MafiaBoy was the Internet alias of Michael Demon Calce, a high school student from West Island, Quebec, who launched a series of highly publicized denial-of-service attacks in February 2000 against large commercial websites including Yahoo!, Fifa.com, Amazon.com, Dell, Inc., E*TRADE, eBay, and CNN. He also launched a series of failed simultaneous attacks against 9 of the 13 root name servers.
Calce was born in the West Island area of Montreal, Quebec. When he was five, his parents separated and he lived with his mother after she had won a lengthy battle for primary custody. Every second weekend he would stay at his father’s condo in Montreal proper. He felt isolated from his friends back home and troubled by the separation of his parents, so his father purchased him his own computer at the age of six. It instantly had a hold on him: “I can remember sitting and listening to it beep, gurgle and churn as it processed commands. I remember how the screen lit up in front of my face. There was something intoxicating about the idea of dictating everything the computer did, down to the smallest of functions. The computer gave me, a six year old, a sense of control and command. Nothing else in my world operated that way.”
On February 7, 2000, Calce targeted Yahoo! with a project he named Rivolta, meaning “riot” in Italian. Rivolta was a denial of service type of cyber-attack in which servers become overloaded with different type of communications to the point where they shut down completely. At the time, Yahoo! was a multibillion dollar industry and the web’s top search engine. Mafiaboy’s Rivolta managed to shut down Yahoo! for almost an hour. Calce’s goal was, according to him, to establish dominance for himself and TNT, his cybergroup, in the cyberworld. Buy.com was shut down in response. Calce responded to this in turn by bringing down Ebay, CNN, Amazon and Dell.com via DDoS over the next week.
In a 2011 interview, Calce tried to redeem his image by saying that the attacks had been launched unwittingly, after inputting known addresses in a security tool he had downloaded from a repository on the now defunct file-sharing platform Hotline, developed by Hotline Communications. Calce would then have left for school, forgetting the application which continued the attacks during most of the day. Upon coming home Calce found his computer crashed, and restarted it unaware of what had gone on during the day. Calce claimed when he overheard the news and recognized the companies mentioned being those he had inputted earlier in the day, and that he “started to understand what might have happened”.
The U.S. Federal Bureau of Investigation and the Royal Canadian Mounted Police first noticed Calce when he started claiming in IRC chatrooms that he was responsible for the attacks. He became the chief suspect when he claimed to have brought down Dell’s website, an attack that had not been publicized at that time. Information on the source of the attacks was initially discovered and reported to the press by Michael Lyle, chief technology officer of Recourse Technologies.
Calce initially denied responsibility but later pled guilty to most of the charges brought against him. His lawyer insisted the child had only run unsupervised tests to help design an improved firewall, whereas trial records indicated the youth showed no remorse and had expressed a desire to move to Italy for its lax computer crime laws. The Montreal Youth Court sentenced him on September 12, 2001 to eight months of “open custody,” one year of probation, restricted use of the Internet, and a small fine.
Matthew Kovar, a senior analyst at the market research firm Yankee Group, generated some publicity when he told reporters the attacks caused USD $1.2 billion in global economic damages. Media outlets would later attribute a then-1.45:1 conversion value of CAD $1.7 billion to the Royal Canadian Mounted Police. Computer security experts now often cite the larger figure (sometimes incorrectly declaring it in U.S. dollars), but a published report says the trial prosecutor gave the court a figure of roughly $7.5 million.
While testifying at a congressional hearing in Washington, D.C., computer expert Winn Schwartau said that “Government and commercial computer systems are so poorly protected today they can essentially be considered defenseless – an Electronic Pearl Harbor waiting to happen.” Whether it be banking, business or social networking, most people have various amounts of personal information online. Mafiaboy was the first to demonstrate how accessible this information is to the public and how easily it could be retrieved. The fact that the largest website in the world could be shut down by a 15 year old created widespread panic. By this time, the internet had already become an integral part of the North American economy. Consumers lost confidence in online business and the American economy suffered a minor blow as a result. Former CIA agent Craig Guent credits Mafiaboy for the significant increase in online security that took place over the decade.
- During the latter half of 2005, he wrote a column on computer security topics for Le Journal de Montréal.
- In late 2008, with journalist Craig Silverman, Calce announced he was writing a book, Mafiaboy: How I Cracked the Internet and Why It’s Still Broken.
- On October 26, 2008, he appeared on the television program Tout le monde en parle to discuss his book. The entire interview (in French) can be seen at the Télévision de Radio-Canada website. An English-language interview is available at: Mafiaboy interview on The Hour. The book received generally positive reviews.
- Michael appeared on a TV show, called as Last call with Carson Daily, Mafia Boy talks to Carson about his days as a hacker, how President Clinton became involved, and how it ultimately landed him in jail all at age 15.
Previous article courtesy of Wikipedia.