Brian Salcedo (b. 1983) was convicted in 2004 of conspiracy to commit wire and computer fraud in violation of 18 U.S.C. § 371 for accessing the Lowe's home improvement chain's unsecured wireless LAN. Nineteen year old Brian Salcedo was charged with accessing the unsecured computer system at the Southfield, Michigan Lowe's store and installing a program to capture credit card numbers used during transactions. Lowe's and the FBI, acting on a tip, claimed they allowed and monitored the activity and that six credit card numbers were captured. They further claimed that the crime could have caused more than $2.5 million in damages. Although Salcedo did not obtain the credit card numbers, he was charged with 16 counts of wire fraud and unauthorized intrusion with a probable prison term of 150 years. He pled guilty to reduced charges as part of a plea bargain and he was sentenced to 9 years in federal prison. The government claims that at the time of its imposition, Brian Salcedo's sentence was the longest federal prison sentence ever given for a computer-related offense. Prior to Salcedo's 108-month sentence, Kevin Mitnick's 68-month sentence was the longest. Brian Salcedo appealed his sentence, arguing that the actual damage incurred, not potential damages should have be used to determine his sentence. His appeal was denied by the U.S. 4th Circuit Court of Appeals on July 10, 2006.

The crime

In the spring of 2003, Adam Botbyl and then-roommate Paul Timmins were war-driving in the Detroit suburb of Southfield, Michigan. They were both members of the Michigan 2600 scene. In a Lowe's parking lot, Paul Timmins connected to a wireless access point and tried to check his e-mail on his laptop. Only after their proxy server refused to connect, Timmins realized he was connected to a corporate network and promptly disconnected.

On October 25, 2003, at 11:20 p.m, Botbyl returned to Lowe's, this time with Brian Salcedo who was then on probation for hacking Ann Arbor, Michigan non-profit internet provider Arbornet between the time span of March and June 2000. Over the next few weeks Salcedo hacked into the Lowe's corporate network while Botbyl acted as the driver. Salcedo hacked into at seven other Lowe's locations around the country, in Kansas, North Carolina, Kentucky, South Dakota, Florida, and two stores in California. At the Long Beach, California and Gainseville, Florida locations, Botbyl and Salcedo modified a proprietary piece of software called "tcpcredit" that Lowe's used to process credit card transactions and installed a backdoor so that the pair could retrieve the credit card numbers. The pair was planning to drive over the border to Canada and then flee to Turkey, which at the time had no extradition laws for computer crimes.

The intrusion was initially discovered by Lowe's Corporate Security when a shipping and receiving user logged in at a compromised store terminal and received a shell prompt instead of their interactive menu system. At the time Lowe's terminals were running a modified version Red Hat Linux 6.0 with a AS/400 client. Lowe's and the FBI traced back-logs of telnet sessions to the Southfield, MI store, where the FBI started to notice the white 1995 Pontiac Grand Prix with antennas on the roof. Coincidently enough no external antennas were used in the commission of the crime. One antenna was for the Sirius Satellite Radio Network and the other was a 2.4GHz omni-directional that was broken.

Rather than Lowe's Network Administrator taking the basic security precaution of turning on WEP encryption, the FBI was contacted to help with their basic security mistakes. Security researcher Mark Loveless opined that Lowe's may have brought this hacking upon themselves due to the lack of security.

Before the FBI closed in, Timmins tried to dissuade Salcedo & Botbyl from hacking Lowe's. Despite this Timmins pled guilty to a federal misdemeanor for accessing a wireless access point. Cyberlaw attorney Jennifer Granick did not agree with this charge, stating that Timmins did not do anything illegal; she stated, "Using an open wireless access point isn't the same thing as using a computer illegally."

References

"Wardriving guilty plea in Lowe's wi-fi case" SecurityFocus, August 5, 2004. Article

"Wardriver pleads guilty in Lowe's WiFi hacks," SecurityFocus, June 4, 2004. Article

"Judgement in a Criminal Case, 5:03CR53-01, Western District of North Carolina" December 15, 2004. Judgement in a Criminal Case

Poulsen, Kevin. "Crazy-Long Hacker Sentence Upheld." July 11, 2006, Wired. Appeal of Sentence Denied

Wireless hacking bust in Michigan

External links

Brian Salcedo's website