Jerome Heckenkamp


Jerome Heckenkamp was an Australian-American computer expert. After completing his education at a young age, he worked as a computer network engineer. He was later convicted of hacking attacks on several prominent corporations and universities.

Early life and education

Heckenkamp was born in the Australian state of New South Wales. His family moved to Pewaukee Wisconsin when he was young. He was homeschooled as a child, and proved to be an exceptionally intelligent student. He taught himself algebra at age 8 and entered the University of Wisconsin–Waukesha at age 14. He later moved to the University of Wisconsin–Madison where he pursued a graduate degree in Computer Science. He had also lectured on computer programming at the University of New Mexico.

Career

The FBI had suspected that Heckenkamp was involved with hacking before he graduated, but did not immediately bring charges against him. After leaving his university, he was employed at Los Alamos National Laboratory as a computer network engineer. Officials at Los Alamos have stated that he never held a security clearance and did not work with classified information, although Heckenkamp had claimed that he worked in a highly sensitive area. Senator Pete Domenici said of Heckenkamp, "He had the right kind of brain, but he didn't have the right kind of behavior."

Hacking

He was accused of hacking into the networks of multiple corporations, including Qualcomm, Juniper Networks, E-Trade, eBay, Lycos, and others. According to victim testimony, these attacks caused tens of thousands of dollars' damage. In December 1999 a UNIX system administrator at Qualcomm noticed the attacks to computers in their external DMZ and from their externally accessible SSH gateway host, Qualcomm notified the FBI and began to track the attacks through several network hops, several days later they contacted the University of Wisconsin, where the originating attacks had been launched from. During their own investigation, University of Wisconsin system administrators then noticed that the connections had come from a University mail server, then using their own NetFlow logs, they tracked the packets to an IP registered to one of the dorms. Allegedly, the IP responsible for the attacks was assigned to a second computer in Heckenkamp's dorm room. Having previously worked at the university's computer help desk, Heckenkamp had significant knowledge of the university networks. Although law enforcement had requested that they delay action, system administrators hacked into Heckenkamp's computer and gathered further evidence against him, citing the emergency threat to the university network after Heckenkamp gained root access to their servers. Although Heckenkamp challenged the evidence gained through the search of his computer as an invasion of privacy, the legality of the university's actions was upheld on appeal.

Legal battles

Heckenkamp had steadfastly maintained his innocence, claiming that someone else used his computer to launch attacks and that none of the evidence definitively links him to criminal activities. After being prosecuted he was represented by Jennifer Granick, then the clinical director of the Center for Internet and Society at Stanford Law School. During the proceedings, however, he fired and rehired Granick several times. While representing himself in court, he insisted that the charges against him were not valid because the government capitalized every letter of his name on the legal documents, while he only capitalized the first letter. He also claimed the prosecuting attorneys, representing the United States, had not brought their client to court. Neither of these tactics was successful.
Heckenkamp eventually entered into a plea bargain in which he admitted guilt and was sentenced to time served, after spending eight months in prison.