Hackers (MIT Assignment)

Hacking Issue:

Kevin Mitnick 37 – who pleaded guilty to a series of federal offenses related to a 2½-year computer hacking spree, was sentenced to 46 months in federal prison. He pleaded guilty in March to four counts of wire fraud, two counts of computer fraud and one count of illegally intercepting a wire communication. Mitnick’s prolific and damaging hacking career, which made him the most wanted computer criminal in United States history, was ended when he was arrested in North Carolina in February 1995. In a global plea agreement filed in United States District Court in Los Angeles, Mitnick admitted that he broke into a number of computer systems and stole proprietary software belonging to Motorola, Novell, Fujitsu, Sun Microsystems and other companies. Mitnick admitted using a number of tools to commit his crimes, including “social engineering,” cloned cellular telephones, “sniffer” programs placed on victims’ computer systems and hacker software programs. As part of his scheme, Mitnick acknowledged altering computer systems belonging to the University of Southern California and using these computers to store programs that he had misappropriated. He also admitted that he stole E-mails, monitored computer systems and impersonated employees of victim companies, including Nokia Mobile Phones, Ltd., in his attempt to secure software that was being developed by those companies.

Raphael Gray, 19 – He was able to break into the secure systems using just a £800 computer he bought in his home town Clynderwen, Pembrokeshire, Wales. After publishing the credit card info on his webpages Gray posted on the page that law enforcers would never find him “because they never catch anyone. The police can’t hack their way out of a paper bag.” He was dubbed the Bill Gates hacker when he sent Viagra tablets to Gates’ address and then published what he said was the billionaire’s own number. He was tracked down by ex-hacker Chris Davis who was insulted by Gray’s “arrogance”. It took Davis under a day to find Gray which he then forwarded to the FBI, “The FBI was actually quite easy to deal with, although technically, they didn’t really understand what it was I was explaining to them. The local police were also very polite, but they didn’t understand it,” said Davis. Gray was arrested when FBI agents and officers from the local Dyfed Powys Police turned up at the door of his home, which he shared with his mother and two sisters, in March 1999. The sentencing judge ruled that Gray serve 36 months of psychiatric treatment after hearing evidence that he was suffering from a mental condition which needed medical treatment rather than incarceration.

Master of Deception, MOD – was a New York-based hacker group. MOD reportedly controlled all the major telephone RBOC’s and X.25 networks as well as controlling large parts of the backbone of the rapidly emerging Internet. Masters of Deception operated differently in many respects to previous hacking groups. Although they openly shared information with each other, they took a controversial view on sharing information outside the group. It was believed that access to MOD’s knowledge should be earned via degrees of initiation and a proven respect for the craft, rather than releasing powerful information into the wild where it could be used for nefarious purposes. A demonstration of responsibility on the part of the initiate was required. This informal compartmentalized protection of more sensitive knowledge was a structure originally employed by LOD in the 1980s, rather successfully. According to Lex Luthor, “I realized early on that only certain people can be trusted with certain information, and certain types of information can be trusted to no one. Giving out useful things to irresponsible people would inevitably lead to whatever thing it was being abused and no longer useful. I was very possessive of my information and frequently withheld things from my articles.” –Phrack #40 interview, 1/8/1992.

Michael Calce aka MafiaBoy -a high school student from the middle-class suburban area of the West Island in Montreal, Canada who launched a series of highly publicized denial-of-service attacks in February 2000 against large commercial websites including Yahoo!, Amazon.com, Dell, Inc., E*TRADE, eBay, and CNN. Canada’s Youth Criminal Justice Act forbids Canadian news outlets from publication of MafiaBoy’s real name in connection with this incident. Non-Canadian media outlets including USA Today and The Register identified the boy’s father as 45-year-old John Calce because he was arrested simultaneously on unrelated charges. American journalist James Meek and, later, American computer security critic Rob Rosenberger revealed the attacker to be Calce, who was only 15 years old at the time. The U.S. Federal Bureau of Investigation and the Royal Canadian Mounted Police first noticed Mr. Calce when he started claiming in IRC chatrooms that he was responsible for the attacks. He became the chief suspect when he claimed to have brought down Dell’s website, an attack that had not been publicized at that time. Mr. Calce initially denied responsibility but later pled guilty to most of the charges brought against him.  His lawyer insisted the child had only run unsupervised tests to help design an improved firewall, whereas trial records indicated the youth showed no remorse and had expressed a desire to move to Italy for its lax computer crime laws. The Montreal Youth Court sentenced him on September 12, 2001 to eight months of “open custody,” one year of probation, restricted use of the Internet, and a small fine.

Legion of Doom, LOD -  was a very influential hacker group that was active from the 1980s to the late 1990s and early 2000. Their name appears to be a reference to the main antagonists of Challenge of the Superfriends. LOD was founded by the hacker Lex Luthor, after a rift with his previous group the Knights of Shadow (much as the Masters of Deception would later be founded after Phiber Optik had a rift with Chris Goggans and LOD, eventually leading to the Great Hacker War and disbanding of both groups). At different points in the group’s history, LOD was split into LOD and LOD/LOH (Legion of Doom/Legion of Hackers) for the members that were more skilled at hacking than pure phone phreaking. Unlike Masters of Deception there were different opinions regarding what the Legion of Doom was. LOD published the Legion of Doom Technical Journals and regularly contributed to the overall pool of hacking knowledge and information, while causing no direct harm to the phone systems and computer networks they took over. On the other hand, many LOD members were raided, charged and in some cases successfully prosecuted for causing damage to systems and reprogramming phone company computers (Grant, Darden and Riggs, etc). While the “Bellsouth” case could be construed as exploration of the phone system, with claims that no real damage was done, there are other former LOD members such as Corey A. Lindsly (a.k.a. Mark Tabas) who were clearly interested in for-profit computer crime, with no goal except personal gain.