2008's biggest tech crime stories

From spammers to hackers to porn kingpins, a look back at the year in cybercrime

2008s biggest tech crime stories

While 2008 didn't see any convictions of corrupt tech execs along the lines of Qwest's Joseph Nacchio or WorldCom's Bernie Ebbers , it did produce convictions for high-profile spammers, botnet operators, porn distributors and online scam artists as well as its share of other high profile network shenanigans, some of which haven't been sorted out in court yet.

Robert Soloway

In a boon for email users everywhere, the man whom prosecutors had dubbed " The Spam King " was sentenced to 47 months in prison earlier this year after he pleaded guilty to fraud, spamming and tax evasion in July. Described as one of the world's 10 worst spammers at the time of his arrest by a Microsoft attorney, Soloway, 28, was first sued for spamming by Microsoft in 2003. Despite losing a $7 million civil judgment to Microsoft back in 2005, Soloway continued to send out massive spam up until his arrest in May 2007. In addition to being sentenced to nearly four years in jail, Soloway will also have to serve three years of probation and perform 200 hours of community service.

DOJ nabs 11 in TJX hack

The US Department of Justice revealed this summer that a group of hackers used a combination of wardriving , sniffer software and SQL injection attacks to steal over 40 million credit and debit card numbers from TJX , OfficeMax, Barnes & Noble and other companies and store them on underground server systems in the US, Latvia and the Ukraine. The DOJ has indicted 11 alleged hackers on charges of computer fraud, wire fraud, access device fraud, aggravated identity theft. So far only one of the 11 people charged by the DOJ has pleaded guilty.

Randall Craig

What better way to thank members of the United States military for their patriotic service than by stealing their identities and selling them to undercover government agents? Randall Craig, a 41-year-old Houston man who worked as a private contractor at a San Antonio Marine Reserve Corps Center, pleaded guilty this past May to exceeding authorized access to a computer and aggravated identity theft after he sold the names and Social Security numbers of 17,000 military employees to an undercover FBI agent. Earlier in the year, Craig had met with the agent at the Houston airport to discuss selling him a thumb drive that contained the employees' data on it. Eventually he agreed to sell the information for $500.

This past July, a disgruntled network administrator named Terry Childs pleaded not guilty to charges of computer tampering for allegedly setting up an unauthorized access system and holding much of the city of San Francisco's multimillion dollar computer network hostage by not telling police how to regain access to the network . Childs, 42 at the time, was charged with computer tampering that city officials say caused millions of dollars in damage. Though the motives for Childs' alleged tampering are still officially unknown, city officials have said that Childs was rigging the network to let outside parties monitor city traffic. Additionally, prosecutors have alleged that Childs installed a tracing system that would let him snoop on city officials' communications.

While Childs has not been convicted of computer tampering in San Francisco yet, prosecutors have revealed that Childs spent four years in a Kansas state prison after being convicted on charges of aggravated robbery when he was 17 years old. Childs neglected to put this arrest on his job application at the San Francisco Department of Technology, prosecutors say.

With porn so readily available across the Internet, it may seem surprising that the government even bothers to go after individual porn distributors. But apparently Paul "Max Hardcore" Little is a special case, as the feds successfully convicted him of multiple obscenity offenses in October and got him sentenced to 46 months in prison. In touting its conviction, the U.S. Department of Justice said that Little, 52, engaged in "violent and extreme sexual acts with female performers" in his films and that he distributed these films over the Internet via his website. And just what was in these films that got a jury to vote in favor of an obscenity conviction? We'd prefer not to say since we're a family-friendly website, but Gawker has some of the gory details here if you're so inclined.

Facing an increasingly competitive telecom market, former Alcatel official Christian Sapsizian decided to secure lucrative telecom contracts the old fashioned way: through bribes. Sapsizian, who worked as Alcatel's deputy vice president for the Latin American region from 2000 to 2004, was convicted in September of paying out $2.5 million in bribes to Costa Rican officials over a four-year period to help Alcatel nail down a $149 million cellular network deal. As punishment, Sapsizian, 62, will have to pay a $261,500 fine and serve three years of supervised release.

The botnet herder

Robert Matthew Bentley needed a large network of computers to help him distribute adware. To this end, he hacked into the computer system at Newell Rubbermaid , the plastic-ware company that makes Sharpie markets, and transformed hundreds of its computers into a botnet. From there, the network was used to infect computers throughout the world with adware on behalf of DollarRevenue, a notorious adware producer that was fined over $1.5 million by the Dutch government for distributing adware in 2007. Bentley, a 21-year-old hacker based in Florida, was paid 0.15 Euros for each European computer he infected with adware and $0.25 for every US PC he infected with adware, investigators said. Bentley pleaded guilty to charges of computer fraud and conspiracy to commit computer fraud. He was sentenced to 41 months in prison and must pay $65,000 restitution.

Internet kiosk

Lillian Glaubman's business propositions were akin to the business plan of South Park's legendary Underpants Gnomes . In other words:

Step 1: Set up Internet kiosks

Step 2: ?????

Step 3: Profit!

Glaubman, a Miami woman who was sentenced to six and a half years in prison for one count of conspiracy to commit mail and wire fraud and one count of mail fraud last fall, was the administrator for Internet kiosk vendor Pantheon Holdings. According to investigators, Pantheon sold businesses Internet kiosks for $18,000 a pop by persuading them that they would reap substantial rewards from both Internet connection access and for advertisements that would appear on the kiosks. Additionally, Pantheon promised to find high-traffic areas for the kiosks and to get advertisers to place ads on the screens.

Predictably, Pantheon never did any work to attract advertisers and the kiosks were more likely to be placed in tumbleweed farms than in well-trafficked zones. In addition to serving jail time, Glaubman was also ordered to pay a whopping $18.2 million in restitution.

E-Rate fraudsters

E-Rate, a federal program that is designed to give U.S. schools and libraries access to affordable telecom and Internet services, has long been a target for crooks who defraud the program by rigging bids and inflating the costs of equipment and services. Federal investigators busted several E-Rate fraudsters over the past year, including Judy Green , a former education consultant from California who was sentenced to seven and a half years in jail on 22 counts of fraud, bid rigging and conspiracy to commit wire fraud; Fresno, Calif.-based electrical contractor Howe Electric , which agreed to pay $3.3 million in fines and restitution for rigging bids with Green; R. Clay Harris, a Georgia businessman who was found guilty of bribing a former Atlanta public school official to secure an E-Rate contract; and the former co-owners of New Jersey computer service provider DeltaNet, who pleaded guilty to making false statements on their E-Rate service applications.

It's a scam so simple: import a bunch of cheap no-name network equipment from China, pass it off as Cisco gear here in the U.S. and walk away with a fortune. Charles Lacy-Thompson, the 52-year-old former owner of the New York-based Coletronic Computer electronics sales company, actually implemented such a scheme over a four-year period from 2003 through 2007. In that time, his company generated sales between $4 million and $5 million per year, and an FBI investigation found that Coletronic possessed more than 3,500 pieces of fake Cisco gear valued at $3.5 million. Despite the best efforts of Lacy-Thompson's lawyer to paint his client as a great guy - say, did you know he's an inspirational youth sports coach and that he volunteers at a local food pantry? - Lacy-Thompson was sentenced to 30 months in prison. He also has agreed to fork over $2.2 million in cash and property to the federal government.

Miscellaneous arrests

In addition to the big convictions for tech-related crime this year, there were several arrests in high-profile cases that are currently awaiting trial. The biggest was that of David Kernell (shown here), a 20-year-old Tennessee man who has been indicted for hacking into former Republican vice-presidential candidate Sarah Palin's email account. He has pleaded not guilty to accessing a protected computer. Other notable arrests include Francis Janosko , a former inmate at the Plymouth County Correctional Facility in Massachusetts who was arrested by the FBI for allegedly hacking into his former prison's computer network and stealing prison workers' Social Security numbers; Viktor Savtyrev , a systems administrator from New Jersey who was arrested for allegedly trying to extort money from a company that had recently laid him off; and Biswamohan Pani , a former Intel employee who has been indicted for allegedly stealing $1 billion worth of trade secrets from his former company.

Are spammer sentences too lenient? Have you ever paid $18,000 for an Internet kiosk or purchased fake Cisco gear? Let us know in the comments!

Copyright © 2008 IDG Communications, Inc.