The Kid Who Hacked the Pentagon (True Story)

On its surface, the International Space Station (ISS) heats up to a scorching 120°C. The only thing keeping the astronauts inside from being literally cooked alive is an intricate onboard temperature and humidity control system. In 1999, that critical system was compromised. The culprit wasn’t a hostile foreign power; it was a 15-year-old boy in his bedroom in South Florida.

Jonathan James, known online by the alias "Comrade," was a computing prodigy. From the age of six, he was obsessed with computers, breaking through parental controls and teaching himself advanced programming languages like C and Unix. While other teenagers were playing sports, Jonathan was exploring digital landscapes, driven by the thrill of beating complex systems. He wasn't a malicious dynamic; he didn't delete files or spread viruses. Often, after breaking in, he would send a polite email to the system administrator detailing the security holes he had found and how to fix them.

In the summer of 1999, Jonathan sought a new challenge and set his sights on NASA's Marshall Space Flight Center. He successfully gained access to 13 NASA computers and downloaded proprietary software valued by the government at $1.7 million. This software was the precise code used to manage the ISS environment. The breach was severe enough that NASA was forced to shut down its systems for three weeks to identify the intrusion and secure the network, incurring $40,000 in costs. Two months later, Jonathan upped the ante, hacking into the Pentagon’s Defense Threat Reduction Agency, a department tasked with analyzing nuclear, chemical, and biological threats. He installed a back door on a server, intercepting thousands of internal messages and retrieving usernames and passwords of numerous employees.

To Jonathan, these hacks were just "harmless exploration." To the United States government, he was a severe national security threat. In January 2000, 16-year-old Jonathan was woken up not for school, but by FBI agents raiding his family home. He was questioned, admitted to everything, and promised to never do it again. The consequences were historic: Jonathan James became the first juvenile to be convicted of cybercrime in the US. Due to his age, he avoided a potential decade in prison, receiving instead six months of house arrest and probation. After violating that probation, he spent six months in a juvenile detention facility—an experience his father said changed him, leaving him strangely idle. Shaken by the reality of incarceration, Jonathan vowed to leave hacking behind forever.

However, his past would not let him go. Years later, a different hacker, Albert Gonzalez, orchestrated what was at the time the largest identity theft case in US history, stealing data from over 100 million credit cards from companies like TJ Maxx. Secret Service agents, tracking Gonzalez and his crew, noticed a nickname in the criminal reports: "JJ." They incorrectly concluded this was short for Jonathan James.

In May 2008, agents raided 24-year-old Jonathan's house again. Though he was innocent and had truly retired from hacking, he was convinced the government was determined to make him a scapegoat. Having read survival guides written by other hackers who had been manipulated by the system, Jonathan feared he would be framed by Gonzalez—who had been working as a fed informant—and face decades in prison for a crime he didn’t commit. Overwhelmed by the loss of control and the dread of returning to incarceration, Jonathan James took his own life on May 18, 2008. In his final note, he wrote, "I have no faith in the justice system... I die free."