The first fallout from Cybergate

Was a crime committed?

Did Republican staffers commit a crime by clicking on the "My Network Places" icon to access Democratic memos, asks SecurityFocus columnist Mark Rasch.

Politics is dirty business, and rarely so much as in the area of patronage: appointments to sought-after federal jobs in general, and to the federal bench in particular. So it should be little surprise that, with so much at stake, one political party would want to use the insecurity inherent in computerized databases to its political advantage.

What is surprising, however, is that, caught with their hand in the cookie jar, Senate Republicans employed the tactic of blaming the victim: they said, in essence, It's your fault that we got and used your information. If successful, this tactic does not bode well for the government's ability to prosecute computer crimes, and to protect critical infrastructures.

With the resignation last Thursday of Senate staffer Manuel Miranda as the first victim of what I might call "cybergate," we may learn whether this tactic will be pursued and whether it will be ultimately successful.

The scandal itself revolves around the process by which federal judges are appointed, and more importantly, how such appointments are blocked by the opposing party. When President George W. Bush came to office, he sought to make numerous appointments to the federal bench -- some to positions that conservative Republicans had deliberately left vacant for years of Democratic administrations.

The Democrats, at the time a majority in the Senate, sought to use tactics similar to those they criticized Republicans for in preventing such nominations from reaching a vote on the floor of the Senate. The key Senate Committee responsible for such appointments was the Judiciary Committee.

Democratic staffers wrote and transmitted confidential memoranda describing the means they would use to block such nominations in general, and the nomination of conservative Republican Miguel Estrada in particular. A year ago, in February 2003, columnist Robert Novak -- the same columnist responsible for revealing the name of a CIA operative on a leak from government officials -- published information from these Democratic strategy memos. Novak reported that the information came from "internal Senate sources" but refused to identify these sources when questioned by Boston Globe reporter Charlie Savage.

It now appears that the memos were stored on a computer server that also served the Judiciary Committee. When the Republicans regained control of the Senate, they regained control of the Judiciary Committee as well. Eager young staffers apparently discovered that access to the Democratic strategy memos was not password-protected, and was located on the shared server, where they could access it by clicking on the "My Network Places" icon on their own desktops.

There is some dispute over what happened next -- though in my opinion it makes no difference. The Republicans argued that a computer technician told the Democrats about the configuration problem in the summer of 2002, and the Democrats claim they knew nothing about it until November of 2003. In either event, it's clear that Republican staffers, learning of the lack of protection to the documents, used the opportunity to take, read and leak the contents of the memos.

The 'They Deserved It' Defense

When the source and method of the leaks became apparent, the Senate Sergeant at Arms launched an investigation. Former Republican Senate Judiciary Committee Staffer Manuel Miranda came under suspicion, as he was one of the committee's point people on judicial appointments, and had since left the Judiciary committee to work for Senate Majority Leader Bill Frist.

What is amazing is what comes next. When interviewed by the Boston Globe about the incident, Miranda reportedly claimed that the only wrongdoing was on the part of the Democrats, both for the content of their memos, and for their negligence in placing them where they could be seen.

"There appears to have been no hacking, no stealing, and no violation of any Senate rule," the Globe quoted Miranda as saying. "Stealing assumes a property right and there is no property right to a government document. . . . These documents are not covered under the Senate disclosure rule because they are not official business and, to the extent they were disclosed, they were disclosed inadvertently by negligent [Democratic] staff."

So, Miranda claims it isn't stealing because you can't steal government documents, and it's not a violation of the rules because they aren't government documents. Or something like that. He also seems to argue that the password misconfiguration made the documents fair game.

There was a time when that would have been true.

When the federal computer crime law passed was passed by Congress in 1986, the statute only made it illegal to access certain computers (deemed "federal interest computers") without authorization, and made no provision for those who exceeded the scope of authorized access. This was not an oversight, but a deliberate limitation on the scope of the statute, and it was cited by courts in, for example, dismissing computer crime charges against Boston IRS employee Richard Czubinski who repeatedly violated rules and searched IRS databases for information about friends, relatives and political enemies. Congress specifically indicated that people who were authorized users of a computer system, and who used that access to look at individual files they were not supposed to see, should not be covered by the law.

But in one of the many amendments to the federal computer crime statute, Congress changed the wording, and explicitly criminalized the act of exceeding the scope of authorized access to a system. Doing this to federal computers is outlawed by Title 18 U.S.C. 1030(a)(2), which makes it a crime to intentionally access a computer without authorization or to exceed authorized access, and thereby obtain "information from any department or agency of the United States."

So, did the Republican Judiciary Committee staffers violate the law?

What I love about being a lawyer is that the answer to any question is always the same: "It depends." The law requires proof that the unauthorized access, or the exceeding of authorized access, was done intentionally.

With no passwords, and no lines of demarcation, it is possible to argue that the Republicans' access to the Democratic strategy documents was not deliberate, or that it was not exceeding the scope of authorization, because all of the documents were on a single, unprotected server.

This, of course, defies common sense, but the law often defies common sense. Similarly, the federal law requires proof that the information obtained be obtained from "an agency or Department of the United States." It seems that Miranda is arguing that, when the Democratic staffers act in a political capacity, their documents no longer relate to an Agency or Department - it's just politics. Finally, Miranda seems to argue that there is no proprietary right to government documents. While he is correct that government documents are not entitled to copyright protection, this does not imply that it is therefore okay to break into a computer database and take them.

The investigation continues, and Miranda, while continuing to proclaim his innocence, is so far the only casualty. But if his argument that failures of security excuse the taking of documents is accepted, truth, justice and information security may be the next casualties of political warfare.

Copyright © 2004, 0

Mark D. Rasch, J.D., is a former head of the Justice Department's computer crime unit, and now serves as Senior Vice President and Chief Security Counsel at Solutionary Inc.

Other stories you might like

  • North Korea pulled in $400m in cryptocurrency heists last year – report

    Plus: FIFA 22 players lose their identity and Texas gets phony QR codes

    In brief Thieves operating for the North Korean government made off with almost $400m in digicash last year in a concerted attack to steal and launder as much currency as they could.

    A report from blockchain biz Chainalysis found that attackers were going after investment houses and currency exchanges in a bid to purloin funds and send them back to the Glorious Leader's coffers. They then use mixing software to make masses of micropayments to new wallets, before consolidating them all again into a new account and moving the funds.

    Bitcoin used to be a top target but Ether is now the most stolen currency, say the researchers, accounting for 58 per cent of the funds filched. Bitcoin accounted for just 20 per cent, a fall of more than 50 per cent since 2019 - although part of the reason might be that they are now so valuable people are taking more care with them.

    Continue reading
  • Tesla Full Self-Driving videos prompt California's DMV to rethink policy on accidents

    Plus: AI systems can identify different chess players by their moves and more

    In brief California’s Department of Motor Vehicles said it’s “revisiting” its opinion of whether Tesla’s so-called Full Self-Driving feature needs more oversight after a series of videos demonstrate how the technology can be dangerous.

    “Recent software updates, videos showing dangerous use of that technology, open investigations by the National Highway Traffic Safety Administration, and the opinions of other experts in this space,” have made the DMV think twice about Tesla, according to a letter sent to California’s Senator Lena Gonzalez (D-Long Beach), chair of the Senate’s transportation committee, and first reported by the LA Times.

    Tesla isn’t required to report the number of crashes to California’s DMV unlike other self-driving car companies like Waymo or Cruise because it operates at lower levels of autonomy and requires human supervision. But that may change after videos like drivers having to take over to avoid accidentally swerving into pedestrians crossing the road or failing to detect a truck in the middle of the road continue circulating.

    Continue reading
  • Alien life on Super-Earth can survive longer than us due to long-lasting protection from cosmic rays

    Laser experiments show their magnetic fields shielding their surfaces from radiation last longer

    Life on Super-Earths may have more time to develop and evolve, thanks to their long-lasting magnetic fields protecting them against harmful cosmic rays, according to new research published in Science.

    Space is a hazardous environment. Streams of charged particles traveling at very close to the speed of light, ejected from stars and distant galaxies, bombard planets. The intense radiation can strip atmospheres and cause oceans on planetary surfaces to dry up over time, leaving them arid and incapable of supporting habitable life. Cosmic rays, however, are deflected away from Earth, however, since it’s shielded by its magnetic field.

    Now, a team of researchers led by the Lawrence Livermore National Laboratory (LLNL) believe that Super-Earths - planets that are more massive than Earth but less than Neptune - may have magnetic fields too. Their defensive bubbles, in fact, are estimated to stay intact for longer than the one around Earth, meaning life on their surfaces will have more time to develop and survive.

    Continue reading

Biting the hand that feeds IT © 1998–2022