By Rachel Marsden
Wednesday, August 07, 2013
Major media outlets have featured him as representative
of a new generation of "patriot hackers." He sent an old laptop to
the International Spy Museum in Washington, D.C., where it's now on display. He
claims to have launched hacking attacks on websites ranging from jihadist
forums to WikiLeaks. Last week, a guest on the syndicated radio program
"Coast to Coast AM" described the individual hiding behind "The
Jester" moniker (or "th3j35t3r" in hacker lingo) as "not
somebody in someone's basement in a T-shirt."
Except that he does appear to be just a regular guy, and
not part of some sophisticated operation. He is nevertheless an iconic figure
in the world of cyber-spying. A U.S. Army cyber-operations specialist issued a
report that used the "Jester Dynamic" to illustrate a new breed of
online warrior. I spent three hours on the phone with a man claiming to be The
Jester in the wee hours last week. This is a cautionary tale about the smoke
and mirrors in the new frontier of cyber-espionage, which U.S. intelligence
leaders described in March as the top security threat to the United States --
surpassing terrorism.
I discovered The Jester's existence a few weeks ago,
finding the persona charming and amusing but quickly realizing that he wasn't
actually hacking. Rather, he was using a readily available tool to launch a deluge
of junk data at websites, causing them to become unavailable to users. There
was no actual intrusion.
As a pro-Western "hacktivist," he claimed to
have hacked a Venezuelan newspaper's website when that country's president
considered granting asylum to NSA intel leaker Edward Snowden. Leaving the
target website untouched, he effectively directed his audience to a spoof page
he created that replaced certain articles with his own. He did the same to a
Libyan newspaper during the anti-Gadhafi operation. Legitimate cyber
specialists tell me The Jester has requested that they perform technical
wizardry on his behalf.
During my online exchanges with The Jester via his
Twitter account, I told him that through basic human intelligence analysis,
profiling and open-source research, I was able to figure out who he was -- but
that I didn't care who he was, because he appeared to be just goofing around.
Apparently miffed, he sent me a private Twitter message one night saying that
he was going to call me, and seconds later a
person who said he was The Jester did (after two Google Voice throwaway numbers
failed).
He said that his real name is Mark Walker. That name
matched financial records dumped online when The Jester's email was hacked last
year. He spoke dysfluently in a distinctive Anglo-Irish accent but said he's of
Irish-Italian descent. He claims to be a 38-year-old British citizen, born in
March 1975. He said he works in "IT" (information technology) in the
Midwest -- his mobile phone number resolves to Kansas City, Missouri -- but
only spends three months at a time working in the USA before returning to
Europe, since that's all his visa will allow.
He said he failed British military qualification three
times, so he decided to go "knock on the door of the (French Foreign
Legion) in Lille" and served as a parachutist. (The Legion was unable to
confirm his service.) He claims to have subsequently qualified to serve with a
British Army unit before being declared "unfit to fight" -- a designation
he claims made him go AWOL for two years in anger before he was honorably
discharged. A spokesman for the British Army says that things don't work that
way -- you can't just go AWOL for two years and be honorably discharged -- and
that Mark Walker's military service record cannot be confirmed. Nonetheless,
the man identifying himself to me as The Jester used that narrative as
justification for his Jester persona -- sublimation of what he said he isn't
allowed to do militarily. He further claimed to have performed armed service in
Afghanistan with defense contractor Aegis (also not confirmable).
The man I believe to be The Jester said that if any bad
guys ever came for him he'd shoot them. He claimed that middle-aged women
"throw their panties" at him online, but that he has "mastered
the fine line between being polite and leading them on." They are, after
all, major consumers of the "Jestergear" sold on The Jester's
website, including T-shirts and iPhone cases.
He likes to "break things," he says -- meaning
body parts. He laughed hysterically while telling me in gory detail how he
snapped his humerus in a mountain bike crash last year. And laughed again while
explaining how he also broke both ankles. Then, just as one ankle had healed,
he drunkenly climbed up an old British lamppost, fell and broke it again, he
said.
He seemed hurt when I said that I didn't think he was on
the authorities' radar. Later that week, The Jester imitated U.S. Homeland
Security and faked a takedown of his own website, complete with a fraudulent
seizure notice, prompting media calls to federal authorities. And recently, he
redirected some young hackers' attacks on his own website to the website of
Mossad, the Israeli intelligence and special operations agency.
It's all a far cry from targeting online jihadists. It
seems the military and the media have tried to turn The Jester into the poster
boy for cyber-espionage. But despite his noble intentions, The Jester seems
like a cyber-calamity waiting to happen.
No comments:
Post a Comment