I have always tried to support education and those institutions and as you may have noticed I often do class interactions, particularly with students from Utica College and University of Southern Maine. I am often told of ‘case studies’ and assignment tasks that tutors from many places of education set for students based upon my antics. It is a rare occasion that I ever get to see any of the papers, however a few days ago the following tweet popped up in my timeline:

I approached @MilkyCaramel014 and asked if I could take a look at his findings. It was a short paper and I think it was very well put together so in keeping with my policy of support for education, I asked for permission from him to post here on the blog and he kindly agreed. What follows is the paper (verbatim) – written for Mr John Kitzman’s Modern Military History class at Menomonie High School in Wisconsin, by student Dylan Jerald Harmston AKA @MilkyCaramel014

–Snip

Unmasking th3j35t3r – By Dylan Jerald Harmston

‘With great power comes great responsibility’-Uncle Ben.

Every superhero has a choice to make, to use the gifts and talents they are given for good, sacrificing everything in the process; or using their gifts for personal gain, gaining everything in return. Most of us will have this choice in our life also, but on a much smaller scale. Do we return the 20 dollars we found? Or do you keep it for yourself? Rarely does somebody have the power to alter the future on a grand scale. TH3J35T3R is one of the few. In this paper I will unmask TH3J35T3R, not physically but mentally and emotionally.

First we have to understand who ‘he” is. This is an impossible question because no one knows who ‘he” is. He hides behind a mask in this digital age. His privacy is what makes him powerful, and it’s from his privacy that he fights to protect yours. January 1, 2010 is a historic day for cyber warfare and the first that we hear of TH3J35T3R. Attacking a taliban website (alemarah.info) he would leave his mark on history. On June 26, 2010 he established his blog (Jester’s Court). One of the main reasons for this was imposters. In his recent letter to twitter, he asks for verification of his account. Not for more ‘followers” or to be popular but for the safety of those dumb enough to pretend to be him. Like all great people, you will have enemies. TH3J35T3R has a list longer than anybody. These aren’t just internet ‘trolls but high level organization that kill people everyday and want him dead. From the taliban to al qaeda, his “hate sheet” just makes his accomplishments so much more enjoyable. Even though he has some of the most dangerous men and women after him he still remains masked. Hiding in the shadows. In the day and age where people can know anything about anybody this is highly impressive.

Even though TH3J35T3R remains masked we do know some things about him. He is ex-military. On April 10, 2012, The Jester gave a live chat interview to a class of Computer Science students at the University of Southern Maine where he confirmed his military service. This brings up the question is he still working for the government? If you look at his attacks and the websites he has shut down, a majority of them have been terrorist organization. He actually stated “ I am motivated by the fact that previously… for a bad person to recruit a potential bad person…. teach them to make IEDs… or vests they had to meet which was great made them easier to spot now there is no need for a physical meeting. I am here to say – no guys – you ain’t gonna use the web to blow up my buds”. TH3J35T3R still working for a government is highly unlikely. I can not see any modern government flaunting their cyberattacks. I believe that he realized after seeing his friends die in combat that he could help the world better by wearing his mask. He believes in freedom of speech but not if that freedom risks the lives of innocent people.

“A small team of A players can run circles round a giant team of B and C players” (TH3J35T3R quoting Steve Jobs).

This explains why TH3J35T3R works alone. Most “hackers” now a days work in groups. Spend five minutes on TH3J35T3R twitter page and youwill see that he despises groups. It doesn’t mean he won’t work with anyone, it means he chooses not to. Lets take Anonymous for example, Anonymous is probably the most well known hacking group in the world. Their iconic fawkes masks from V for Vendetta are worn at every major protest. Yet TH3J35T3R despises them. Not for the fact that they take credit for his work, but for the fact that they have no structure, no leader and have permitted terrorists to join their group. TH3J35T3R believes in order. Without order there is chaos, and in chaos is where evil thrives.

Like every human being TH3J35T3R struggles with moral choices. One wrong decision and he can literally start a war, but one right decision and he can save our lives. The weight on his shoulders is tremendous but like every good athlete TH3J35T3R thrives under pressure. “I do wrestle with whether what I am doing is right. (TH3J35T3R 2010). He is not oblivious to the power he possesses. Which makes you think, what would you do? The thought is tempting that a click of a button could get me $45 million dollars, but I guarantee this thought has never crossed his mind. TH3J35T3R doesn’t even accept donations, all proceeds go to the Wounded Warrior Project. How he is funded is a mystery to me. (I like to think that he works at Mcdonalds and at night turns into a superhero, but this is highly unlikely.) The fact of the matter is, TH3J35T3R is probably a very good investor and invest his money to make maximum profit.

One question that has always been on my mind is “how does he do it”. Taking down a website, even though he makes it look easy is probably one of the toughest things to do. TH3J35T3R since the launching of his campaign has had over two hundred but probably closer to three hundred successful “tango downs” his trademark catchphrase when he crashes a website. (Every superhero needs a catchphrase). He has been responsible for the arrests of anonymous members. The arrest of lulzsec members. The attacks on Westboro Baptist Church “I draw the line in the sand…when they attempt to get in the face of the mourners of our military”. and probably my two favorites, the temporary shutdown of wikileaks and the cyber attacks on the North Korean government.

To this date the United States Government/Military has recognized TH3J35T3R as the one and only person to successfully take down the website Wikileaks. “TANGO DOWN – INDEFINITELY – for threatening the lives of our troops and ‘other assets’ (TH3J35T3R, 2010) In this press conference the U.S military acknowledged his existence and gives him credit for the “tango down”:

Skip to 28 Minutes 12 Seconds for the good stuff or click here to jump direct to it



Skip to 28 Minutes 12 Seconds for the good stuff or click here to jump direct to it

On March 29 TH3J35T3R launched an attack on the North Korean government, shutting down missile test sites, North Korea’s official airline and their national computer center. (Random fact: In North Korea there’s no Internet. Kwangmyong is a ‘national internet’ available to common people. It’s sole purpose is to feed propaganda to citizens.) How does TH3J35T3R do this? Normally to take down a website a ‘hacker” uses a “DDoS” (distributed denial-of-service attack) or a DoS attack ( denial-of-service attack). These attacks make the network unavailable to its users. It’s pretty much if a million people press refresh on the same web page over and over again. Hackers though have the ability to do this themselves. They use programs that route the attack through millions of computers leaving it relatively untraceable.

TH3J35T3R is different because unlike most hackers his programs are not open source software to the public. TH3J35T3R programs nicknamed XerXes and Saladin are specially made for his needs and his privacy. Not only can he take down targets fast and secretly but they stay down for long periods of time.To put it simply these are the average hackers programs on steriodes. The Michael Jordan of hacking kits.

If you want to know more about TH3J35T3R and his attacks or way of attacking I would highly recommend checking out, The Jester Dynamic: A Lesson in Asymmetric Unmanaged Cyber Warfare by: Major TJ O’Connor. This paper goes into great detail of his attacks and how he does it.

My conclusion on the TH3J35T3R is one of curiosity. It is weird doing a report on someone that a simple google search won’t bring up their entire life. It also makes me ask questions.

How safe are we?

Cyber attacks are a relatively new threat that the average citizen does not understand. It’s a scary thought that somebody could financially ruin you before breakfast and while they are still in their footy pajamas. It’s even scarier when you look at countries like China that launch cyber warfare on our government.

Is this an act of war?

What should the punishment be for a 15 year old boy that steals your private information?

Can we ban people from the internet? (Like the case of cosmo the 15 year old hacker that got banned until he is 21).

Does freedom of speech apply to the internet? If so can a Government censor it?

One of the biggest questions and one that TH3J35T3R has to think about everyday, if someone found out who he is, would he be charged with a crime?

Peace comes at a cost. It is the brave men and women that pay this so we do not have to. You can form your own opinion of TH3J35T3R, but this is more than that. This is the future of warfare, where one individual from his laptop can have more effect than soldiers on the ground and planes in the air. Literally one man can change the world for better or worst. Thats some great power. How would you handle the responsibility?

Scary thought.

–UnSnip

Thank you to Mr John Kitzman’s Modern Military History class at Menomonie High School and student Dylan Jerald Harmston AKA @MilkyCaramel014 for allowing me to help in the education and engagement of our up and coming cyber security professionals.

Stay Frosty

J.

.