A young genius and his tragedy, hacking the Pentagon and NASA

30 May 2024 14 minutes Author: Lady Liberty

As a rule, hackers lead a secretive lifestyle and try to remain anonymous. Many succeed, but some of them gain popularity against their will. This happened, for example, to customs officer Kevin or Robert Morris. But there are other computer geniuses about whose fate is known much less than about their exploits. One of these guys, who left a bright mark in the history of world hacking, was called Jonathan James. This is a person with a bright but tragic life story that led to an early and mysterious death.


As soon as the journalist did not name Jonathan James in his numerous publications: the youngest, but at the same time, the most talented hacker in America hacked the servers of NASA, hacked the Pentagon, stole the software that controls the ISS, and installed a backdoor on one server in the US military department. It was. And all this at the age of 15. As a further development of his unique career, Jonathan James became the first juvenile in the United States to go to prison, especially on the charge of burglary. In the English Wikipedia, a modest page and half a screen is dedicated to James, and even less on the Russian-language pages. But the story of this man undoubtedly deserves a much more detailed account.

Jonathan Joseph James was born in Pine Cross, a small “urban community” in Miami-Dade County, Florida, on December 12, 1983. The population of the town is slightly more than 18,000 people, but, nevertheless, it has its own newspaper, the Pinecrest Tribune, which is published twice a month. Pinecrest is also home to the South Florida Arts and Culture State Park. Besides, the village, which occupies a modest area of ​​7.5 square miles, does not seem to have stood out in the eventful history of the United States. Well, except that it became the birthplace of one of the most talented hackers in North America.

Jonathan grew up in an ordinary family by American standards: his father, Robert James, was a programmer, and his mother was a housewife. Even at the age of 6, he began to show interest in computers, regularly sitting down at the keyboard of his parents’ home machine and playing games. In an interview published after his son’s death, Robert James recalled that Jonathan stayed up all night in front of a screen, repeatedly installing various parental controls on his computer, which negatively affected his studies at school. But he always found clever ways to get around the restrictions imposed by his parents. Apparently, this was the first hacking experience of young Jonathan James. With age, the boy’s interest gradually changed: having played a lot of games, he gradually began to learn the Xi language. One day, Jonathan completely surprised his father: when he returned from work, he found that his son had destroyed Windows along with all the software from his personal computer, and then tested an unfamiliar operating system and installed Linux there to understand how it works. This is a great way to get the most out of your life.

When Jonathan turned 13, his fascination with technology seemed too painful and dangerous to his parents. At the family council, it was decided to take away the teenager’s computer, on which he spent most of his free time during the day and almost all nights. In response, Jonathan ran away from home and flatly refused to return until he was given access to his private office. As an argument, the young man emphasized that programming and video games did not affect his studies at school, where he always received high grades, but there is nothing surprising in this: Jonathan successfully hacked the computer network of an educational institution in Miami-Dade County and reported about the same thing. Around the same time, Jonathan James came up with the pseudonym c0Mrade, under which he communicated with other hackers on forums and in personal correspondence.

Through the thorns to the stars

Jonathan quickly got bored of the successful e-magazines, and he decided to choose a big goal for himself. The first serious victim of the 15-year-old hacker C0Mrade was a division of AT&T called Bell South, one of the largest telecommunications companies in the United States, headquartered in Atlanta, Georgia. Little is known about the details of this hack, moreover, BellSouth itself learned that the company’s servers were attacked by C0Mrade only when the hacker himself confessed to this episode after his arrest. “They regularly try to hack us,” said Bellsouth representative Spero Canton in an interview with the Tampa Bay Times, “and around the time Jonathan was speaking, the real incident happened.” Obviously, this hack didn’t hurt BellSouth because C0Mrade’s main goal was not to make a profit, but to have fun and test their knowledge. He later told reporters: “I know UNIX and C like the back of my hand because I’ve read a lot of books and I’ve always spent time at my computer.” The most difficult thing is not to break the system, but to learn and master the knowledge so that you can understand what you can do with this system.”

Inspired by his success, Jonathan decided not to stop there. At night, sitting in a room with a Pentium-266 keyboard, he searched for a vulnerable server that could bypass the security system installed by the administrator and connect to it. On June 29, 1999, 1 such server was discovered in Huntsville, Alabama. By installing malware on it, the young hacker was able to elevate his system privileges and gain access to 13 other computers on the compromised network. As it turned out, the servers and networks that were penetrated by C0Mrade belong to a division of NASA called the Marshall Space Flight Center. This government research institute is engaged in the development and testing of promising rocket engines, the creation of communication systems and software for the International Space Station.

Among other interesting information Jonathan James gained access to was the source code of a program that helps control vital elements of the International Space Station. According to NASA experts, the software is designed to maintain the physical environment in the ISS living quarters, including temperature and humidity control. Experts estimated the cost of this software at 1.7 million dollars, but James himself later said: “these outlets turned out to be complete junk and do not attract such sums. By the way, after this remark, part of the source code of the ISS, to which he had access, was completely rewritten.

After discovering the intrusion, Marshall Center staff shut down the compromised servers and computers for 21 days to analyze the cause and chronology of the breach. This caused $41,000 in direct damages to NASA. Around the same time, NASA’s Security Service passed on information about the attack to the FBI, and federal agents began a painstaking search for a mysterious, powerful hacker who hacked the US national space program. Attend classes at Miami-Dade Community College with other students during the day, and go online at night in search of vulnerable servers to hack out of pure curiosity.

Crime and Punishment

On a September evening in 1999, Jonathan James, while scanning the network, discovered that an unknown user providing services to others had installed a backdoor on one of the servers in Dulles, Virginia, 1. The Trojan was able to connect to the server from the Internet in almost all of them, which c0mrade quickly did At the time, the young hacker did not know that the hacked server belonged to the Defense Threat Reduction Agency (DTRA), one of the units of the Department of Defense that deals with the analysis of external threats to the country’s national security.1 without thinking twice, James installed a sniffer on his server that looks for login, password and other interesting information, and began to analyze the traffic passing through it.

The catch turned out to be rich. Between September 9 and 10, 1999, he managed to intercept DTRA user credentials, gain access to 10 DoD computers, and download more than 3,300 e-mails from DoD employee mailboxes. While Jonathan studied its contents with interest and did not pay enough attention to the issue of anonymity, the FA discovered on a hacked computer, clearly one of the Pentagon’s subsidiaries (as the US Department of Defense claims – the first in history), successfully penetrating the internal network was not went unnoticed.1 the investigation was short-lived and ended on 1/26/2000, when DOD agents and Pinecrest law enforcement officers were ordered to arrest the hackers.

“I’ll admit, the day these guys in bulletproof vests and guns broke into my house, I became a very popular guy in college,” Jonathan James told reporters with a smile. His house was searched, as a result of which the agent seized 6 devices: 4 desktop PCs, laptops, pocket computer. After his arrest, Jonathan began to actively cooperate with the investigation and tell the police about how he carried out all these invasions. “Of course, they were worried that minors could easily infiltrate the network of government organizations,” the hacker said. “Their main problem is that they don’t pay enough attention to security. But at least they seem to understand that.”

First of all, it was to James’s advantage that he did not perform destructive actions with the compromised system – did not change the password, did not delete files, and besides, he was a minor: at the time of the crime he was only 15 years old, and on the day of the sentencing he was only 16 years old. If Jonathan James had been an adult, he would have faced at least 10 years in prison and a large fine. But because of his young age, as well as the fact that he made a deal with the investigation, he voluntarily pleaded guilty to two counts (hacking NASA and the US Department of Defense), so the court ruled that he was guilty of “crimes committed by a minor” . No other criminal article under the law of the state can apply to him after reaching the age of majority. The punishment also turned out to be quite humane: James received 6 months of house arrest and a ban on using computers for entertainment purposes (but he could still sit down at the keyboard if it was necessary for training). In addition, the hacker had to apologize in writing to NASA and the US Department of Defense for what he had done.

But the generosity of the sentence does not appear to have benefited James. He was soon arrested by the police on the street for violating the conditions of his house arrest, and his tests showed additional traces of drugs. In the end, the court replaced the suspension with a real one, and Jonathan went behind bars for another 6 months, which he had to spend in a juvenile correctional center. It was the first time in the United States that a teenager went to prison for committing a computer crime, so the story attracted increased press attention. In an interview with the Miami Herald newspaper, Jonathan James said that he decided to commit to hacking. “She’s not worth it,” he told the reporter. “I was just doing it for fun, it was a game for me and they were controlling me, I don’t want it to happen again.” I can find other entertainment.”

After fully serving the term measured by the judge, Jonathan was released and for a while disappeared from the sight of special services and the press, deciding to live an ordinary lonely life in his parents’ house in Pinecrest. Unfortunately, this loneliness did not last long, as in the life of Jonathan James himself.

Death of a hero

On January 17, 2017, a group of hackers led by Alberto Gonzalez, a well-known figure in cybercrime, carried out a series of large-scale attacks on the largest commercial and financial institutions in the United States. Among the victims were the popular American supermarket chain TJX, BJ Wholesaler Club, Boston Market, Barnes & Noble, Sports Authority, OfficeMax and several other commercial companies. As a result of the attack, hackers stole the credit card data and personal information of millions of these companies’ customers, causing significant damage to the companies themselves (and their reputations).

During the investigation of the incident, the US Secret Service contacted Gonzalez’s accomplices involved in this crime. Some of them told me that they knew Jonathan James from a hacker forum and that’s why he also came under suspicion. These suspicions were also reinforced by the fact that the unknown hacker, who went by the alias JJ, was working with Alberto Gonzalez. The attacker stole credit card information and PINs by hacking the wireless network of office supply store OfficeMax, then transferred the stolen goods to Gonzalez and created an anonymous mailbox for him. The nickname JJ coincided with the initials of Jonathan James. This situation turned out to be enough for secret service agents to raid the house of Jonathan James himself, his brother and his girlfriend, and also establish contacts with members of Alberto Gonzalez’s team. But then investigators concluded that the mysterious Anonymous JJ was most likely Gonzalez’s best friend, Steve Watt, who often checked in online under the alias Jim Jones. During the search, the agent found nothing that could connect James to this crime. Only a rifle was found in his house, but it was not seized because it was officially registered.

Jonathan James’ father, Robert, later recalled that when he returned from prison, he suffered from depression and was often in a state of anxiety and depression. The searches and constant surveillance that Jonathan was subjected to did not give him peace of mind. Shortly after Secret Service agents broke into the hacker’s home, Robert called him and asked if investigators could find anything that would allow them to press charges. Jonathan answered in the negative. This was the last conversation between father and son.

On Sunday, May 18, 2008, 25-year-old Jonathan James was found dead in the bathroom of his home with a gunshot wound to the head from the same officially registered gun that agents did not recover during a search. Next to him lay a dying letter addressed to his father, brother and friend. Among other things, it contained Jonathan’s password to his PayPal and MySpace accounts. In that note, Jonathan wrote, “I have no faith in our judicial system – maybe my actions today and this letter send a strong message to the public, but frankly, I have nothing to do with the whole TJX thing.” Chris (Scott) and Albert Gonzalez are the most dangerous and destructive hackers the FBI has ever caught, but I’m much more attractive [as a victim], that’s life. Remember: it’s not about whether you win or lose, it’s about whether you spend 20, 10 or 5 years in prison for a crime I didn’t commit. This is my way of winning, but at least I will die free.”

There are still widespread rumors in the hacker community that the circumstances of Jonathan James’ death were staged, and the real cause of his death was top-secret information he allegedly managed to obtain on NASA and Pentagon servers. This, according to them, is connected with the keen interest in his person on the part of the US secret services. But the official investigation established that James committed suicide [by Roskomnadzor], and all other versions are just empty guesses.

Be that as it may, the short life of Jonathan James, no matter how pathetic it sounds, is forever inscribed in the world history of hacking. In a brief obituary published in the pages of the Miami Herald, he wrote: “Jonathan, who graduated from Beth Am in 1995, will be remembered by friends and family as a very intelligent young man who did nothing by the rules. Comp” a computer genius in every sense of the word, he always impressed friends, family and the Government with his achievements. He will be greatly missed by his brother, father, aunts, uncles, cousins, grandparents and many, many friends.”

The editor of the obituary just forgot to mention the fact that Jonathan “C0Mrade” James was not just a hacker and computer genius. He was a computer genius and hacker who, however, did nothing wrong in his life. It is very sad that his life ended so quickly.

Other related articles
Found an error?
If you find an error, take a screenshot and send it to the bot.