Jesse Tuttle

Jesse Tuttle
Born	Cincinnati, Ohio, USA
Nationality	American
Other names	Hackah Jak Jak-Away
Occupations	Hacker Cyber Security Information security Software engineering Penetration tester
Years active	1994–Present
Organization	Chief Hacking Officer at Compliology
Known for	Hacker

Jesse Tuttle (also known as Hackah Jak) is an American tech consultant, Speaker, software engineer, and hacker, who is a former member of the hacking groups Hackweiser, Project China, and The Dispatchers. ^{[1] [2]}

Background

In 1994, Jesse Tuttle began his involvement in warez (pirated software) distribution. ^{[3] [4]} By 1995, he was engaged in reverse engineering software, discovering zero-day vulnerabilities, and vendor backdoors. ^[3] By 1996, he became active in the hacker and phreaker (phone hacker) communities. ^{[3] [4]} His activities expanded by 1999 when he started defacing websites to gain entry into different hacking groups. ^{[3] [4]}

Hackweiser

In 2000, Tuttle adopted the name "Hackah Jak" ^{[3] [4]} and joined the group Hackweiser, where he served as a website defacer ^{[5] [6]} and exploit developer ^[7] for the hacking group from 2000 to 2003.

Project China

In April 2001, Tuttle interviewed with the South China Morning Post ^{[1] [2]} after a U.S. Navy intelligence aircraft collided in mid-air with a Chinese interceptor fighter jet resulting in an international incident ^{[8] [9]} that unfolded to become a global decentralized hacktivist ^{[1] [2]} movement. The cyber incident was referred to as "The First World Hacker War" by the New York Times. ^[10] This cyber incident resulted in the release of the Code Red virus ^[11] that infected about a million servers and resulted in more than 2 billion dollars in damages. ^{[1] [2]}

Pentesting federal systems

In May 2001, the FBI raided Tuttle's residence for hacking a financial firm, ^[12] which led to him performing pentesting work for federal authorities. ^{[3] [13] [14] [15]}

The Dispatchers

On September 11, 2001, Tuttle founded the Dispatchers, a vigilante hacktivist ^{[1] [2]} movement in response to the September 11 attacks. By September 12, the collective of hackers was between 60 and 300 strong with participants from around the world. ^{[16] [17] [18] [19] [20] [21] [22] [23]}

Tuttle's stated mission was the disruption of Osama bin Laden’s network, Al-Qaeda, and the collection of intelligence to benefit US counter-terrorism operations. ^[19]

The Dispatchers was a decentralized group of hacktivists and was described as "having groups working on different projects", ^[19] a similar organizational framework later used by the hacker collective known as Anonymous. ^[24]

Tool developer

Tools developed by Tuttle have been utilized by both hackers and forensic teams associated with the Federal Bureau of Investigation (FBI) and the National Infrastructure Protection Center (NIPC) in investigations of compromised US military systems. ^[7]

Investigated by Department of Defense

In 2002, the Department of Defense investigated Tuttle for hacking U.S. Military systems as part of his work for federal authorities. ^{[3] [4]}

Legal Battle: 2003 – 2007

Early in 2003, the FBI enlisted his help on a human trafficking case involving a child sex trafficking ring. ^{[3] [12]} In May 2003, local police arrested Tuttle on charges of hacking Hamilton County Ohio Government Computer Systems, which he denies. ^{[3] [25]}

In June 2003, Tuttle was indicted on 16 felony charges, six counts of unauthorized use of government property, ten counts of possessing sexually oriented material involving a minor, and faced 86 years in prison. ^{[26] [27]} These allegations arose from accusations that Tuttle hacked into the Hamilton County government and Sheriff's computer systems.

During the proceedings, the evidence against Tuttle was scrutinized. Judge Thomas Crush went on the record and said "he had no proof that Tuttle had done anything wrong..." ^[27]

In August 2003, Tuttle was placed on pre-trial electronic monitoring house arrest to prevent him from attending a conference in Las Vegas. ^{[27] [28]} By July 2005, reports indicated that investigative errors and questionable legal procedures had delayed his trial. ^{[29] [12]} Later in 2007, it was reported that Tuttle had spent more than four years on pre-trial house arrest. ^{[30] [31]}

FBI Collaboration and Defense

FBI Agents and Federal Prosecutors met behind closed doors with Judge Thomas Crush, the judge presiding over Tuttle's case. Court records and other sources also revealed he had been working with the FBI since 2001. ^[15] This cooperation, initiated in the wake of the September 11 attacks, ^{[13] [14]} aimed to safeguard sensitive computer systems against cyber threats.

Through court filings and the recording of Tuttle's interrogation, it was disclosed that Tuttle was also working with the FBI and Assistant U.S. Attorney's Office to bring down a human trafficking network. ^[12]

In 2003 Hamilton County Prosecutors accused Tuttle of being "delusional" and deny claims that Tuttle had any connections with the FBI. ^[27]

In 2007, Hamilton County Prosecutors acknowledged for the first time that Tuttle had deep connections within the FBI and that Tuttle worked for the FBI however insisted that doesn't give Tuttle permission to break the law. ^{[30] [31]}

In 2016, Michael German, a former undercover FBI agent reviewed details about Tuttle's case and said in an interview "The program (Confidential Human Source Program) is a matter of making sure that the illegal activity an informant is involved in is actually authorized". He went on to say "It’s not that we’re ignoring these crimes; it’s that we’re letting the informant engage in the criminal activity for the purpose of furthering our investigation". "If I’m committing this activity that would otherwise be criminal, but I’m not doing it for a criminal purpose, I’m doing it for a law enforcement purpose, it really isn’t criminal activity after all". ^[32]

Mentions in Books

The following books contain references to Tuttle under the alias of Hackah Jak.

• Michael Hall and Brian Proffitt, The Joy of Linux: A Gourmet Guide to Open Source, 2001, Prima Publishing. (Page 142) ^[33]
• Paul Price, Ashley S. Timmer, Craig J. Calhoun, Understanding September 11, 2002, New Press. (Page 191) ^[34]
• Michael E. Whitman and Herbert J. Mattord, Principles of Information Security, 2003, Thomson Course Technology. (Page 492) ^[35]
• Dorian J. Cougias, E.L. Heiberger, and Karsten Koop, The Backup Book: Disaster Recovery from Desktop to Data Center, 2003, Schaser-Vartan Books. (Page 246) ^[36]
• Michael E. Brown, Grave New World: Security Challenges in the 21st Century, 2003, Georgetown University Press. (Page 96) ^[37]
• Nitrozac and Snaggy, The Best of The Joy of Tech, 2004, O'Reilly. (Page 49) ^[38]
• Thomas J. Holt and Bernadette H. Schell, Corporate Hacking and Technology-Driven Crime: Social Dynamics and Implications, 2011, Business Science Reference. (Page 179) ^[39]
• Various, Proceedings of the 10th European Conference on Information Warfare and Security, 2011, Academic Publishing Limited. (Pages 12) ^[40]
• Srinidhi Ravi, Hackers that shook the world!, 2012, Asian School of Cyber Laws. (Page 126) ^[41]

System breaches

Tuttle has been involved in several alleged hacking incidents affecting various organizations and systems. These include the systems of the United States Air Force, ^[12] the United States Army, ^[42] the United States Navy, ^{[43] [12]} and NASA - National Aeronautics and Space Administration. ^[44]

Tuttle's activities allegedly included hacking corporate systems such as those of Acer Computer Systems Inc., ^[45] Sony Corporation, ^{[46] [47] [13] [14]} Comedy Central, ^{[13] [14]} Girl Scouts of the America, ^{[48] [12]} Jenny Craig, Inc., ^{[49] [47] [12]} Goodwill Industries, ^{[50] [51] [4]} Anheuser-Busch Budweiser, ^[47] and Jose Cuervo International. ^[52]

Tuttle also allegedly hacked into systems of government and educational institutions. These include Hamilton County Ohio Government Systems, ^[26] the Hamilton County Ohio Sheriff’s Office, ^[26] the Cincinnati Police Department, ^[26] the University of Cincinnati, ^[26] and Ohio State University. ^[53]

Quotes

• "This is the 21st century, the world of technology belongs to us (hackers)." – Jesse Tuttle, September 19, 2001 ^[16]
• "It's known that a country, even a Third World country, relies on computers and Internet access to get bank transactions and government work done, and if you cripple the Net in that country, that will cripple them (banks and government) as well." – Jesse Tuttle, September 19, 2001 ^[16]
• "I can in minutes code a scanner to scan the Internet for 2-year-old known vulnerabilities, I've hit a lot of workstations this way and then worked my way through the network to the server." – Jesse Tuttle, July 22, 2002 ^[54]
• “Do you shop online? E-mail? Chat? Would you like people to know what your e-mail says, what your chat conversations say? Your bank account numbers or credit card numbers? If not, invest in security for a computer.” - Jesse Tuttle, May 31, 2003 ^{[1] [2]}

See also

• September 11 attacks
• Hainan Island incident
• Code Red (computer worm)

References

1. Lasker, John (2003-05-31). "Arrest brings hacker out of shadows". The Cincinnati Post. p. 01. Archived from the original on 2024-06-21. Retrieved 2024-05-31.
2. Lasker, John (2003-05-31). "Arrest brings hacker out of shadows". The Cincinnati Post. p. 06. Archived from the original on 2024-06-21. Retrieved 2024-05-31.
3. Passett, Alex (2024-02-23). "The Story of Hackah Jak: Compliology's Chief Hacking Officer Jesse Tuttle Takes the Stage at ITEXPO 2024". Cloud Computing Magazine. Archived from the original on 2024-06-25. Retrieved 2024-06-21.
4. Tavarez, Greg (2024-02-20). "Compliology's Jesse Tuttle Shares His Story During Keynote at ITEXPO 2024". MSP Today Magazine. Archived from the original on 2024-06-25. Retrieved 2024-06-21.
5. "Attrition Defacement Mirror". attrition.org. Retrieved 2024-02-12.
6. "Zone-H Defacement Archive". zone-h.org. Retrieved 2024-02-12.
7. Hines, Eric "Loki" (2002-01-04). Forensic Analysis Without an IDS: A Detailed Account of Blind Incident Response (PDF) (Report). Archived from the original (PDF) on 2024-06-25. Retrieved 2024-06-21.
8. Zetter, Kim (2017-04-10). "Snowden Documents Reveal Scope of Secrets Exposed to China in 2001 Spy Plane Incident". The Intercept. Archived from the original on 2017-04-10. Retrieved 2024-06-26.
9. Naval History and Heritage Command (2021-08-18). "Collision, Crew Detainment and Homecoming". Naval History and Heritage Command. Archived from the original on 2024-05-28. Retrieved 2024-06-26.
10. Smith, Craig S. (2001-06-13). "The First World Hacker War". The New York Times. Archived from the original on 2011-04-10. Retrieved 2024-06-21.
11. Meinel, Carolyn (2002-10-28). "Code Red: Worm Assault on the Web". Scientific American. Archived from the original on 2016-08-20. Retrieved 2024-06-21.
12. Flannery, Gregory; Blade, Leslie (2005-06-15). "Cover Story: The Wild, Wild Web". City Beat. Archived from the original on 2024-02-13. Retrieved 2024-02-12.
13. Horn, Dan (2003-07-28). "Hacker claims he was working for FBI". The Cincinnati Enquirer. p. 1. Archived from the original on 2024-06-25. Retrieved 2024-02-12.
14. Horn, Dan (2003-07-28). "Hacker: He uses FBI as defense". The Cincinnati Enquirer. p. 6. Archived from the original on 2024-06-25. Retrieved 2024-02-12.
15. Horn, Dan (2003-08-06). "FBI meets with judge in hacker case". The Cincinnati Enquirer. p. 22. Archived from the original on 2024-06-25. Retrieved 2024-02-12.
16. Graham, Jefferson (2001-09-19). "Hackers strike Middle Eastern sites". USA Today. Archived from the original on 2002-03-20.
17. Denning, Dorothy E. (2001-11-01). "Is Cyber Terror Next?". Social Science Research Council. Archived from the original on 2021-04-13. Retrieved 2024-02-12.
18. Denning, Dorothy E. (2003). "Information technology and security". Academia. Archived from the original on 2024-06-26. Retrieved 2024-06-26.
19. Peterson, Shane (2001-09-22). "EXCLUSIVE: Crackers Prepare Retaliation for Tuesday's Terrorist Attack". Government Technology. Archived from the original on 2001-09-22.
20. Graham, Jefferson (2001-10-15). "War on terror breeds patriotic 'hactivists'". The Indianapolis Star. p. 28. Archived from the original on 2024-06-26. Retrieved 2024-06-26.
21. Graham, Jefferson (2001-10-10). "America on Alert: Hackers attack sites in Mideast". The Cincinnati Enquirer. p. 67. Archived from the original on 2024-06-26. Retrieved 2024-06-26.
22. Lasker, John (2002-05-14). "Hacktivist wage war". The Buffalo News. p. 39. Archived from the original on 2024-06-26. Retrieved 2024-06-26.
23. Lasker, John (2002-05-14). "Hacktivists: Political attacks on the rise". The Buffalo News. p. 40. Archived from the original on 2024-06-26. Retrieved 2024-06-26.
24. Huddleston Jr., Tom (2022-03-25). "What is Anonymous? How the infamous 'hacktivist' group went from 4chan trolling to launching cyberattacks on Russia". CNBC. Archived from the original on 2022-03-25. Retrieved 2024-06-21.
25. Lasker, John (2003-05-31). "County among hacker's victims". The Cincinnati Post. p. 6. Archived from the original on 2024-06-26. Retrieved 2024-06-26.
26. Mungin, A. Scott (2003-06-13). "Hacktivist to face 2 charges". The Cincinnati Post. p. 20. Archived from the original on 2024-06-25. Retrieved 2024-02-12.
27. Perry, Kimball (2003-08-02). "Hacker suspect: I work for FBI". The Cincinnati Post. p. 8. Archived from the original on 2024-06-25. Retrieved 2024-02-12.
28. Perry, Kimball (2003-08-01). "Prosecutors seek higher bond in hacker case". The Cincinnati Post. p. 12. Archived from the original on 2024-06-25. Retrieved 2024-02-12.
29. Blade, Leslie (2005-04-06). "News: Virtual Crime". City Beat. Archived from the original on 2022-05-28. Retrieved 2024-06-21.
30. Horn, Dan (2007-06-17). "House arrest now at 4 years". The Cincinnati Enquirer. p. 22. Archived from the original on 2024-06-25. Retrieved 2024-02-12.
31. Horn, Dan (2007-06-17). "Tuttle: Set record with 4-year house arrest". The Cincinnati Enquirer. p. 25. Archived from the original on 2024-06-25. Retrieved 2024-02-12.
32. Cameron, Dell; O'Neill, Patrick Howell (2016-08-23). "FBI authorized informants to break the law 22,800 times in 4 years". The Daily Dot. Archived from the original on 2020-05-08. Retrieved 2024-02-12.
33. Hall, Michael; Proffitt, Brian (2001). The Joy of Linux: A Gourmet Guide to Open Source. Roseville, California: Prima Publishing. p. 142. ISBN   0-7615-3151-3 . Retrieved 2024-06-26.
34. Price, Paul; Timmer, Ashley S.; Calhoun, Craig J. (2002). Understanding September 11. New York, NY: New Press. p. 191. ISBN   1-56584-774-1 . Retrieved 2024-06-26.
35. Whitman, Michael E.; Mattord, Herbert J. (2003). Principles of Information Security. Boston, MA: Thomson Course Technology. p. 492. ISBN   0-619-06318-1 . Retrieved 2024-06-26.
36. Cougias, Dorian J.; Heiberger, E.L.; Koop, Karsten (2003). The Backup Book: Disaster Recovery from Desktop to Data Center. Livermore, CA: Schaser-Vartan Books. p. 246. ISBN   0-9729039-0-9 . Retrieved 2024-06-26.
37. Brown, Michael E. (2003). Grave New World: Security Challenges in the 21st Century. Washington, D.C.: Georgetown University Press. p. 96. ISBN   978-0-87840-142-0 . Retrieved 2024-06-26.
38. Nitrozac; Snaggy (2004). The Best of The Joy of Tech. Sebastopol, CA: O'Reilly Media. p. 49. ISBN   0-596-00578-4 . Retrieved 2024-06-26.
39. Holt, Thomas J.; Schell, Bernadette H. (2011). Corporate Hacking and Technology-Driven Crime: Social Dynamics and Implications. Hershey, PA: Business Science Reference. p. 179. ISBN   978-1-61692-805-6 . Retrieved 2024-06-26.
40. Various (2011). Proceedings of the 10th European Conference on Information Warfare and Security. Reading, UK: Academic Publishing Limited. p. 12. ISBN   978-1-908272-07-2.
41. Ravi, Srinidhi (2012). Hackers that shook the world!. Pune, India: Asian School of Cyber Laws. p. 126.
42. "Defacement: US Army". Zone-H. 2003-01-16. Archived from the original on 2024-06-26. Retrieved 2024-02-12.
43. "Defacement: US Navy". Zone-H. 2002-12-19. Archived from the original on 2024-06-26. Retrieved 2024-02-12.
44. Verton, Dan (2002-08-08). "NASA investigating hacker theft of sensitive documents". Computerworld. Archived from the original on 2019-04-25. Retrieved 2024-02-12.
45. "Defacement: Acer". Attrition. 2001-05-02. Archived from the original on 2024-06-25. Retrieved 2024-02-12.
46. "Defacement: Sony Malaysia". Zone-H. 2001-03-05. Archived from the original on 2024-07-12. Retrieved 2024-02-12.
47. Verton, Dan (2002-07-18). "Hackers to corporate America: You're lazy". Computerworld. Archived from the original on 2024-06-26. Retrieved 2024-02-12.
48. "Defacement: Girl Scouts". Attrition. 2001-03-10. Archived from the original on 2024-06-25. Retrieved 2024-02-12.
49. "Defacement: Jenny Craig". Zone-H. 2001-03-12. Archived from the original on 2024-06-25. Retrieved 2024-02-12.
50. "Defacement: Goodwill Industries NY". Zone-H. 2003-04-13. Archived from the original on 2024-07-12. Retrieved 2024-02-12.
51. "Defacement: Goodwill Industries Mid TN". Zone-H. 2003-04-13. Archived from the original on 2024-07-12. Retrieved 2024-02-12.
52. "Defacement: Jose Cuervo". Attrition. 2001-04-25. Archived from the original on 2024-06-25. Retrieved 2024-02-12.
53. "Defacement: Ohio State University". Zone-H. 2003-01-09. Archived from the original on 2024-06-25. Retrieved 2024-02-12.
54. Verton, Dan (2002-07-22). "Corporate America Is Lazy, Say Hackers". Computerworld. p. 7. Archived from the original on 2024-05-24. Retrieved 2024-02-12.