Glen DaSilva has a scandalous story to tell – how he got involved in the 2002 Breeder’s Cup betting fraud. The incident was the largest betting scandal to take place in the United States in a century. It exposed serious security flaws in the system used to collect bets for horse races. Today he has redeemed himself and works at DreamPlay Media, an award-winning film, media and creative brand agency. He also helps members of NY Tech Meetup on the discussion email list by answering all their questions.
But how did he end up in prison? It all started when computer programmer Chris Harn conspired with two friends, Derrick Davis and Glen DaSilva, to manipulate bets in the 2002 Breeders’ Cup, held at Arlington Park in Illinois. This enabled him to arrange a $3 million payout to the trio – they had the only winning ticket.
Lauren Keyson: How did you get into the security business?
Glen Da Silva: It was around 2001. There was this scam I was involved in that my roommate from college started and kind of looped me into. Basically we were hacking computers that run the betting at horse tracks. Chris knew there were some vulnerabilities in the system, and in a bad decision moment I decided to help him out with it. It lasted about 11 months until 2003 when by a quirk of fate the horse that won the day at the Breeders Cup, the biggest race, the sixth race that day. That raised the red flags.
LK: Your advice for other hackers?
GD: Well, there’s no shortage of vulnerabilities out there, right? Now there’s mobile – platforms, Android and iOS, and they provide medium to high severity type of vulnerabilities. They’re always being fixed but the hackers tend to stay one step ahead of the people who are architecting the holes. You know, it’s always the cat and mouse game. So the advice that I would have for the hackers is to not do it and not get caught because it’s no fun going to prison.
After the Sony hack, legislation was put in place and now there is a mandatory minimum type sentence where just a regular hack is something like an automatic 60 months which is five years. It’s not fun anymore. I know that I read that and I was like “Wow these guys are really tightening the ratchet on hackers.” You know they need to provide disincentives for people to do this because it’s so easy to get away with it: just disappear into cyberspace and bounce your IP’s all over the world and not get caught.
My sentence was 24 months of incarceration and restitution. So, I only did 12 months out of the 24. We had to pay back the restitution which was like $180,000 or something.
LK: Why do you help people on the NYTM discussion list so much?
GD: Did you see this morning, with Tony Veoli? He’s very active on the list. He wrote something this morning about somebody copying an article that he wrote. So he asked the community to find out who this person was, and I was able to track down this guy through some pretty simple web searches. But, yeah, I love writing to the community — I’ve been part of it going on eight years now. The list is great. I’ve met a lot of people, I’ve gotten business, I’ve hopefully helped some people with my answers, and I think that it’s a great community.