The letter from Carl Payne came in the spring of 1998. It was hand-written -no letterhead. I was suspicious. Being a columnist for The Boston Globe and the author of seven books, I get my share of communications from cranks, crazies and convicts. But Payne, I soon realized, was none of the above.
Payne wrote that he was the defendant in a criminal computer-hacking case. Back in December 1994, at the age of 28, he had helped start an Internet service provider in Utah that was eventually named Fibernet. But in the autumn of 1996 the board voted to oust Payne after he locked horns with the man who was poised to become Fibernet's new president.
A week after Payne left Fibernet, someone had hacked into the company's computers and ransacked their systems. Fibernet had immediately fingered Payne and persuaded the Utah County Attorney's office to charge him with violating Section 76-6-703 of the Utah Criminal Code, "Computer Crimes," a seconddegree felony. The prosecution had a pile of evidence, the case was going to trial, and he needed my help.
At first glance, Payne did indeed look like the likely culprit. Studies have shown that most computer crimes are perpetrated by disgruntled employees. Most computer-hacking cases that reach a courtroom pivot on some aspect of the law, such as whether the hack was illegal-and not on whether the suspect actually did it. I had never heard of a case in which the accused "hacker" maintained his innocence, especially in the
light of hard evidence. Yet that's just what Payne was doing. Intrigued, I called him.
On the telephone Payne was talkative, friendly-and very worried. We agreed that he would send me all the evidence the County Attorney's office had provided to his lawyer. I would assess its quality and write a report. If the case went to trial, and he still wanted me, I would come to Utah and testify. It would be my first stint as a paid expert witness.
Story continues below
A week passed and a thick packet arrived in my mailbox. It contained Payne's account of the incident, the police report, depositions from all involved, and nearly 200 pages of computer printouts. After four hours spent poring over the documents, I emerged into the living room and told my wife: "Things don't look good for Mr. Payne."
Payne's last day of work was October 30, 1996. On November 6, someone had logged into each of Fibernet's main computers and started deleting files. Customer Web pages and e-mail were erased. Accounting information was wiped out. Then the attacker gained access to each of the company's special-purpose communications computers, called routers, and deleted their programming. Ultimately, the company lost more than half its customers, laid off many employees, left its managers without salary, and nearly folded.
E-mail
Print
Favorite
Share »
Digg this
Add to del.icio.us
Add to Reddit
Add to Facebook
Slashdot It!
Stumble It!
Add to Newsvine
Add to Connotea
Add to CiteUlike
Add to Furl
Googlize this
Add to Rojo
Add to MyWeb
Download
Massachusetts Institute of Technology
Comments