Gary McKinnon, the man accused of carrying out 'the biggest military computer hack of all time', says he will fight attempts to extradite him to the US, after appearing at Bow Street Magistrates' Court last week.

The 39-year-old, from Wood Green in north London, is accused of hacking 97 US military computers between February 2001 and March 2002, causing damage estimated at $700,000 (£370,000).

But the hacker says he will fight extradition to the US, and denies knowingly or intentionally causing any damage. He has also called for consistent global computer crime legislation.

At the court proceedings, US government representative Mark Summers accused McKinnon of hacking into Nasa and Pentagon systems, as well as US Army, Navy, and Air Force computers. During one attack he is alleged to have shut down the internet access on 2,000 military computers in Washington.

McKinnon denies the damage, but admitted to the court that he posted a message on one US Army computer saying: 'US foreign policy is akin to government-sponsored terrorism these days. I will continue to disrupt at the highest levels.'

In an interview with Computing before his court appearance, McKinnon said: 'I honestly hope that someone on a 56k modem is not capable of that kind of damage. I am sickened by these accusations. I did not knowingly delete or damage anything. I wanted to keep my presence secret and go undetected.

'My only explanation for the estimated damages is that the US government is talking about how much it has spent rebuilding machines, removing software and ensuring they can't be accessed again.'

McKinnon told Computing that he hacked into a number of military sites by building his own hacking program and installing software used by systems administrators for diagnostics on remote computers.

After taking an interest in UFO theories, McKinnon hacked into Nasa's Johnson Space Center.

'There were folders full of megabytes of images but I could not transfer them as I was only using a 56k modem,' he says.

McKinnon says his attention soon turned from UFOs to exposing network security faults after being amazed by the relative ease at which he could enter systems.
'I was gobsmacked. I couldn't even program in C when I first started doing this,' he says.

'From newspaper articles and newsgroups I learned that the US military was using a lot of Windows technology and was keen to publicise the fact. So I tried to look at the inner workings, and at hacking Windows systems.'

On one occasion, running a Network Status command to see who else was connected to a machine he was hacking, McKinnon says he found a number of other 'unofficial' people accessing it, from Turkey, Germany and The Netherlands.

'From what I hear the US military still hasn't closed a lot of the gaps. Apparently they are getting a lot of attacks even now. But because I was not particularly good they decided to make me a scapegoat.

'If they can get me a good jail term then that will be a good disincentive to others, rather than actually securing their systems.'

McKinnon says his hacking activity was coming to an end when the NHTCU arrested him in November 2002.

'I know it was illegal and I regret what I have done. My advice to any hacker would be: don't do it. If you are interested in security you would be better off getting good qualifications and going for jobs in IT security,' he says.

'I just want to be tried in this country. I find a password and look around some networks and I could face 70 years in a US jail.'

McKinnon says that international laws on computer crime should be established.

'I think there should be some common global legislation. Each country seems to treat it differently at the moment,' he says.

'I am going to appeal, and I am also trying to get a judicial review on extradition laws.'

He says that international legislation should differentiate between computer crimes.

'The highest sentences should go to virus writers, as they don't even know where their viruses could end up or what damage they could cause.'

But Jim Norton, senior policy adviser at the Institute of Directors, says this is not necessarily the right way to proceed.

'Don't draw a distinction, because hackers could cause substantial damage, even inadvertently,' he says. 'I don't think we can be soft-hearted in that respect. To some extent the degree of damage is something a court can take into account.'

Nick Kalisperas, director of public sector at IT trade body Intellect, says the government must do more to ensure that infrastructure is protected.

'Regardless of why someone does it, hacking causes damage and has the potential to undermine confidence,' he says.

'On that basis, both government and industry have to decide the most appropriate way to respond. There needs to be a system of continual review and vigilance, and close co-operation between government and industry to best understand where the deficiencies are and how best to protect the nation's key infrastructure.'

McKinnon is due to reappear at Bow Street Magistrates' Court on 18 October.

Gary McKinnon: Timeline of events