◆ SpookStack

= significant mention of NYTCO 2.= positive passing mention of NYTCO = negative = industry article = neutal ‘Hacker Adds <I>New York Times</I> ong List Of Targets é be -1 b7c -1 NFORMATIONWEER.COM Hacker Adds New York Times To Long List Of Targets A 21-year-old hacker gains access to the newspaper's corporate intranet and its source database. It's the latest in a long list of companies whose security problems have been exposed by hacker Adrian Lamo. By George V. Hulme, InformationWeek Feb 27, 2002 (12:00 AM) URL: http://www informationweek.com/story/IWK2002022780003 Adrian Lamo, a homeless 21-year-old literary buff who likes to quote Ayn Rand and H.P. Lovecraft, uses an old Toshiba notebook to expose security weaknesses at companies such as Microsoft, Yahoo, AOL, and “Excite@Home. He won't explain why he does what he does, but he says hacking is his nature. in December, the part-time security and communications consultant struck WorldCom and gained access to information about the communication company's clients, including AOL Time Warner, Bank of America, Citicorp, News Corp., J.P. Morgan, McDonald's, and Sun Microsystems. And Tuesday, he informed the New York Times, through a reporter at SecurityFocus, that he had hacked into its corporate intranet, gaining access to employees’ Social Security numbers and a source database that lists the phone numbers of the rich and powerful, including Rush Limbaugh, Jeanne Kirkpatrick, Jimmy Carter, and James Baker. Lamo says that for more than a week he had access to the personnel records of about 3,000 New York Times employees. A Times spokeswoman says the company patched the holes after being notified of the problems by Lamo. "We | take security extremely seriously," she says. Lamo says he knows he's taking legal risks, but hacking into networks is part of his nature. "As long as unauthorized exploration is going to happen on some level, what makes the most sense to me is to have it harm the fewest people as possible. If I'm trying to push any idea for people to evaluate here, that's it. If you can't eliminate it, and possibly aren't sure you want to, is harm reduction so unreasonable?" he asks. Lamo says he contacts the companies he hacks through the media because they don't "take calls from regular people seriously." When Lamo hacked into the networks of WorldCom and Excite@Home, both companies thanked him for finding the security problems and bringing them to their attention. But some analysts say Lamo is simply a publicity seeker who causes more harm than good by exposing companies’ security weaknesses, “He is like a drunk driver, and he doesn't understand the implication of his | actions,” says Pete Lindstrom, director of security strategies at Hurwitz Group. "Someone should take his notebook away." | | http://www.informationweek.com/shared/printableArticle?doc_id=IWK20020227S50003 : 2/28/02 , FBI(19-cv-1495)-1625