Report: Hacker infiltrated government computers
U.S. military installations, laboratories, and NASA hit last year
WASHINGTON (CNN) -- The FBI confirmed Tuesday the accuracy of a New York Times report that software on routers, computers that control the Internet, were compromised last year by a hacker who claimed that he had infiltrated systems serving U.S. military installations, research laboratories, and NASA.
The Times reported, and the FBI confirmed, that the focus of the investigation is a youth in Uppsala, Sweden, who has been charged as a juvenile.
The FBI said it is unclear to U.S. authorities what, if anything, can be done to prosecute the youth for violating U.S. laws.
The Times reported that the youth did not devise a new kind of attack but cleverly organized computers, automating the theft of computer log-ins and passwords.
The Times reported that the attacks were detected by workers at research labs who saw that software on Cisco computer routers, part of the backbone of the Internet, had been compromised.
In May 2004, a portion of Cisco's Internetworking Operating System (IOS) code was illegally copied and posted on the Internet.
"Cisco enlisted the help of many law enforcement agencies after the incident which occurred prior to May 15, 2004," the company said in a statement posted on its Web site.
"We are aware that a person has been detained in Sweden related to the IOS source code theft and are encouraged by this action," the statement said.
After the May breach, Cisco said it believed that the publication of the information did not create an increased risk to its customers.
The Times also reported that a California researcher got taunting messages from the hacker, who called himself "Stakkato," claiming to have infiltrated computer systems at the Patuxent River Naval Air Station in Maryland, the White Sands Missile Range in New Mexico, and NASA's Jet Propulsion Laboratory in Pasadena, California.
Officials at some of those facilities confirmed to the Times that their computers had been breached but said the information obtained was insignificant.
Larry Furrow, a spokesman at White Sands Missile Range in New Mexico, told CNN there was only one known break in at the facility.
He said the incident took place in April 2004 when an individual or group gained access to White Sands' weather forecasts. Furrow said White Sands needs timely, local forecasts as part of their testing program, but the information is not classified.
However, the weather data was stored on internal computers. He said precautions have since been put in place. "We determined it right away, and we fixed it right away," Furrow said. "We don't consider it a breach of sensitive information."
Furrow said White Sands has not experienced any subsequent attacks. Furrow also said the origin of the hack is not clear and could not confirm reports of the Swedish teenager's involvement.
The first invasions were publicly reported in April of last year.
CNN's Daniel Sieberg contributed to this report.