Prosecution presents case in hacker trial

The trial of Pirate Bay co-founder Gottrid Svartholm Warg and his Danish co-defendant began with an almost immediate delay followed by the surprise showing of a hitherto unseen video of the hacker known as anakata.

Prosecution presents case in hacker trial
Gottfrid Svartholm Warg. Photo: Simon Klose/WikiCommons
After what amounted to a false start, the largest hacking case in Danish history launched on Tuesday with the prosecution showing as yet unseen footage of the squalid state in which Pirate Bay co-founder Gottfrid Svartholm Warg was living in Phnom Penh when Cambodian Police raided his apartment in 2012.
The home-video style footage, shot as police arrested Warg, shows the dirty mattress on the floor, where the 29-year-old hacktivist was sleeping, and cans and other rubbish piled high in every corner.
Warg is shown looking slightly pathetic and painfully thin, puffing in an eccentric mechanical fashion on a cigarette.
Anders Riisager, the deputy public prosecutor, gave no rationale for showing the footage, saying only that they would "come back to his later", but the video's surprise appearance confounded police critics who have claimed they have discovered no new evidence in their 15-month investigation.
Warg and his 21-year old Danish co-defendant are accused of hacking into Danish computer mainframes operated by US IT giant USC, stealing social security numbers from Denmark's national driving licence database, illegally accessing information in a Schengen Region database and hacking into police email accounts.
In his introduction, Riisager painted the intrusion in the most dramatic terms.
"Let me start a bit untraditionally with what the case is not about," he began his address. "This case is not about free speech, but the biggest hacker attack on police records."
"There is no evidence that data on CSC was changed," he said. "But with such large volumes, one can never be certain. My criminal record could have been changed to say that I am a murderer."
Riisager argued that  "Warg is probably a genius with a computer, even he will probably not deny that. A simple Google search also shows that Warg, also known as anakata, is known both as an IT specialist and hacker."

Maria Cingali, the other prosecutor, then took the jury through the technical evidence.
As well as the many files and logs linking Warg's computer to the intrusion at CSC, she revealed that the hacker had run searches on the criminal register for Warg's date of birth, for WikiLeaks founder Julian Assange, and for two Swedish criminals.
Although the police remained unable to break the encryption on the laptop seized from the 21-year-old co-defendant, she said, there was still significant evidence on the unencrypted parts of the disc.
Police found flight confirmation details showing that the security consultant had flown to Cambodia in March 2012, a month before the data intrusion began.
Cingali also showed excerpts of chat logs between two hackers using the nicknames "My Evil Twin" and "Advanced Persistent Terrorist Threat", who Danish police believe to be Svartholm and his Danish co-defendant respectively.
In the chats, in which they discuss hacking CSC's database, Advanced Persistent Terrorist Threat reveals that he was was born in 1993, speaks Danish, used to work for PriceWaterhouseCoopers, and has a grandfather who was part of the group that developed the original CPR registry, all of which point towards the 21-year-old.
According to Cingali, the unencrypted parts of the drive also held a special control system that can be used to access CSC-systems, as well as a guide to how this mainframe could be hacked.
Warg is expected to argue, as he did in the related Swedish case in 2013, that the Macbook computer seized at his flat in Cambodia in August 2012, which contains much of the incriminating information for both cases, was a server he shared with several other people.
One of those others, he claims, probably accessed the computer remotely and then used it to carry out the intrusion.
Sweden's Appeal Court ruled in 2013 that the prosecution had not provided sufficient evidence to rule out the possibility of remote control, as a result clearing Warg of hacking into the Scandinavian bank Nordea.
In his opening statement Riisager contradicted the Swedish court's findings.
"Technical studies indicate that the computer was rebooted 172 times during the critical period, which should have prevented any remote control, and technical studies find no evidence that the remote control has taken place," he said.
"The Centre for Cybercrime, which among others has helped to investigate the computer, has stated in its conclusions that they find it very unlikely that remote control happened," he added.
Tuesday's hearing was delayed almost as soon as it began, after the defence objected to what they called a "deliberate" and "tactical" attempt by the prosecution a new 27-page document, and a USB stick containing 92 slides the defence complained were confusing and made unwarranted assumptions in the case. After the prosecution agreed to discard the disputed slides, the case went ahead after lunch.

Member comments

Log in here to leave a comment.
Become a Member to leave a comment.


Denmark like a ‘banana republic’ in hacker case

Activist and writer Peter Kofod argues that the trial of Swedish Pirate Bay founder Gottfrid Svartholm Warg represented a total failure on the part of the Danish police and legal system.

Denmark like a 'banana republic' in hacker case
Gottfrid Svartholm Warg was sentenced to 3.5 years in prison, but has appealed the decision. Photo: Bertil Ericson/Scanpix
Swedish Pirate Bay Founder (and WikiLeaks-volunteer) Gottfrid Svartholm Warg, also known as Anakata, and a young Danish computer specialist were convicted on Thursday in what has been called the biggest hacking attack in Danish history. The two young men are charged with hacking the US-based company CSC, which contracts for the Danish state. CSC, among other things, is supposed to handle highly sensitive data about citizens in Denmark: social security numbers, driving licences and the database containing information about European Arrest Warrants. 
Both suspects have been held in remand under miserable and highly problematic conditions since 2013. Prior to his arrest, Anakata was dragged through a very similar case in Sweden, in which he was found not guilty of hacking into Nordea. 
What happened in court on Thursday was a full frontal assault on Denmark as a country with a rule of law. Two individuals were convicted of serious crimes without a shred of evidence of their guilt being presented in court. At this point I should clarify: I’m NOT saying they’re innocent – or that they’re guilty. I have no way of knowing and in principle it doesn’t matter at all. What’s important is, that NOBODY can know, because no evidence has been presented proving that they are guilty as charged. We’re in banana republic territory here. 
For instance, the leading judge said in court that when it came to the most crucial technical detail in the case – Anakata’s claim that his computer was remotely accessed – the defendant couldn’t prove his innocence. That’s absolutely insane. People aren’t supposed to have to prove their innocence. In a civilised country, people can be convicted if – and only if – the prosecution is able to prove beyond any reasonable doubt that they are guilty. That simply didn’t happen here in Denmark on Thursday. 
Somehow they nevertheless got away with it, perhaps because the case is of a technical nature (hacking, remote access and other geeky stuff) and because the case has been framed so as to show that the defendants are a couple of nasty bastards. Both matters naturally should be of no consequence. It doesn’t matter if a case is highly technical – or if the defendants are paedophiles, Nazis or communists. One should still have the right to a fair trial. In this case, the two defendants simply didn’t get that. 

Instead we’ve seen police and prosecution lie to parliament about hugely important matters in the case. 

We’ve seen the police lie to the judge in court (minutes after being told that they had the duty to tell the truth). They even got caught lying, but suffered no consequences at all.
We’ve also seen that CSC, which is getting rich taking care of all of our sensitive data, has been so extremely poor at securing their systems (or so indifferent) that a bunch of monkeys with typewriters would’ve been able to do a better job. In short: it didn’t take a ‘super hacker’ to get access to the systems.

Whatever else is true in this shameful show trial, one thing is crystal clear: CSC should be facing prosecutions as well. And they will. 

Finally we’ve seen that the Danish police were awfully negligent in investigating what everybody in Denmark says is the most important case of its kind ever:  They sat on their hands for eight months after Swedish police told them that CSC was being hacked and begged them to take action. Afterwards the Danish police lied to parliament and the court about it. They also let CSC investigate the crime instead of doing it themselves. The same CSC that is a key part to the case. The same CSC that has everything to hide because the company would love to extend its lucrative contracts with the Danish state. When was the last time a private company was allowed to investigate themselves? It’s absurd!

If I call the police and claim that my neighbour killed my wife, I don’t think the police will rely exclusively on my version of events. I certainly don’t hope so. I’d want them to first of all check IF my wife is indeed dead. If she is, hopefully they’ll investigate all leads, both those pointing to our neighbour as the perpetrator and those pointing towards other suspects (including myself).  
But that hasn’t happened in this ‘trial of century’. Instead the company has investigated their own systems while the police lied through their teeth and refused to look at anything relevant to the case except for the bits and pieces that could incriminate the two suspects. 
This is a full blown scandal – and it’s really, really important that the media, international as well as Danish, begin treating it as such. This IS a full frontal attack on the rule of law. Next time, the case might not be highly technical – and the suspects might not be people that can be considered weird, nasty bastards. Then we’re all fucked. 
Peter Kofod is a Danish writer, activist & musician.
 He was the first – and so far only – Scandinavian to interview NSA whistleblower Edward Snowden.
 Peter is currently writing his first book. 
You can follow him on Twitter at @peterkofod