Portscanning a range of IPs on port 21 and testing for anonymous login acceptance is not "hacking". That's just taking advantage of something the sysops, for some reason, allow.
Calling this guy a hacker is an insult to those who can really bust your chops, even when properly configured.
You need to direct that comment to Rita Katz Michael Kern of the SITE Institute who is responsible for the 'Terrorist 007, Exposed', WAPO article.
Laura Mansfield, who did the original research and original article in post 3 didn't refer to Irhabi 007 as a hacker.