A University of Pennsylvania junior is one of eight people charged in the latest phase of an FBI investigation into the criminal use of “botnets,” or collections of compromised computers under the remote control of a hacker.

Ryan Goldstein, 21, hijacked a university server—causing it to crash—as he helped a New Zealand hacker attack several online chat sites, the FBI has charged. Goldstein was angry that one of the sites had kicked him off after a dispute, according to the federal indictment.

Goldstein’s arrest earlier this month was one of several so-called “botnet” cases across the country announced by the FBI on Nov. 29, the same day that police agencies in New Zealand were executing related search warrants.

“Today, botnets are the weapon of choice of cyber criminals,” FBI Director Robert Mueller said in a statement. “They seek to conceal their criminal activities by using third-party computers as vehicles for their crimes.”

“They view it like a computer game without appreciating that it has real-world impact,” Assistant U.S. Attorney Michael Levy said. “There is an unreality to it.”

At Penn, reality struck on Feb. 23, 2006, when an engineering school server crashed after four days of intense traffic.

The server, which typically handles about 450 daily requests for internet downloads, had instead gotten 70,000 requests from the account of an unsuspecting Penn student over four days. Over time, the FBI followed an electronic trail from that student’s account to Goldstein’s screen name, “Digerati,” and a New Zealand hacker with the online handle “AKILL.”

The Goldstein case is part of a second round of FBI arrests this year of hackers who assume control of thousands of computers and amass them into centrally controlled clusters known as botnets. The hackers can then use the computers to steal credit card information, manipulate stock trades, and even crash industry computers, the FBI said.

The FBI estimates the economic losses from various botnet schemes at more than $20 million. Several people have been sentenced across the country, while a prominent member of the botnet underground recently entered a guilty plea in California, the FBI said.

Goldstein was indicted on Nov. 1. He has pleaded not guilty and was released on bail while awaiting a scheduled March 10 trial.

“We feel the charges are inflated,” defense lawyer Ronald Levine said Nov. 29. “We think this is kind of an exaggerated case.”

Goldstein did not return telephone messages left by The Associated Press on his cell phone and his parents’ home in Ambler, Pa. He remains enrolled at Penn, according to school spokesman Ron Ozio, who said he could not comment on any possible disciplinary action.

The crash shut down computers at Penn’s School of Engineering and Applied Sciences for a few hours days, but it did relatively little damage, Ozio said.

“It was inconvenient, but it wasn’t irreparable,” he said.

Goldstein, a bioengineering major, appears to be a bright, driven student, according to a resume posted on his Penn web page.

A 2005 graduate of Germantown Academy, a prestigious prep school in the Philadelphia suburbs, he has spent each summer since ninth grade working in a series of technology-related jobs or research positions.

He faces up to five years in prison and a $250,000 fine if convicted of the single count of conspiracy to commit computer fraud.

“The public is reminded once again that they can play a part in thwarting botnet activity,” said James Finch, assistant director of the FBI’s cyber division. “Practicing strong computer security habits such as updating anti-virus software, installing a firewall, using strong passwords, and employing good eMail and web security practices are as basic as putting locks on your doors and windows.”

Finch added: “Without employing these safeguards, botnets, along with criminal and possibly terrorist activities, will continue to flourish.”


University of Pennsylvania

FBI: Cyber Investigations