Don't Make Gonzalez Another Famous Ex-Hacker
I've been following the criminal history of Albert Gonzalez since he first broke onto the scene back in 2006 and was paraded around by the Secret Service as their "big hacker" turned informant.
Whatever the outcome of the sentencing that Gonzalez faces on Thursday and Friday - I'm hoping for a long prison term. A long sentence will be the first step to pay back the millions of dollars to the millions of people and thousands of businesses he has affected through his crimes. What I'm hoping for as the final chapter for this hacker is that no one steps up and makes this person famous for his criminal exploits.
His sentencing will be covered extensively in the information security and IT press, but will it set a precedent not just in the amount of time he'll have to serve, but also the way that the IT community looks upon him and his kind?
Another ex-hacker, Kevin Mitnick, is now looked upon as a rock star figure, enjoying speaking engagements, sitting on security panels with others at major conferences. Frank Abagnale, the first social engineer that drove the feds crazy with his check fraud and deceptions, has since become part of the solution, cooperating with the FBI, training the staff to detect a fake check and track paper hangers.
Yes, both of these criminals gained some fame and a little fortune from their crimes. But Mitnick nor Abagnale didn't inflict the kind of damage that Gonzalez and his cohorts did. In this case, the glorification of the bad guy, making him into a celebrity isn't in the industry's best interest. Why? By making him famous after he gets out, we're sending the message that hacking, even if caught, makes one famous, and, possibly rich, either by speaking engagements, consulting or writing a book.
Gonzalez isn't like Abagnale, an engaging rogue, or Mitnick, who is touted as a younger version of the character Abagnale was in "Catch Me If You Can." There isn't anything lovable about Gonzalez at all, despite what his family and friends are trying to do in the courts, pleading with the judge that he's got addictions to drugs and alcohol and suffers mental problems, including Asperger's Disorder.
No, I'm not buying the excuses that his family and friends are putting forward. Not only did he make his life a criminal enterprise, but then when he got caught by the Secret Service, he didn't repent. When he gained their trust and became an informant, he kept going and was the ringleader of the biggest breaches on record: TJX, Hannaford and especially the Heartland Payment Systems hack. Look into the dark, sullen eyes of his arrest photo, and you're looking into the soul of a calculating hacker who inflicted harm with great malice and a well-thought out plan. There is no chance of him being reformed. He had his chance when he was an informant, and his track record of breaches shows his lack of remorse.
Let's not have him be greeted with a made-for-TV movie script, a book offer and speaking engagements when he gets out. We can hope the judge gives him 25 years to life. Should he get paroled after a period of time, here's hoping that he finds no one greeting him with any offers that allows him to become a celebrity because of his criminal history, and that he will be hounded to pay court-ordered restitution from whatever sorry job he manages to get for the remainder of his life.
Let's not make him famous for fraud.