💬 true story... Jonathan James. The story of a hacker who hacked the Pentagon and NASA at the age of 15.

The most difficult thing is not getting into the system, but learning and gaining knowledge so that you can then understand what can be done with it.

• Today I want to share with you an interesting life story of a hacker, Jonathan Jones, who managed to infiltrate NASA servers, hack the Pentagon, steal the software controlling the ISS, and install a backdoor on the servers of one of the American military departments. And all this at the age of 15... Have fun reading:

As a rule, hackers try to lead a secretive lifestyle and maintain anonymity. Many people succeed, but some of them gain popularity against their own will. This happened, for example, with Kevin Mitnick or Robert Morris. But there are other computer geniuses whose fate is much less known than their exploits. One of these guys, who left a noticeable mark in the history of world hacking, was named Jonathan James. This is a man with a vivid but tragic life story that ended with an early and mysterious death.

 No matter how journalists called Jonathan James in their numerous publications: and the youngest, but at the same time the most talented hacker in America, who managed to penetrate the servers of NASA, hack the Pentagon, steal the software controlling the ISS, and install a backdoor on the servers of one of the American military departments. And all this at the age of fifteen. As a further development of his unique career, Jonathan James became the first minor in the United States to go to jail on charges of hacking. At the same time, very little is known about him to the general public: in the English—language Wikipedia, a modest page and a half screen is dedicated to James, and even less in the Russian-language one. But the story of this guy, without any doubt, deserves a much more detailed story.

 Childhood.
 Jonathan Joseph James was born on December 12, 1983 in a small, as we would say, "urban-type settlement" Pinecrest, located in Miami-Dade County, Florida. The town has a population of only a little over 18 thousand inhabitants, but despite this, its own newspaper, the Pinecrest Tribune, is published here twice a month. Also in the town of Pinecrest there is a well-known landscape "park of culture and arts of South Florida". More than this village, occupying a modest area of seven and a half square miles, perhaps, was not marked by anything in the eventful history of the United States. Well, except that it has become the birthplace of one of the most talented hackers in North America.

Jonathan grew up in the most ordinary family by American standards: his father, Robert James, was a programmer, his mother was a housewife. At the age of six, he began to show interest in computers and regularly sat at the keyboard of his father's home machine, playing games. In interviews published after his son's death, Robert James recalled that he repeatedly installed various parental controls on the PC, because Jonathan was stuck behind the screen all night long, which negatively affected his studies at school. But he invariably found clever ways to circumvent the restrictions imposed by his parents. Apparently, this was the very first hacking experience of young Jonathan James. With age, the boy's interests gradually changed: after playing enough games, he began to gradually learn the C language. One day Jonathan surprised his own father at all: after returning from work, he found that the offspring had demolished Windows along with all the software from his personal computer, and then installed Linux there to test an unfamiliar operating system and understand how it works. 

 When Jonathan turned 13, his passion for high technology seemed to his parents too painful and dangerous for their health. At the family council, it was decided to take away the teenager's computer, at which he spent most of his free time during the day and almost all nights. In response, Jonathan ran away from home, and categorically refused to return until he was given access to the personal account. As an argument, the young man insisted that programming and video games do not affect his studies at school, where he invariably receives high marks. Which, however, is not surprising: a little later it turned out that Jonathan had successfully hacked into the computer network of educational institutions in Miami-Dade County and periodically corrected his own scores in the report cards. Around the same time, Jonathan James came up with the nickname C0mrade for himself, under which he communicated with other hackers on forums and in personal correspondence.

Through the thorns to the stars.
 Dabbling with electronic progress logs quickly bored Jonathan, and he decided to choose a bigger goal for himself. The first serious victim of the fifteen—year-old hacker C0mrade was a division of AT&T called BellSouth, which is one of the largest telecommunications companies in the United States with headquarters in Atlanta, Georgia. Little is known about the details of this hack, and moreover, BellSouth itself learned that the company's servers were attacked by C0mrade only when the hacker himself confessed to this episode after his arrest. "They regularly try to hack us," BellSouth spokesman Spero Canton told the Tampa Bay Times, "and around the time Jonathan is talking about, there really was an incident." Apparently, this hack did not cause any damage to BellSouth, since the main purpose of C0mrade was not profit, but entertainment and testing their own knowledge. He later told reporters: "I know UNIX and C like the back of my hand, because I've read a lot of books and constantly hung out at the computer. The most difficult thing is not to get into the system, but to learn and gain knowledge so that you can then understand what can be done with it." 

 Inspired by the success, Jonathan decided not to stop there. Sitting at night in his room at the Pentium-266 keyboard, he was looking for vulnerable servers to which he could connect bypassing the security system installed by the administrators. On June 29, 1999, one such server was discovered in Huntsville, Alabama. By installing malware on it, the young hacker managed to increase his own privileges in the system and gain access to 13 other computers in the hacked network. As it turned out, the server and the network where C0mrade penetrated belong to a NASA division called the Marshall Space Flight Center. This government research organization is engaged in the development and testing of advanced rocket engines, as well as the creation of communication systems and software for the International Space Station.

Among other interesting information that Jonathan James got access to were the sources of a program that serves to control critical elements of the life support of the International Space Station. According to NASA experts, this software was designed to maintain the physical environment in the ISS living quarters, including temperature and humidity control. Experts estimated the cost of this software at $ 1.7 million, although James himself later claimed that "these sources turned out to be complete junk, and do not pull for such an amount." By the way, after this remark, the part of the source code for the ISS that he had access to was completely rewritten. 

 After the intrusion was detected, the Marshall Center staff disconnected the compromised server and computers from the network for 21 days to analyze the causes and chronology of the hacking. This caused $41,000 in direct damage to NASA. At about the same time, the NASA security service passed information about the attack to the FBI, and federal agents began a painstaking search for a mysterious powerful hacker who had encroached on the US national space program. Who, along with other schoolchildren, attended classes at Miami-Dade Community College during the day, and at night wandered the network in search of vulnerable servers that he could penetrate out of pure curiosity.

Crime and punishment.
 On a September evening in 1999, Jonathan James, while scanning the network, discovered that an unknown well-wisher had installed a backdoor on one of the servers in Dulles, Virginia. The Trojan allowed virtually anyone to connect to the server from the Internet, which C0mrade immediately did. At that time, the young hacker did not yet know that the compromised server belongs to the Defense Threat Reduction Agency (DTRA), one of the departments of the US Department of Defense that analyzes external threats to the national security of the country. Without thinking twice, James installed a sniffer on the server and began analyzing the traffic passing through it in search of logins, passwords and other interesting information.

 The catch turned out to be rich. In the period from September to October 1999, he managed to intercept the credentials of DTRA users, which gave him access to 10 computers of the Ministry of Defense, and allowed him to download more than 3,300 letters from the mailboxes of Pentagon employees. Jonathan studied their contents with interest and examined the files found on hacked computers, while not paying due attention to anonymity issues. Naturally, the successful penetration into the internal network of one of the Pentagon's subsidiaries (as claimed by the US Department of Defense — the first in history) could not go unnoticed. The investigation did not last long and ended on January 26, 2000 — on that day, agents of the Ministry of Defense and police officers from the Pinecrest Law Enforcement Department were ordered to arrest the hacker.

 "I admit, that day I became a very popular dude in college when these guys in bulletproof vests and with machine guns broke into my house," Jonathan James told reporters later with a smile. A search took place in his home, as a result of which agents seized six devices: four desktop PCs, a laptop and one pocket computer. After his arrest, Jonathan began actively cooperating with the investigation and telling the police about how he managed to commit all these break-ins. "Of course, they were worried that someone underage could easily get into the network of a government organization," the hacker said later. "Their main problem is that they do not pay due attention to security. But at least they seem to understand that."

It played into James' hands, first of all, that he did not take any destructive actions in hacked systems — he did not change passwords, did not delete files and did not launch viruses. In addition, he was a minor: at the time of the crimes he was only 15 years old, and on the day of the verdict he had just turned 16. If Jonathan James had been an adult, he would have faced at least 10 years in prison and a large monetary fine. But due to his young age, and also because he made a deal with the investigation, voluntarily admitting guilt in two incriminated episodes (hacking NASA and the US Department of Defense), the court found him guilty of "crimes committed by minors", since other criminal articles under state laws could not be applied to him at that age. The punishment also turned out to be very humane: James received six months of house arrest and a ban on using a computer for entertainment purposes (however, he could still sit at the keyboard if it was necessary for study). In addition, the hacker had to apologize in writing to NASA and the US Department of Defense for what he had done.

 However, the leniency of the sentence, apparently, did not benefit James. Soon he was detained by the police on the street for violating the conditions of house arrest, and in addition, traces of drugs were found in his tests. As a result, the court changed the suspended sentence to a real one, and Jonathan went to jail for another six months, which he had to spend in a juvenile correctional center. This was the first time in the United States when a teenager went to prison on charges of committing a computer crime, and therefore the story attracted increased press attention. In an interview with the Miami Herald, Jonathan James claimed that he was determined to give up hacking. "It's not worth it," he told the correspondent, "I did it just for fun, for me it was a game, and they put me in jail. I don't want it to happen again. I can find other things for fun."

 Having fully served the term measured by the judge, Jonathan was released and disappeared from the field of view of the special services and the press for a while, deciding to lead a normal secluded life at his parents' house in Pinecrest. Unfortunately, this solitude, like the life of Jonathan James itself, did not last long.

The death of a hero.
 On January 17, 2007, a group of hackers, led by a well-known figure of the cyber underground Alberto Gonzalis, launched a series of massive attacks on major US trade and financial organizations. Among the victims were the popular American supermarket chain TJX, the "wholesalers club" BJ, Boston Market, Barnes & Noble, Sports Authority, OfficeMax and several other commercial enterprises. As a result of the attack, hackers stole credit card data and personal information of millions of customers of these firms, and the firms themselves (as well as their reputations) significant damage was caused.

 During the investigation of the incident, the US Secret Service (United States Secret Service) came to Gonzalis' associates involved in this crime. Several of them knew and communicated on hacker forums with Jonathan James, which is why he also came under suspicion. The weight of these suspicions was also given by the fact that an unknown hacker hiding under the pseudonym "JJ" collaborated with Alberto Gonzalis. This attacker stole the data and PIN codes of credit cards by hacking the wireless network of OfficeMax stationery stores, and later transferred the stolen items to Gonzales, creating an anonymous mailbox for him. The nickname "JJ" matched the initials of Jonathan James. This circumstance, as well as a network acquaintance with members of the Alberto Gonzalis team, was enough for Secret Service agents to break into the homes of Jonathan James himself, his brother and his girlfriend. Later, however, investigators came to the conclusion that the mysterious anonymous "JJ" was most likely Gonzalez's close friend Steve Watt, who often signed on the network with the pseudonym "Jim Jones". During the searches, the agents did not find anything that would link James to this crime. They found only a rifle in his house, which was not seized because it was officially registered.

Later, Jonathan James' father Robert recalled that after returning from prison, he suffered from depression and was often in an anxious and depressed state. The search and the constant surveillance that Jonathan felt for himself did not add to his peace of mind. Shortly after Secret Service agents broke into the hacker's house, Robert called him asking if the investigators would find something that would allow them to press charges. Jonathan replied in the negative. This was the last conversation between father and son.

 On Sunday, May 18, 2008, 25-year-old Jonathan James was found dead in the bathroom of his home with a gunshot wound to the head from the same officially registered rifle that agents did not seize during the search. A suicide letter addressed to his father, brother and girlfriend was found nearby. Among other things, it contained Jonathan's passwords to his PayPal and MySpace account. In this note , Jonathan wrote: "I don't believe in our system of "justice" — perhaps my actions today and this letter will send a serious signal to the public, but I have lost control of the situation, and this is my only way to fix it. To be honest, I have nothing to do with the whole TJX thing. Despite the fact that Chris (Scott) and Albert Gonzalez are the most dangerous and destructive hackers the feds have ever caught, I am much more tempting [as a victim] to public opinion than these two random idiots. That's life. Remember: it's not that you win or lose, but that I personally win or lose by sitting in prison for 20, 10 or even 5 years for a crime that I didn't commit. This is my way to win, but at least I will die free."

 Rumors are still circulating in the near-hacker environment that the circumstances of Jonathan James' death were staged, and the true cause of his death was allegedly top-secret information that he managed to get on the servers of NASA and the Pentagon. This, they say, is due to the close interest in his person from the US Secret Service. But the official investigation ruled that James committed suicide, and all other versions are just idle speculation. 

 Anyway, the short life of Jonathan James is forever inscribed in the history of world hacking, no matter how pathetic it may sound. In a short obituary, which was printed on its pages by the Miami Herald newspaper, it says: "Jonathan, who graduated from Beth Am School in 1995, will be remembered by friends and family as an exceptionally smart young man who never did anything by the rules. A computer genius by all definitions of the term, he constantly amazed friends, family and the government with his achievements. He will be greatly missed by his brother, father, aunt, uncle, cousins, grandparents, as well as many, many friends." 

 The compilers of the obituary forgot to mention the fact that Jonathan "C0mrade" James was not just a hacker and a computer genius, but a hacker and a computer genius who, in general, did nothing wrong in his life. It's all the sadder that his life ended so early.