SAN DIEGO — A computer security specialist who claimed he hacked into top-secret military computers to show how vulnerable they were to snooping by terrorists was arrested and charged Monday with six felony counts that could bring a 30-year prison sentence.
Brett Edward O'Keefe, 36, president of ForensicTec Solutions, a start-up company here, is accused of hacking into computers of the Navy, the Army, the Department of Energy, the National Aeronautics and Space Administration and several private companies.
Before his arrest, O'Keefe told reporters that he had hacked into the computers to drum up business for his fledgling company and to show that the nation's top military secrets are not safe, despite pronouncements that security has been tightened since the terrorist attacks of Sept. 11, 2001.
"All I wanted to do was to show America how weak our computer defenses are," O'Keefe said. "My hope was that, if I embarrassed the government, they would tighten up their precautions."
But Assistant U.S. Atty. John Parmley said O'Keefe could have indicated that the computers were vulnerable to hacking without going in and downloading information.
"It's like going down the street and jiggling doors to see if they're open," Parmley said. "That's one thing. But if you go and start taking things, that's different."
O'Keefe is charged with conspiring with two employees to gain unauthorized access to the computers of government agencies, the military and private companies and to obtaining information from those computers for financial gain. The two employees of his company pleaded guilty in federal court last week and agreed to assist the prosecutors.
Bruce Schneier, chief technical officer of Counterpane Internet Security Inc., based in Cupertino in Northern California, said the ease with which military computers can be hacked into is not a secret.
"The military uses the ... technology that everybody else does," said Schneier, author of the book "Beyond Fear: Thinking Sensibly About Security in an Uncertain World." Schneier called O'Keefe's explanation "the classic defense" of the hacker: that he was hacking into computers only to show how easy it is.
"While it's a kind of a defense, it doesn't make a lot of sense," Schneier said. "Nobody asked these guys to do this."
