A Resource Drain at the Worst Time
Scott Christie, who at the time was an Assistant U.S. Attorney in New Jersey, was the first prosecutor brought into the case. Christie, who now leads the information technology group at law firm McCarter & English LLP, said McKinnon simply is "grasping at straws" with his latest appeal.
"I think it reinforces the fact that arguments against extradition had no merit and that he is continuing to avoid the inevitable," said Christie, who worked with investigators from the Naval Criminal Investigative Service on the case. "It is a very significant intrusion case because it reinforces the fact that a lone individual who is motivated can cause significant damage to the military preparedness of this country. It showed unfortunately that security on computers at military installations was not as robust as it should have been... If that's in fact true, it gives one concern as to what organized groups with sophisticated hacking tools who may be sponsored by organized crime or foreign governments could achieve in this area."
Christie said that since the naval station's system was shut down on the heels of 9/11, it reinforced people's worst fears. And because of the seriousness of the attack and its possible link to a terrorist organization, the government threw a lot of resources at the problem -- resources that could have been used in the terrorist investigation.
"The concern was there," said Howard Schmidt, who began working at the White house as the vice chairman of the President's Critical Infrastructure Protection Board in 2002, in the midst of the McKinnon investigation. "When these things take place, you never know till the very end what their motivation is... You don't know if it's a nation-state or a terrorist group. You have to work it as if this was the most important case you ever worked. There is a finite amount of resources. This pulled big resources that could have been used for other things."
Schmidt, who today is CEO of R&H Security Consulting, noted that he was briefed on the investigation when he began working at the White House and that the case was something they were following.
In New Jersey, McKinnon was charged with one count of unauthorized access and causing damage to a protected computer, according to Assistant U.S. Attorney Erez Liebermann of New Jersey, who now is the lead prosecutor on the case.
The government contends that McKinnon first hacked into the naval station's network on April 7, 2001, but wasn't discovered until late in September when he allegedly deleted computer files that were needed to power up computers on the network. In the five months that McKinnon allegedly was in and out of the system, the government charges that he installed remote access software to make it easier for him to get into the network. He also allegedly stole about 950 passwords and deleted computer logs and files.
Liebermann noted that McKinnon allegedly caused $290,431 in financial damages to Naval Weapons Station Earle.
In Virginia, McKinnon is facing seven counts of unauthorized access. There, the U.S. Attorney's Office claims he caused $900,000 in damages to computers in 14 states.
Liebermann noted that each of the total of eight charges carries a maximum sentence of 10 years in federal prison and a $250,000 fine. Christie, though, said that based on sentencing guidelines, he estimates that the sentences would be dropped down into the three- to five-year range.