Alleged hacker was given job at Los
Alamos
Note QCOM stuff at end.
By Bruce V. Bigelow
UNION-TRIBUNE STAFF WRITER
January 26, 2001
A graduate student who was the subject of a hacker investigation at
Qualcomm -- and whose dormitory room was raided by the FBI -- was hired
less than seven months later by the Los Alamos National Laboratory in New
Mexico.
The computer science student, Jerome T. Heckenkamp, left the University of
Wisconsin after his computer was seized in late 1999.
Meanwhile, the investigation triggered by the 1999 intrusion at Qualcomm led
to Heckenkamp's indictment on hacking charges by a federal grand jury in
San Diego last month.
Heckenkamp is expected to plead not guilty to the 10-count indictment at his
arraignment this morning in San Diego before U.S. Magistrate Larry Burns,
said Barbara Major, the federal prosecutor handling the case.
Heckenkamp, 21, also faces a 16-count indictment in San Jose stemming
from a separate set of computer break-ins at eBay, ETrade Group, Exodus
Communications and other prominent Web companies.
The computer whiz pleaded not guilty to those charges yesterday in an
appearance before U.S. Chief Magistrate Edward Infante in San Jose. Infante
ordered Heckenkamp to post a $50,000 bond and stay off the Internet.
Despite the extent of the case, a senior official at Los Alamos said
administrators there were unaware of the FBI investigation when
Heckenkamp was hired in June.
The FBI raided Heckenkamp's dormitory room at the University of
Wisconsin's main campus early Dec. 9, 1999, during final exams.
Heckenkamp's computer was confiscated.
On June 12, Heckenkamp was hired to work in the computing and network
systems group at Los Alamos.
At the time, the federally funded nuclear weapons lab was at the center of a
public furor over security lapses that came to light following the arrest of
scientist Wen Ho Lee on espionage charges.
U.S. prosecutors dropped almost all charges against Lee last fall, after a
federal judge released him and apologized to the scientist "for the unfair
manner" in which he was jailed.
Heckenkamp's lawyer could not be located for comment yesterday.
In an interview published Jan. 12 by the Albuquerque Journal,
Heckenkamp said he believes someone broke into his personal computer and
used it to stage hacker attacks on eBay, Lycos, ETrade, Qualcomm and
other targets.
Heckenkamp did tell Los Alamos officials of the FBI raid when he applied for
a job, said the Los Alamos official, who agreed to speak only if his name was
withheld.
"He neither notified us that he had been investigated, nor that he was under
investigation," the official said. "It's real clear that this young man, as colorful
as he is, was not completely truthful at the time he was hired."
The official acknowledged, however, that a background check conducted
before Heckenkamp was hired did not reveal anything about a federal
investigation for computer crimes. Employment references that Heckenkamp
provided to the lab apparently did not mention the federal raid, either.
Los Alamos issued two computers for Heckenkamp's use at home.
Following his arrest Jan. 9, a federal magistrate in Santa Fe approved his
transfer to San Diego and ordered that "the defendant shall return all property
belonging to the Los Alamos National Lab," including both computers.
The Los Alamos official said the FBI told administrators about their
investigation several days after Heckenkamp was hired.
"They told us that it was a confidential investigation and not to take any action
that would tip him off to their efforts," the official said. Once notified, he said,
lab officials closely monitored the young employee's activities.
In documents filed in federal court in San Diego, authorities allege that the
electronic intrusions into computer networks at Qualcomm began Oct. 12,
1999.
An outlaw hacker penetrated Qualcomm's "firewall" and other network
defenses and compromised several high-end "server" computers that host
Qualcomm's Web sites by inserting "back door" programs that enabled the
intruder to re-enter the system in more than one way.
An investigator familiar with the break-in at Qualcomm -- who would only
speak anonymously -- said the intruder did not reach the inner sanctum of
Qualcomm's internal network.
The intruder "never got near any chip data, any source code, was never near
any crown jewels," said the investigator, who maintains that each intrusion
was monitored by Qualcomm's network security officials.
"At no point was he ever alone," the investigator said. "From the attacking
perspective, he was quite inventive, I'll give him that."
uniontrib.com |
