Title : PWN/Part 1
Author : Datastream Cowboy
==Phrack Inc.==
Volume Four, Issue Thirty-Eight, File 13 of 15
PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN
PWN PWN
PWN Phrack World News PWN
PWN PWN
PWN Issue XXXVIII / Part One of Three PWN
PWN PWN
PWN Compiled by Dispater & Friends PWN
PWN PWN
PWN Special Thanks to Datastream Cowboy PWN
PWN PWN
PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN
Warning: Multiplexor/The Prisoner Tells All April 10, 1992
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
On approximately April 3, 1992, Multiplexor (a/k/a The Prisoner) illegally used
credit card information obtained from CBI/Equifax to purchase an airline ticket
to San Diego, California from his home in Long Island, New York. Upon his
arrival, MP was met by several agents of the Federal Bureau of Investigation.
After his apprehension, MP was taken first to a computer store where agents
allegedly picked up a computer from the store manager who is a friend of either
one of the agents or a federal prosecutor involved in the case.
At the taxpayer's expense, Multiplexor was put up for at least a week at a
Mariott Hotel in San Diego while he told all that he ever knew about anyone to
the FBI. It is believed that "Kludge," sysop of the San Diego based BBS
Scantronics has been implicated, although reportedly his board does not contain
ANY illegal information or other contraband.
It is widely known that card credit abusing scum like Multiplexor are
inherently criminal and will probably exaggerate, embellish and otherwise lie
about other people in order to escape prosecution themselves. If you have ever
come into contact with Multiplexor -- beware. He may be speaking about you.
Incidentally, Multiplexor had this year submitted a poorly written and ill-
conceived article to Phrack about voice mail hacking. His article was denied
publication.
And now this is the final result...
Nationwide Web of Criminal Hackers Charged April 20, 1992
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
By Barbara E. McMullen & John F. McMullen (Newsbytes)
San Diego -- According to a San Diego Union-Tribune report, San Diego police
have uncovered "an electronic web of young computer hackers who use high-tech
methods to make fraudulent credit card charges and carry out other activities."
The Friday, April 17th story by Bruce V. Bigelow and Dwight C. Daniels quotes
San Diego police detective Dennis Sadler as saying that this informal
underground network has been trading information "to further their political
careers." He said that the hackers know how to break computer security codes,
create credit card accounts, and make fraudulent credit card purchases. Sadler
estimated that as many as 1,000 hard-core hackers across the United States have
shared this data although he said that it's unclear how many have actually used
the information to commit crimes.
Sadler added that he estimated that illegal charges to credit cards could total
millions of dollars.
While the police department did not release details to support the allegations,
saying that the investigation is continuing, Sadler did say that cooperation
>from an "out-of-state hacker," picked up in San Diego, provided important
information to the police and the FBI. Although police would not release the
identity of this individual or his present whereabouts, information gathered
by Newsbytes from sources within the hacker community identifies the so-called
hacker as "Multiplexer", a resident of Long Island, NY, who, according to
sources, arrived in San Diego on a airline flight with passage obtained by
means of a fraudulent credit card purchase. The San Diego police, apparently
aware of his arrival, allegedly met him at the airport and took him into
custody. The same sources say that, following his cooperation, Multiplexer was
allowed to return to his Long Island home.
The Union-Tribune article linked the San Diego investigation to recent federal
search and seizures in the New York, Philadelphia and Seattle areas. Subjects
of those searches have denied to Newsbytes any knowledge of Multiplexer,
illegal credit card usage or other illegal activities alleged in the Union-
Tribune story. Additionally, law enforcement officials familiar with on-going
investigations have been unwilling to comment, citing possible future
involvement with the San Diego case.
The article also compared the present investigation to Operation Sun-Devil, a
federal investigation into similar activities that resulted in a massive search
and seizure operation in May 1990. Although individuals have been sentenced in
Arizona and California on Sun Devil related charges, civil liberties groups,
such as the Computer Professionals for Social Responsibility, have been
critical about the low number of criminal convictions resulting from such a
large operation.
_______________________________________________________________________________
Sun-Devil Becomes New Steve Jackson Game March 25, 1992
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
By Steve Jackson
It couldn't have been more than a week after the initial raid when people
started saying, "Hey, why don't you make a game out of it?" The joke wore thin
quickly, as I heard it over and over and over during the next year. Then I
realized that I was in serious danger of losing my sense of humor over this...
and that actually, it would be possible to do a pretty good game about hacking.
So I did.
In 1990, the Secret Service raided Steve Jackson Games when a "hacker hunt"
went out of control. Loss of our computers and unfinished game manuscripts
almost put this company out of business.
It's been two years. We're back on our feet. And ever since the raid, fans
have been asking, "When are you going to make a game out of it?"
Okay. We give up. Here it is.
The game has enough fanciful and pure science-fiction elements that it's not
going to tutor anyone in the arcane skills. Neither is it going to teach the
sysadmin any protective tricks more sophisticated than "don't leave the root
set to default." But it is, I think, a good simulation of the *social*
environment of High Hackerdom. You want to outdo your rivals -- but at the
same time, if you don't share knowledge with them, you'll never get anywhere.
And too many wannabes on the same system can mess it up for everybody, so when
you help somebody, you ask them to try it out *somewhere else* . . . and
occasionally a hacker finds himself doing the sysadmin's housecleaning, just to
preserve his own playground against later intruders. I like the way it plays.
In HACKER, players compete to invade the most computer systems. The more
systems you crack, the more you learn, and the easier the next target is. You
can find back doors and secret phone lines, and even crash the systems your
rivals are using. But be careful. There's a Secret Service Raid with your
name on it if you make too many enemies.
Designed by Steve Jackson, the game is based on the award-winning ILLUMINATI.
To win at HACKER requires guile and diplomacy. You must trade favors with your
fellow hackers -- and get more than you give away. But jealous rivals will try
to bust you. Three busts and you're out of the game. More than one player can
win, but shared victories are not easy!
HACKER is for 3-6 players. Playing time is under an hour for the short game
and about 2 hours for the regular game. Components include a rule book, 110
cards, marker chips, 6 console units, system upgrades, Bust markers, and Net
Ninja marker, two dice and a Ziplock bag.
Hacker began shipping March 30, and has a suggested retail price of $19.95.
_______________________________________________________________________________
"Peter The Great " Had An Overbyte January 10, 1992
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
By Kay Kusumoto (The Seattle Times)(Page B1)
"Teenage Hacker Ring Bigger Than Thought"
Bellevue, Washington -- Imagine you're a 17-year-old computer whiz who has
figured out how to get into the phone-company computer to make long-distance
calls for free.
Imagine finding at the tip of your fingers step-by-step instructions on how to
obtain credit-card numbers.
And imagine once more the name you use to log on to a computer system isn't
really your own, but actually a tag, or moniker -- like, say, that of a Russian
czar.
Bellevue police say that's the name an Issaquah teenager used when sending
messages to fellow hackers all over the country.
They first arrested "Peter the Great" a month ago for investigation of
attempted theft in using an unauthorized credit-card number to try to purchase
a $4,000 computer from a store in Bellevue.
But now police, who are still investigating and have not yet filed charges,
believe they're on to something much larger than first suspected. They say
they are looking for one or two additional youths involved with the 17-year-old
in a large computer-hacking ring that uses other people's credit-card numbers
to purchase computers and software.
In the youth's car, police say, they found another $4,000 computer obtained
earlier that day from a Seattle computer store. They also claim to have found
documents suggesting the youth had used credit information illegally.
Police Lt. Bill Ferguson of Bellevue's white-collar crime unit said detectives
don't know how many people are involved in the scam or how long it has been
going on. And police may never know the dollar loss from businesses and
individuals, he said.
"You can guess as high as you want," Ferguson said. "He had connections clear
across the country."
After the youth was arrested, police say, he admitted to being a hacker and
using his parents' home computer and telephone to call boards.
An elaborate type of e-mail -- the bulletin boards offer the user a electronic
messaging -- system, one may gain access to a "pirate" bulletin directory of
"how to" articles on ways of cracking computer systems containing everything
>from credit records and phone accounts to files in the University of
Washington's chemistry department.
Once the youth decided which articles he wanted most, he would copy them onto
his own disk, said Ferguson. Now police are poring over hundreds of disks,
confiscated from his parents' house, to see just how much information he had.
The parents knew nothing of what was going on, police say. Ferguson said
police also seized a copy of a New York-based magazine called 2600, aimed at
hackers. Like the bulletin boards, the magazine provides readers with a
variety of "how to" articles.
The teenager, who was released to his parents' custody the day of his December
3 arrest, told police the magazine taught him how to use a device that can
imitate the sound of coins dropping into a pay phone. With that, he could dial
outside computers for free.
Police confiscated the device.
"Hackers are difficult to trace because they don't leave their name on
anything," Ferguson said, adding that a federal investigation may follow
because detectives found copies of government documents on the youth's disks.
"This kid (copied) hundreds of pages of articles, left messages and shared
(computer) information with other hackers," said Ferguson.
"What's common about the hacker community is that they like to brag about their
accomplishments -- cracking computer systems. They'll tell each other so
others can do it."
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Hotel Credit Doesn't Compute January 22, 1992
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
By Stephen Clutter and Kay Kusumoto (The Seattle Times)(Page D1)
"Kirkland Police Suspect Hacker"
Kirkland, Washington -- Police are investigating yet another potential computer
hacking case, this one at the Woodmark Hotel in Kirkland.
Someone, according to hotel officials, got into the Woodmark's computer system
and gave themselves a $500 credit for a hotel room earlier this month.
Police say a 19-year-old Bellevue man is the main suspect in the case, although
no arrests have been made.
The incident surfaces at the same time as Bellevue police press their
investigation into their suspicions that a 17-year-old Issaquah youth, using
the computer name "Peter the Great," got access to credit-card numbers to
purchase computers and software. That suspect was arrested but is free pending
charges.
"The deeper we get into Peter's files, the more we're finding," Bellevue police
Lt. Bill Ferguson said.
After arresting the youth last month on suspicion of trying to use an
unauthorized credit-card number to purchase a $4,000 computer from a Bellevue
store, police confiscated hundreds of computer disks and have been searching
the electronic files for evidence.
"We've been printing one file out for three hours now -- and it's still
printing," Ferguson said yesterday.
The file, Ferguson estimated, contains at least 10,000 names of individuals,
with credit-card numbers and expiration dates, addresses, phone numbers and
Social-Security numbers.
Detectives will meet with the Bellevue city prosecutor later this week to
discuss charges.
In the Kirkland incident, the 19-year-old Bellevue man stayed in the hotel the
night of January 11, according to Kirkland Detective Sgt. Bill O'Brien.
The man apparently made the reservation by phone a few days earlier and was
given a confirmation number. When he went to check into the hotel on January
11, the receptionist found that a $500 credit had been made to his room
account, O'Brien said.
Woodmark officials, fearing they had a hacker problem, contacted Bellevue
police last week after reading news accounts of the arrest of "Peter the
Great."
"The hotel said they had read the story, and discovered what appeared to be a
break-in to their computer system," said Ferguson. "They wanted to know if
maybe it was related to our "Peter the Great" case."
Police don't know, Ferguson said -- and that's one of the things under
investigation.
The main suspect in the Woodmark case had worked at the hotel for five days in
1990, police say, and may have had access to the hotel's computer access code.
Hotel officials suspected they had a hacker on their hands because phone
records indicate that the $500 credit was made via a telephone modem and not by
a keyboard at the hotel, Ferguson said. The problem was discovered after an
audit showed the $500 was never paid to the hotel.
So what happened during the free night at the Woodmark?
"They partied and made various phone calls, including nine to the University of
Washington," O'Brien said.
The calls to the university went to an answering machine at the Medical Center,
police say, and there is no indication the men were able to hack their way into
the university's computer system.
They were up to something, though, and police want to know what. "We're going
to start with the (19-year-old Bellevue) kid, and start from there," O'Brien
said.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Hacker Charged With Fraud February 14, 1992
~~~~~~~~~~~~~~~~~~~~~~~~~
By Kay Kusumoto (The Seattle Times)(Page F3)
"Teen Computer Whiz May Be Part Of A Ring"
"Peter the Great" played courier for "Nighthawk."
He was supposed to pick up a couple computers purchased with an unauthorized
credit-card number from a computer store in Bellevue, Washington last December.
He never finished the transaction. A suspicious clerk called police and
"Peter" was arrested for attempted theft.
But that was only the beginning.
The Issaquah teenager who went by the computer name "Peter the Great" was
charged yesterday in King County Juvenile Court with attempted theft,
possession of stolen property, telephone fraud and computer trespass..
The arrest of the 17-year-old computer whiz led Bellevue police on an
investigation into the underground world of computer hacking.
Police are still investigating the case and say they believe it involves
members of a large computer-hacking ring who use other people's credit-card
numbers to purchase computers and software.
Court documents allege the youth was after two $1,800 computers on December 3,
1991, the day he walked into a Bellevue computer store to pick up an order for
an unknown associate who went by the hacker moniker "Nighthawk."
The computers had been ordered with a credit-card number given over the phone
by a man identifying himself as Manuel Villareal. The caller told the clerk
that another man named Bill Mayer would pick up the order later in the day.
But a store clerk became suspicious when the youth, who said he was Bill Mayer,
"appeared very nervous" while he was inside the store, court papers state.
When the youth couldn't provide enough identification to complete the
transaction, the clerk told him to have Villareal come into the store and sign
for the computers himself.
After the youth left, the clerk called police, and "Peter" was arrested later
that day.
A search of his car revealed a torn up VISA card, several computer disks, two
more computers, a receipt from a computer store in Seattle and several pieces
of paper with credit-card numbers on them, court papers state.
The youth also had in his possession a red box, a device that simulates the
sound of coins dropping into a pay phone.
After his arrest, the youth told police that "Nighthawk" had telephoned the
computer store and used Villareal's name and credit-card number to make the
purchase in Bellevue.
The teen admitted to illegally using another credit-card number to order a
computer from a store in Seattle. The computer was picked up later by another
unknown associate.
The youth also told police that another associate had hacked his way into the
computer system of a mail-order house and circulated a list of 14,000 credit
card numbers through a computer bulletin board.
_______________________________________________________________________________
Computer Hackers Nabbed January 29, 1992
~~~~~~~~~~~~~~~~~~~~~~~
By Michael Rotem (The Jerusalem Post)
Four computer hackers were arrested and their equipment seized in raids by
police and Bezek security officers on four homes in the center and north of the
country. They were released on bail yesterday after questioning.
The four, two minors and two adults, are suspected of purloining passwords and
then breaking the entry codes of international computer services and toll-free
international telephone switchboards, stealing thousands of dollars worth of
services.
The arrests were made possible after National Fraud Squad officers joined
Bezek's efforts to discover the source of tampering with foreign computer
services.
A Bezek source told The Jerusalem Post that all four suspects had used personal
computers and inexpensive modems. After fraudulently obtaining several
confidential passwords necessary to enter Isranet -- Israel's national computer
network -- the four reportedly linked up to foreign public data banks by
breaking their entrance codes.
This resulted in enormous bills being sent to the password owners, who had no
idea their personal secret access codes had been stolen.
The four are also suspected of illegally obtaining secret personal credit
numbers used by phone customers to call abroad. The suspects reportedly made
numerous telephone conversations abroad worth thousands of shekels.
A police spokesman said cooperation between Bezek's security department and the
police National Fraud Squad will continue, in order to "fight these felonies
that cause great financial damage." Bezek spokesman Zacharia Mizrotzki said
the company is considering changing the secret personal passwords of network
users on a frequent basis.
_______________________________________________________________________________
Hackers Get Free Credit February 24, 1992
~~~~~~~~~~~~~~~~~~~~~~~
By Doug Bartholomew (Information Week)(Page 15)
Banks and retail firms aren't the only ones peeking at consumers' credit
reports. Equifax Inc., one of the nation's three major credit bureaus admitted
that some youthful computer hackers in Ohio had penetrated its system,
accessing consumers' credit files. And if it wasn't for a teenager's tip, they
would still be at it.
"We do not know how the hackers obtained the access codes, but we do know the
confidentiality requirements for membership numbers and security pass-codes
were breached," says a spokesman at Equifax. The company, which had revenue of
$1.1 billion in 1991, possesses a database of some 170 million credit files.
A customer number and access code must have been given to the teenagers, or
stolen by them, adds the spokesman, who says Equifax "plans to increase the
difficulty of accessing the system." Theft of computer access codes is a
federal crime.
Virtually No Protection
Critics of the credit agencies say such breaches are common. "There is
virtually no protection for those systems," says a spokesman for the Computer
Professionals for Social Responsibility, a Washington association. "If some
car salesman leaves the information sitting on his desk, someone could just
pick up the codes."
As of last week, Dayton police had made no arrests. But they searched the
homes of two young men, age 18 and 15, confiscating half a dozen PCs and
numerous floppy disks.
The two are thought by police to be part of a group of up to 50 hackers
believed to be behind the systems break-in. The group is also under
investigation for allegedly making $82,000 worth of illegal phone calls using
an 800 number provided to business customers of LDDS Communications Inc., a
long-distance service in Jackson, Mississippi. LDDS was forced to disconnect
the 800 number on November 15, 1991.
_______________________________________________________________________________
Two Cornell Students Charged In Virus Attacks February 26, 1992
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
By Grant Buckler (Newsbytes)
Also see Phrack 37, File 11 -- Phrack World News
Ithaca, New York -- Charges have been laid against two Cornell University
students accused of planting a virus that locked up Apple Macintosh computers
at Cornell, at Stanford University in California, and in Japan.
David S. Blumenthal and Mark Andrew Pilgrim, both aged 19, were charged in
Ithaca City Court with one count each of second-degree computer tampering, a
Class A misdemeanor. The investigation is continuing and additional charges
are likely to be laid, said Cornell University spokeswoman Linda Grace-Kobas.
Both students spent the night in jail before being released on bail February
25, Grace-Kobas added.
The MBDFA virus apparently was launched February 14 in three Macintosh computer
games: Obnoxious Tetris, Tetriscycle, and Ten Tile Puzzle. Apparently, a
computer at Cornell was used to upload the virus to the SUMEX-AIM computer
archive at Stanford University and an archive in Osaka, Japan.
MBDFA is a worm, a type of computer virus that distributes itself in multiple
copies within a system or into connected systems. MBDFA modifies systems
software and applications programs and sometimes results in computer crashes,
university officials reported.
Reports of the MBDFA virus have been received from across the United States and
>from around the world, including the United Kingdom, a statement from the
university said.
_______________________________________________________________________________
Judge Orders Hacker To Stay Away From Computers March 17, 1992
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
By Jim Mallory (Newsbytes)
DENVER, COLORADO -- A computer hacker who pleaded guilty to breaking into space
agency computer systems was ordered to undergo mental health treatment and not
use computers without permission from his probation officer.
The 24 year-old man, a resident of suburban Lakewood, was sentenced to three
years probation in what is said to be one of only five prosecutions under the
federal computer hacker law.
The man pleaded guilty last year to one count of breaking into a National
Aeronautics and Space Administration (NASA) computer, after NASA and the
Federal Bureau of Investigation agents tracked him down in 1990. Prosecutors
said the man had spent four years trying to get into computer systems,
including those of some banks.
Prosecutors said the man had gained access to a Defense Department computer
through the NASA system, but declined to give any details of that case. The
indictment did not explain what had occurred.
In the plea bargain agreement, the man admitted he gained access to NASA's
computers "by exploiting a malfunction in a public access NASA computer
bulletin board service."
The man was described as an unemployed loner who had spent most of his time
using a computer at home. The prosecutor was quoted as saying the man needed
counselling "on a social level and for personal hygiene."
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Hacker Journeys Through NASA's Secret World March 24, 1992
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
By Scripps Howard (Montreal Gazette)(Page A5)
"It became more like a game. How many systems can you break into?"
While tripping through NASA's most sensitive computer files, Ricky Wittman
suddenly realized he was in trouble. Big trouble.
He had been scanning the e-mail, electronic messages sent between two
scientists at one of NASA's space centers. They were talking about the
computer hacker who had broken into the system. They were talking about
Wittman.
Curiosity collapsed into panic.
"Logoff now!" 24-year-old Wittman remembers thinking as he sat alone in his
apartment, staring at his computer screen, in May 1990. "Hang up the phone.
Leave the house."
By then it was too late. The National Aeronautics and Space Administration's
computer detectives were on the trail. After 400 hours of backtracking phone
records, they found the Sandpiper Apartments in Westminster, Colorado.
And they found the inconspicuous third-floor apartment where Wittman -- using
an outdated IBM XT computer -- perpetrated the most massive hacking incident in
the history of NASA.
Last week a federal judge sentenced Wittman to three years' probation and
ordered him to undergo psychiatric counselling.
But perhaps the most punishing aspect to Wittman was the judge's order that he
not use computers without permission from a probation officer.
"That's going to be the toughest part," Wittman said. "I've become so
dependent on computers. I get the news and weather from a computer."
In his first interview since a federal grand jury indicted him in September,
Wittman expressed regret for what he had done.
But he remained oddly nonchalant about having overcome the security safeguards
designed by NASA's best computer minds.
"I'll level with you. I still think they're bozos," Wittman said. "If they had
done a halfway competent job, this wouldn't have happened."
Prosecutors didn't buy Wittman's argument.
"No software security system is foolproof," wrote assistant U.S. attorney
Gregory Graf. "If a thief picks the lock on the door of your home, is the
homeowner responsible because he didn't have a pick-proof lock on the front
door?"
Breaking into the system was just that easy, Wittman said, so much so that it
took him a while to realize what he had done.
He had been fooling around inside a public-access NASA computer bulletin-board
service in 1986, looking for information on the space-shuttle program. He
started toying with a malfunction.
"The software went blooey and dumped me inside," Wittman said. "At first, I
didn't know what happened. I pressed the help key. I realized after a while
that I was inside."
Somehow, Wittman -- then 18 -- had found a way to break out of the bulletin
board's menu-driven system and into a restricted-access area full of personal
files.
Once past the initial gate, it didn't take Wittman long to find the file of a
security manager. Wittman picked up a password for another system, and the
romp began.
"Then I started looking around, and it became more like a game," he recalled.
"How many systems can you break into?"
By the federal government's count, Wittman eventually hacked his way into 115
user files on 68 computer systems linked by the Space Physics Analysis Network.
His access extended as far as the European Southern Observatory in Munich,
Germany.
Given the chance, Wittman could have gone even farther, prosecutors contend. In
an interview with the FBI, Wittman told agents he accidently had come across
the "log on" screen for the U.S. controller of the currency. Wittman said he
didn't try to crack that password.
"The controller of the currency is a little out of my league," he said.
_______________________________________________________________________________
Georgia Teenage Hacker Arrested March 19, 1992
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
By Jim Mallory (Newsbytes)
LAWRENCEVILLE, GEORGIA -- A Georgia teenager has been arrested on charging of
illegally accessing data files of several companies in a attempt to inject a
computer virus into the systems.
The alleged computer hacker, who was originally charged with the illegal access
charges two weeks ago, was re-arrested on felony charges at his high school
this week on the additional charges of attempting to infect the computer
systems.
The 18-year old boy allegedly broke into computers of BellSouth, General
Electric Company, IBM, WXIA-TV in Atlanta, and two Gwinnett County agencies,
who were not identified.
The boy's 53-year-old mother was also arrested, charged with attempting to
hinder her son's arrest by trying to have evidence against him destroyed.
Computer users' awareness of computer viruses was heightened recently over the
so-called Michelangelo virus, which some computer security experts thought
might strike tens of thousands of computers, destroying data stored on the
system's hard disk. Perhaps due to the massive publicity Michelangelo
received, only a few hundred PCs in the US were struck.
Hackers access computers through telephone lines. Passwords are sometimes
obtained from underground bulletin boards, are guessed, or can be obtained
through special software programs that try thousands of combinations, hoping to
hit the right one.
A recent Newsbytes story reported the conviction of a Denver area resident, who
was sentenced to three years probation and ordered not to use computers without
permission after attempting to break into a NASA (National Aeronautics and
Space Administration) computer.
Officials and victims are usually reluctant to give details of computer break-
ins for fear of giving other would-be hackers ideas.
_______________________________________________________________________________
Hacker Surveillance Software March 21, 1992
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
By Susan Watts, Technology Correspondent for The Independent (Page 6)
"Hacker 'Profiles' May Curb Computer Frauds"
The Federal Bureau of Investigation is dealing with computer hackers as it
would rapists and murderers -- by building "profiles" of their actions.
Its computer researchers have discovered that, in the same way that other
offenders often favour the same weapons, materials or times of day to
perpetrate their crimes, hackers prefer to use trusted routines to enter
computer systems, and follow familiar paths once inside. These patterns can
prove a rich source of information for detectives.
The FBI is developing a modified version of detection software from SRI
International -- an American technology research organization. Teresa Lunt, a
senior computer scientist at SRI, said hackers would think twice about breaking
into systems if they knew computer security specialists were building a profile
of them. At the very least, they would have to constantly change their hacking
methods. Ms. Lunt, who is seeking partners in Britain to help develop a
commercial version of the software, believes hackers share with psychotic
criminals a desire to leave their hallmark.
"Every hacker goes through a process peculiar to themselves that is almost a
signature to their work," she said. "The FBI has printed out long lists of the
commands hackers use when they break in. Hackers are surprisingly consistent
in the commands and options they use. They will often go through the same
routines. Once they are in they will have a quick look around the network to
see who else is logged on, then they might try to find a list of passwords."
SRI's software, the development of which is sponsored by the US Defense
Department, is "intelligent" -- it sits on a network of computers and watches
how it is used. The software employs statistical analysis to determine what
constitutes normal usage of the network, and sets off a warning if an
individual or the network behaves abnormally.
A more sophisticated version of the program can adapt itself daily to
accommodate deviations in the "normal" behavior of people on the network. It
might, for example, keep track of the number of temporary files created, or how
often people collect data from an outside source or send out information.
The program could even spot quirks in behavior that companies were not
expecting to find.
The idea is that organizations that rely on sensitive information, such as
banks or government departments, will be able to spot anomalies via their
computers. They might pick up money being laundered through accounts, if a
small company or individual carries out an unusually large transaction.
_______________________________________________________________________________