By Jennifer H. Svan
Stars and Stripes
July 17, 2005
MISAWA AIR BASE, Japan - An airman first class with the 35th
Communications Squadron was sentenced to 10 days of confinement and
reduced in rank to E-2 for trying to hack into personal computer files
James A. Stout, formerly a technician in the base's Network Control
Center, also will forfeit two-thirds of his pay and allowances for one
Stout pleaded guilty in a summary court-martial Thursday to violating
Air Force instruction governing transmission of information by the
Internet, and to breaking a federal law by intentionally accessing a
computer without authorization.
While working on a government computer during an overnight shift on
Dec. 3, 2004, Stout downloaded two hackers' programs from the Internet
in an attempt to decrypt the base's user name and password file,
giving him access to all base user accounts, including e-mail,
according to prosecutor Capt. Jason Spence of the 35th Fighter Wing's
Office of the Staff Judge Advocate.
He copied it to a second computer and ultimately uploaded the user
name and password file and a decryption program onto a personal Web
server via the Internet, the prosecutor said.
He was caught after Pacific Air Forces' Network Operations Security
Center, which monitors Internet traffic, notified the base of a
possible intrusion into its computer system, Spence said. Three
communications squadron airmen traced Stout back to the government
computer during the time of the incident by reviewing security
log-ins, Spence said.
Stout never succeeded in breaking the code, having deleted the file
and decryption programs from his government computers and Web server
in the same work shift after he became aware that PACAF had notified
the Network Control Center of the problem.
Stout claimed he was bored and wanted to access his supervisor's
account to grant himself higher computer rights that he could use on
the job to fix network problems, Spence said. He also said he wanted
to see other parts of the network, including personal computer files,
such as e-mail.
When Stout transferred the Misawa files from his government computer
to a personal Web server over the Internet, "a third-party person -
foreign government, terrorist, hacker - could have taken our password
file and copied it to their own computer while it was in transit,"
possibly allowing them to access Misawa's unclassified database,
Spence said in court. If a third party obtained access and deleted
that file, "it would bring the mission to a halt - basically,
everything is in there," he said.
=A9 2003 Stars and Stripes.
Attend the Black Hat Briefings and
Training, Las Vegas July 23-28 -
2,000+ international security experts,
10 tracks, no vendor pitches.