Feeds

Web defacer sentenced, facing deportation

Still that NASA business though...

Using blade systems to cut costs and sharpen efficiencies

Rafael Nuñez-Aponte will soon be going home to Caracas after spending seven months in a U.S. jail for compromising a computer belonging to the Department of Defense, but only if the National Aeronautics and Space Administration decides not to pursue charges against him.

Last week, a U.S. district court sentenced the Venezuelan security professional to time served - about seven months - for defacing an Air Force training Web site in June 2001 under the monicker "Rafa" as part of the online vandal group, World of Hell. The sentence followed a plea agreement between prosecutors and Nuñez signed in July.

"We were happy with the court's sentence," said Scott T. Varholak, the public defender representing Nuñez. "I think the court took into account Mr. Nuñez's character and that he has done a lot of good things since that time."

U.S. immigration officials have taken custody of Nuñez and he will be deported, Varholak said. The process typically takes about two weeks. However, other security incidents attributed to Rafa could delay his departure from the United States. The National Aeronautics and Space Administration (NASA) could attempt to hold Nuñez responsible for sensitive documents allegedly stolen by Rafa in 2002. Rafa allegedly took over 40MB of data regarding NASA's next-generation launch vehicles from a contractor's computer, according to press reports at the time.

A source at the U.S. Department of Justice stressed that the plea agreement and conviction only apply to the incident involving the U.S. Air Force. The source, who asked not to be named, said that Nuñez could be charged for other crimes. However, NASA investigators refused to comment on any possible future prosecution.

Nuñez's sentencing is the latest success for U.S. prosecutors against online vandals and cybercriminals. In February, prosecutors elicited a guilty plea from Nicolas Lee Jacobsen on charges of unauthorized access into the computers of telecommunications company T-Mobile. Microsoft helped German authorities track down and convict the creator of the Sasser worm, Sven Jaschan. In Europe, prosecutors have brought cases against the alleged online attackers suspected of creating networks of compromised computers, known as bot nets.

U.S. immigration officials arrested Nuñez on April 2 when he arrived in Miami for a conference. Nuñez had been working for Venezuelan telecommunications company CANTV in computer security and had previously worked for the Venezuelan subsidiary of Scientech. Law enforcement officials then moved the 26-year-old Venezuelan to Denver, Colorado, where he was charged.

The plea agreement, announced in July, stipulated that, under the monicker "Rafa," Nuñez joined a hacker group known as World of Hell, which prided itself on highlighting weaknesses in the security of government and corporate computers. A site run by the Defense Information Systems Agency (DISA) for the U.S. Air Force was among the Web sites defaced by Rafa, the agreement stated. Nuñez plead guilty to "intentionally damaging" that computer and causing $10,548 in damage.

"The plea agreement simply addresses his admission regarding this crime," said Jeffrey Dorschner, spokesman for the U.S. Attorney's office in Denver. "The U.S. sentencing guidelines takes into account his prior criminal history and the financial impact of the crime, but also whether he takes responsibility for his actions."

Boost IT visibility and business value

More from The Register

next story
14 antivirus apps found to have security problems
Vendors just don't care, says researcher, after finding basic boo-boos in security software
Secure microkernel that uses maths to be 'bug free' goes open source
Hacker-repelling, drone-protecting code will soon be yours to tweak as you see fit
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Israel's Iron Dome missile tech stolen by Chinese hackers
Corporate raiders Comment Crew fingered for attacks
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
Researcher sat on critical IE bugs for THREE YEARS
VUPEN waited for Pwn2Own cash while IE's sandbox leaked
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Securing Web Applications Made Simple and Scalable
Learn how automated security testing can provide a simple and scalable way to protect your web applications.