, Gonzalez seemed to be “less interested in money than in building up Shadowcrew.” He “gave back to the members in the way of education and personal benefit. Unlike other cybercriminals, he wasn’t just out for gain.”
Indeed, no one I spoke with compared him to a gangster or a mercenary — preferred honorifics among hackers — but several likened him to a brilliant executive. “In the U.S., we have two kinds of powerful, successful business leaders. We have people like Bill Gatesand Steve Jobs, who are the most sophisticated of electronic technicians and programmers,” says Steve Heymann, the Massachusetts assistant U.S. attorney who, in the spring of 2010, secured a combined 38 years of prison time for Gonzalez and his co-conspirators for their corporate breaches. “Then we have others, like the C.E.O.’s of AT&T or General Electric, who are extremely good in their area but also know when to go to others for expertise and how to build powerful organizations by using those others. Gonzalez fits into that second category.”
BY THE TIME Gonzalez returned to Miami after Operation Firewall, in late 2004, he was already exploring the vulnerability of corporate wireless networks. Just as data security had been an afterthought for many businesses in their rush to get online in the 1990s, creating opportunities for the likes of Shadowcrew, many firms had taken no precautions as they eagerly adopted WiFi in the early 2000s. Gonzalez was especially intrigued by the possibilities of a technique known as “war driving”: hackers would sit in cars or vans in the parking lots of big-box stores with laptops and high-power radio antennae and burrow through companies’ vulnerable WiFi networks. Adepts could get into a billion-dollar multinational’s servers in minutes

No comments:

Post a Comment

What is next?