Hacker to fight extradition to US

LONDON -- A Briton wanted in the United States for what US authorities call the biggest successful hacking effort against American military computer networks was freed on bail yesterday after a court appearance.

Gary McKinnon, 39, allegedly accessed 97 US government computers between February 2001 and March 2002, causing $700,000 in damages. Officials said two years ago that no classified material was obtained.

Lawyers for McKinnon, first arrested nearly three years ago and then released, but arrested again Tuesday, said he would fight extradition. It was not immediately clear why US officials took so long to seek extradition, but it is rare to ask foreign governments to hand over defendants in computer-crime cases. In previous major cyber crimes, such as the release of the ''Love Bug" virus in May 2000 by a Filipino computer student and attacks in February 2000 by a Canadian youth against major American commerce websites, US authorities waived interest in extraditing hacker suspects.

McKinnon's lawyer, Karen Todner, confirmed a report McKinnon was motivated by a desire to expose the ease with which a civilian could breach government computers and by a strong conviction that the US government was concealing evidence of UFOs.

Janet Boston, acting for the US government, told Bow Street Magistrates' Court that McKinnon installed unauthorized software on computers used by NASA, the Defense Department, the Army, Navy, and Air Force that permitted him to ''completely control the computers" and in one instance, ''the US Army's military district of Washington network became inoperable."

US prosecutors said McKinnon hacked into military computers nationwide running Microsoft Windows software that were left vulnerable by a design flaw for which Microsoft had issued repairs three years earlier. After each break-in, McKinnon discovered computer accounts with passwords the same as each employee's username then installed popular remote-control software called ''RemotelyAnywhere."

But McKinnon blundered by supplying his girlfriend's e-mail address when he downloaded his copy of RemotelyAnywhere, leading authorities to him.

Police arrested the former computer engineer, known online as ''Solo," at his home Tuesday.

When the case was first revealed in late 2002, US officials said McKinnon faced up to 10 years in prison plus fines of $250,000 on each of eight counts.

British prosecutors concluded that while Britain could have jurisdiction, it would be impractical to try the case there.