A Profile of Chicago Hacker Jeremy Hammond, and the Police Work That Captured Him
When Jeremy Hammond was 22—and just about to go to prison for computer crimes for the first time—Stuart Luman began a profile of the Hackthissite.org founder and Glenbard East grad, which concluded after he'd spent five months in prison for stealing credit-card information from the right-wing site Protest Warrior. One of his peers turned him in, providing chat transcripts in which Hammond inquired how to donate to liberal sites using the stolen information.
The case was a slam dunk for the government. Assistant U.S. attorney Brandon D. Fox, the prosecutor, says it is unusual to receive insider help from another hacker, and that, as a result, the trail of electronic evidence linking Hammond to the crime was considerable. "While Jeremy Hammond tried to make this about politics, we wanted to make this about what actually occurred, that he stole credit cards," said Fox. "I hope with prosecutions like Jeremy Hammond, which certainly got a lot of publicity in the hacker world, people see what can occur if you steal information or assets. You're going to be looking at a prison sentence."
One night at Filter, a coffee shop in Wicker Park, Hammond and I sat among tables of people tapping away at their laptops. He rationalized his actions with mangled quotations from the 1960s radical Weatherman, Plato's Republic, and 9/11 conspiracy theories. He finally admitted that if he had focused on civil disobedience instead of downright theft, he might have had more of a lasting impact and stayed out of jail. "They are going to rob me of some of the best years of my life," he said, his knee bouncing anxiously.
Now Hammond's back in the news again, for another hack gone awry and because another hacker again rolled on him. And again, Hammond went well beyond civil disobedience, as Ars Technica's Nate Anderson details in a lengthy true-crime blow-by-blow of the online stakeout that ensnared Hammond. It doesn't read like the true-crime journalism you might be used to, but on some level it's the same old police work in a new realm. Substitute hacker aliases for street names, and you have a good old-fashioned criminal investigation:
But the raid had, in fact, already happened. CW-1 was "Sabu," a top Anon/LulzSec hacker who was in real life an unemployed 28-year old living in New York City public housing. His sixth-floor apartment had been visited by the FBI in June 2011, and Sabu had been arrested and "turned." For months, he had been an FBI informant, watched 24 hours a day by an agent and using a government issued laptop that logged everything he did.
The FBI controllers behind Sabu must have found it grimly humorous to tease sup_g with threats of arrest, but they were also using Sabu's chat for a more serious purpose—correlating the many names of sup_g.
In the log above, note how Sabu suddenly addresses sup_g by a new name, "anarchaos." It would turn out that sup_g went by many names, including "anarchaos," "burn," "yohoho," "POW," "tylerknowsthis," and "crediblethreat."
"sup_g" was Jeremy Hammond, and like the first time he got busted, he's alleged to have gone well beyond his stated desire for civil disobedience:
"The sheer amount of destruction we wreaked on Stratfor's servers is the digital equivalent of a nuclear bomb," it said. "We rooted box after box on their intranet: dumping their mysql databases, stealing their private ssh keys, and copying hundred[s] of employee e-mail spools... We laid waste to their web server, their mail server, their development server, their clearspace and srm intranet portal and backup archives."
In other words, they didn't just break in and steal the valuables; they trashed the place in order to send a message. Like a lot of hackers, he combines brains, idealism, and stupidity in equal measures. And he got burned again:
That evening, I caught up with Hammond in front of the flower shop. He bragged about a current scheme involving Kinko's cards, which he had hacked so they would grant free copies. He fanned the cards in front of me as if he were performing a magic trick. Then he pulled from his pocket a San Francisco Bay Area Rapid Transit pass. "I can clone these so easily," he boasted.
If the police had known that Hammond had spent the day teaching hacking to anyone who wanted to learn, they probably would have thrown him in jail, since, as part of his bail agreement five months before, he wasn't supposed to go near computers. Not to mention that he was smoking joints, despite court-ordered drug tests while he awaited sentencing. But Hammond was the type who seemed to relish what he was facing. "I've wanted to play an electronic Robin Hood," he said. "If you're going to play this game, you've got to be willing to pay."
These days Hammond spends most of his time at his Mac technician job and working on the next issue of "Hack This Zine," a print and online zine he started earlier this year for hacktivists. He says his days of scuffles and handcuffs are behind him. "I'm still raising a ruckus," he says, gamely raising a fist, but then adds, "I'm not, like, involved in any direct action or any illegal or questionable activities."
Photographs: Jim Newberry/Chicago Tribune