Approaching Zero - Paul Mungo (books to read to increase intelligence .txt) 📗
- Author: Paul Mungo
- Performer: -
Book online «Approaching Zero - Paul Mungo (books to read to increase intelligence .txt) 📗». Author Paul Mungo
It is likely, though, that had the NSA been involved in the VAX scheme, it
would have chosen a more devious means of access. Whoever put the back door in,
and for whatever purpose, it was probably not intended for Gerrnan hackers. But
by 1986, when Koch and Pengo were trawling for information about VAX, the
secret of the back door had traveled across the Atlantic and had become known
by a small group of hackers in Germany. Bach and Handel, the two students who
broke into the SCICON company’s VAX, are generally thought to have been among
the first to exploit the trick. It was later discovered that their mentor was a
student at Karlsruhe University named Steffen Weihruch.
That same year, Karl Koch made contact with Weihruch as well. He had managed to
track down the VAX wizard to Karlsruhe and had prevailed on him to tell him his
technique. It wasn’t dificult: Weihruch was known to be obliging and was rather
pleased that his discovery was useful.
Weihruch had also perfected a “tool” to make hacking VAXen even easier. The
problem with the back door was that it didn’t entirely bypass all security
checks: a would-be hacker still had to contend with the security log, which
collated the IDs of all users as they entered the system. It was this log—
which was kept on a computer file and could be examined by the system operator-
-that had alerted SCICON to Bach and Handel. A hacker coming in the back door
would be conspicuous because the ID and password used—the ones entered in the log—could be any combination of random
characters; they wouldn’t necessarily be a real ID and password, and their
inclusion in the log was a clear sign of an intrusion.
The solution was to capture the identity of legitimate users, especially ones
with high privileges. Then hackers could roam through the system secretly,
masquerading as authorized users.
To this end Weihruch had developed a special tool to capture IDs and passwords
as they were entered. This tool—in reality, a program—replaced the real entry
screen with a phony, a complete replica that was indistinguishable to a user.
On seeing the screen, the unsuspecting user would enter his ID in the normal
way, followed by his password. The program captured that information, saving it
on a secret file. Then, because it wasn’t able to allow entry, the phony screen
displayed the message INVALID—PLEASE REENTER. The user would think he had
simply miskeyed his password. For his next attempt, the user would be presented
with the proper screen; if all was in order, he would be able to gain access.
The hacker could then pick up the secret file, containing all the IDs and
passwords that it had collected, on his next visit. It was like using traps to
catch rabbits, except that the rabbit felt no pain. The program had automated
hacking, and with legitimate IDs and the backdoor entry system, hacking became
simply a matter of finding VAX computers, going in through the back door,
leaving the trap program to function until it had captured some legitimate
identities, then taking the real IDs and passwords from the file.
With the back door and the trap program, Pengo and Koch were able to supply the
Soviets with better material. Koch passed Kahl computer log-ins and passwords
to military systems. In return, Kahl passed back money.
But despite the success with VMS, the KGB was upping the ante again. The
Soviets wanted Koch and Pengo to hack into computers that used the UNIX
operating system. UNIX was becoming increasingly popular because it could be
used on a wide range of computers; many VAX users preferred UNIX to DEC’s VMS.
much to the computer giant’s chagrin.
However, neither Koch nor Pengo knew anything about UNIX; they needed to
recruit yet another hacker to their team. Once again, Kahl and Koch made the
rounds of various hacker meets. and soon found Marcus Hess, who at the time was
working for a specialist UNIX systems company in Hannover. He was an ideal
choice: local, experienced, and with an addiction almost as potent as drugs—he
loved fast sports cars.
Now they were three. Hess soon became invaluable; shortly after becoming a
member, he was able to download a copy of the UNIX source code. Kahl took it to
the Soviets, who seemed impressed; they paid Kahl DM25,000, about $16,000, the
most he had ever received from them.
Hess soon discovered that many American computer users were relaxed about
security. Indeed, if their computers contained nothing secret or classified,
some U.S. sites actually tolerated an occasional visiting hacker; sometimes
system operators would even have time for a chat. In America, the nucleus of
the mythical Worldnet, the concept of the “Global Village,” where everybody
would be friendly neighbors, courtesy of the computer networks, was born. It
was easy to forget that computers, which themselves don’t contain classified
information, can provide entry points to a network with more interesting
machines—and that was what Hess was looking for.
He soon found a particularly hospitable computer in California, which contained
no classified material but did provide a convenient launching pad to other
systems. For the cost of a domestic phone call, Hess could hack into the
University of Bremen, where computer security was slack, hop across the
Atlantic by satellite at the university’s expense, and due to the hospitality
of the computers at Lawrence Berkeley Laboratories, at the University of
California in Berkeley, travel to other sites.
Some system operators tolerate hackers, some threaten them, but most don’t even
know they’ve got them. Very few actually
chase them: it’s a very timeconsuming and generally unrewarding task.
Clifford Stoll, the system administration manager at Lawrence Berkeley
Laboratories, detected the activities of Hess in August 1986, after
investigating a seventy-five-cent discrepancy in the accounting records of the
lab’s computers. (The seventy-five cent fee couldn’t be attributed to an
authorized user, so the charge had to have been run up by an outsider.) Other
system operators might not have bothered, but Stoll was an astronomer by voca-tion and was only filling in time until grant money could be found to allow him
to pursue his chosen career. To Stoll, chasing a hacker seemed exciting.
Once he had detected Hess, he was faced with the classic dilemma: should he
lock him out or watch him? If he were to lock him out, there was a chance that
he might sneak in some other way and not be noticed; it was also likely that he
might penetrate some other system. Stoll decided to keep a watch, setting up an
intricate alarm system that would tip him off whenever the hacker appeared. On
some occasions, he even slept at the lab. His principal intruder was Hess, whom
he knew only through his various aliases—but he also noted the presence of
both Pengo and Hagbard (Koch) on other occasions. These two, with their
interest in the VAXen that used VMS, would not be a major source of worry for
Stoll on his UNIX site.
It eventually became obvious that Lawrence Berkeley had nothing to interest
Hess; it was just a convenient jumping-off place. Stoll tried to make things
look a bit more exciting and concocted a “secret” file as bait, and the hacker
gobbled it up.
Stoll subsequently recounted his experiences in an academic paper (“Stalking
the Wily Hacker,” 1988) and a best-selling book, The Cuckoo’s Egg (1989). He
would record the heavy artillery that was eventually wheeled out to deal with
his German hackers: the FBI, the CIA and, the superspooks themselves, the
National Security Agency.
The reaction of the various agencies at first ranged from apathy to annoyance.
Stoll was hard-pressed to interest the authorities at all: losses in hacking
incidents are generally estimated in nice large numbers, and chasing
seventy-five cents seemed like a joke. But he persisted, and eventually the
authorities became nervous and mounted an operation to catch the intruder.
Finding him was a matter of tracing his calls back to their source. However,
the calls were routed through several different computer networks, a practice
known as network weaving, so that each time the authorities traced the calls
back, they realized they had farther to go—from one network to another, across
the country, and across the Atlantic.
Slowly, the calls were traced back to Germany, down to the University of
Bremen, across to Hannover, and eventually to Marcus Hess’s address. Under
pressure from the Americans, the German authorities arrested and questioned
Hess in June 1987. The Germans had little to go on—the loss of seventy-five
cents didn’t appear to be an extraditable offense—but they decided to tap his
phone just in case.
But while the police were watching Hess, the Illuminati were moving in on
Steffen Wernery.
The saga began when Bach and Handel, the two student hackers who broke into
the SCICON computer, decided to set up a hacker gang known as the VAXbusters.
The team used the backdoor technique to get into VAX computers throughout
Europe and North America. They traveled on SPAN, NASA’s Space Physics
Analysis Network, which links computers involved in physics research around the
world. From the ever-obliging Steffen Weihruch they were also able to get a
copy of the “trap” program, giving them legitimate identities on the systems
they hacked.
For ten months the team wandered through VAX sites with impunity. Unlike Koch
and Pengo, the VAXbusters weren’t spying, nor were they interested in damaging
hacked computers. They were just tourists, browsing through the network,
looking for sites of interest.
Despite their precautions and their benign intent, no hack is entirely
undetectable. In July 1987 the curtain came down on the VAXbusters. Roy Omond,
the particularly diligent manager of a VAX system in Heidelberg, discovered
from a routine scrutiny of his security logs that he had been hacked. Even
though the hackers had been using legitimate IDs, Omond guessed from the noc-turnal timings that many of the entries in his visitors’ book had not been
posted by authorized users. Furious, he mounted his own investigation, and by
sounding out various people he believed might be in contact with the hackers,
he discovered the real names of Bach and Handel. He immediately posted an
electronic message to all other users on SPAN, and named the two students
involved.
Bach and Handel panicked. They assumed they would be prosecuted by the German
authorities and called Steffen at Chaos for advice; Steffen who called Hans
Gliss, who in turn contacted the Verfassungsschutz, the German secret service.
The agency said it would be interested in talking to the two hackers.
Prior to meeting the agents, Bach and Handel prepared a report, dated August
17, 1987, detailing all the installations that had been penetrated by the
VAXbusters. The list comprised 135 sites in total, all on SPAN, and included
nineteen installations at NASA, including two VAX sites at their headquarters
in Washington, D.C., six at the Goddard Space Flight Center, and ten at the
Marshall Space Flight Center. It also included a large number of systems at
CERN in Switzerland, and others at the European Space Agency in the
Netherlands, the Meudon Observatory and the Institut d’Astrophysique in Paris,
and various Max Planck Institute sites in Germany.
There was a full exchange of information at the meeting, and in return for Bach
and Handel’s cooperation, the authorities declined to prosecute. The secret
service then contacted the CIA in Bonn, as well as NASA, DEC, and other groups
that the agency felt should be informed.
In the hope of defusing the situation for the VAXbusters, it was decided that
their story should be released to the press on September 15th. The delay, it
was thought, would give all the affected sites enough time to repair their
defenses. Gliss would cover
Comments (0)