TUCoPS :: Cyber Law :: nighthak.txt

Night of the Hackers

NIGHTHACK
"""""""""

Written by Richard Sandza


The word HACKER has taken on a meaning recently.  It used to mean an avid
computer user.  But now it has taken to the likes (basically) of someone who
uses his computer to steal, alter, or misuse online data that is not theirs. 
Below is a story I've obtained from a friend that we can all consider...


The Night of the Hackers
""""""""""""""""""""""""

As you are surveying the dark and misty swamp, you come across what appears
to be a small cave.  You light a torch and enter.  You have walked several
hundred feet when you stumble into a bright blue portal... With a sudden burst
of light and a loud explosion you aare swept into... DRAGONFIRE... Press any
key if you dare.

You have programmed your personal computer to dial into DRAGONFIRE, a computer
bulletin board in Gainsville Texas.  But before you get any
information, Dragonfire demands your name, (Ctrl-K) or (Ctrl-X) Aborts, (Ctrl-
S) Suspends.  home city, and phone number.  So, for tonight's tour of the
elec-tronic wilderness you become Montana Wildhack of San Francisco.

Dragonfire, Sherwood Forest, Forbidden Zone, Blottoland, Plovernet, The Vault,
Shadowland, PHBI and scores of other bulletin boards are hangouts of a new
generation of vandals.  These precocious teenagers use their electronic skills
to play hide and seek with computer and telephone security forces.  Many
computer bulletin boards are perfectly legitimate:  they resemble electronic
versions of the familiar cork boards found in supermarkets	and school
corridors, listing services and providing information someone out there is
bound to find useful.  But this is a walk on the wild side, a trip into the
world of underground bulletin boards dedicated to and encouraging -- and
making mis-chief.  The phone number for these boards are as closely guarded
as a psychiatrist's home phone number.  Some numbers are posted on underground
boards; others are exchanged over the phone.  A friendly hacker provided
Dragonfire's phone number.  

Hook up and you see a choice of topics offered.  For Phone Phreaks -- who
delight in stealing service from AT&T and other phone networks.  
Phreakenstein's Lair is a potpourri of phone numbers, access codes and
technical information.  For computer hackers -- who dial into other people's
computers -- Ranger's Lodge is chock-full of phone numbers and passwords for
government, university and corporate computers.  Moving through Dragonfire's
offerings, you can only marvel at how conversant these teenagers are with
technical esoterica of today's electronic age.  Obviously, they have spent
great deal of time studying computers, though their grammar and spelling
indicate they haven't been diligent in other subjects.  You are constantly
reminded of how young they are.  Well it's that time of year again.  School
is back in session so let's get those high school computer phone numbers
rolling in time to get straight A's, have perfect attendance (except when you
have been up all night hacking school passwords), and messing up your worst
teacher's paycheck.

Forbidden Zone, in Detroit, is offering ammunition for hacker civil war --tips
on crashing the most popular bulletin board software.  There also are plans
for building black, red and blue boxes to mimic operator tones and get free
phone service.  And there are details for the "safest and best way to make
nitro-glycerine", compliments Doctor Hex, who says he got it from his
chemistry teacher.

Flip through the pages.  You have to wonder if this information is accurate. 
Can this really be the phone number and password for Taco Bell's computer? 
Do these kids really have the dial-up numbers for dozens of university
computers?  The temptation is too much.  You sign off and have your computer
dial the number for the Yale computer.  Bingo -- the words Yale University
appears on your	screen.  You enter the password.  A menu appears.  You
hang up in a sweat.  You are now a Hacker.

Punch in another number and your modem zips off the touch tones.  Here comes
the tedious side of all this.  Bulletin boards are popular.  No vacancy in
Bate's Motel (named for Anthony Perkins creepy motel in the movie "Psycho");
the line is busy.  So are 21 B Baker, PHBI, Shadowland and The Vault. 
Caesar's Palace rings and connects.  This is a different breed of board. 
Caesar's Palace is a combination Phreak board and computer store in Miami. 
This is a place to learn ways to mess up a department store's anti-shoplifting
system, or make free calls on telephones with locks on the dial.  Pure
capitalism accompanies such anarchy, Caesar's Palace is offering good deals
on disk drives, software, computers and all sorts of hardware.  Orders are
placed through electronic mail messages.

'Tele-Trial':  Bored by Caesar's Palace, you enter the number for Blottoland,
the board operator is one of the nation's most notorious computer phreaks --
King Blotto.  This one has been busy all night, but it's now pretty late in
Cleveland.  The phone rings and you connect.  To get past the blank screen,
type the secondary password 'Slime'.  King Blotto obliges, listing his rules. 
He must have your real name, phone number, address, occupation & interests. 
He will call and disclose the primary password, 'if you belong to this board. 
If admitted, do not reveal the phone number or the secondry password, lest you
face 'tele-trial', the King warns as he dismisses you by hanging up.  You
expected heavy security, but this teenagers security is, as they say, awesome. 
Computers at the Defense Department and hundreds of businesses let you know
when you've reached them.  Here you need a password just to find out what
system answered the phone.  Then King Blotto asks questions -- and hangs up. 
Professional computer-security experts could learn something from this kid. 
He knows that ever since 414 computer hackers were arrested in August 1982,
law enforcement officers have been searching for leads on computer bulletin
boards.

'Do you have any ties to or connections with any law enforcement agency or
any agency which would inform such a law enforcement agency of this bulletin
board?

Such is the welcoming message from Plovernet, a Florida board known for its
great hacker/phreak files.  There amid a string of valid Visa and Mastercard
numbers are dozens of computer phone numbers and passwords.  Here you also
learn what Blotto means by Tele-Trial.  'As some of you may or may not know,
a session of the conference court was held and the Wizard was found guilty of
some miscellaneous charges, and sentenced to four monthes without bulletin
boards.' If Wizard calls, system operators like King Blotto disconnect him. 
Paging through bulletin boards is a test of your patience.  Each board has
different commands.  Few are easy to follow, leaving	you to hunt and peck
your way around.  So far you haven't had the nerve to type 'C' which summons
the system operator for a live, computer to computer conversation.  The time,
however, has come for you to	ask a few questions of the 'sysop'.  You dial
a computer in Boston.  It answers and you begin working your way through out
the menus.  You scan a handful of numbers, including one for Arpanet, the
Defense Department's research computer network.  Bravely you tap 'C' and in
seconds the screen blanks and your cursor dances across the screen.  Hello....
What kind of computer do you have?

Contact.  The sysop is here.  You exchange amenities and get talking.  How
much hacking does he do?  Not much, too busy.  Is he afraid of being busted
having his computer confiscated like the Los Angeles man facing criminal
charges because his computer bulletin board contained a stolen telephone-
credit-card number?  Hmmmm..... No, he replies.  Finally he asks the dreaded
question:  'How old are you?', you reply, stalling, '15', he replies.  Once
you confess and he knows you're old enough to be his father, the conversation
gets very serious.  You fear each new question; he probably thinks you're a
cop.  But all he wants to know is your choice for president.  The chat
continues, until he asks, 'What time is it there?' Just past midnight, you
reply.  Expletive, ' It's 3:08 here', the sysop types.  I must be going to
sleep.  I've got school tomorrow.  The cursor dances '**Thank you for
calling.' The screen goes blank.


Epilog
""""""

A few weeks after this reporter submitted this article to Newsweek, he found
that his credit had been altered, his drivers' licence revoked, and EVEN HIS
social security records changed!  Just in case you all might like to construe
this as a 'Victimless' crime.  The next time a computer fouls up your billing
on some matter, and COST YOU, think about it.

This follow-up to the previous article concerning the Newsweek reporter.  It
spells out the danger to all of us, due to this type of activity!


The Revenge of the Hackers
""""""""""""""""""""""""""

In the mischievous fraternity of computer hackers, a few things are prized
more than the veil of sercrecy, as NEWSWEEK San Francisco correspondent
Richard Sandza found out after writing a story on the electronic underground. 



'Conference!' someone yelled as I put the phone to my ear.  Then came a mind-
piercing beep, and suddenly my kitchen seemed full of hyperactive 15-year-
olds.  'You the guy who wrote the article in	NEWSWEEK?' someone shouted from
the depths of static, and giggles.' We're going to disconnect your phone,'
one shrieked.  'We're going to blow up your house,' called another.  I hung
up.

Some irate readers write letters to the editor.  A few call their lawyers. 
Hackers,however use the computer and the telephone, and for more than simple
comments.  Within days, computer bulletin boards aruond the country were lit
up with attacks on NEWSWEEK's 'Montana Wildhack' (a name taken from Kurt
Vonnegut character), questioning everything from my manhood to my prose style. 
'Until we get good revenge,' said one message from Unknown Warrior, 'I would
like to suggest that everyone with an auto-1 modem call Montana Butthack then
hang up when he answers.' Since then hackers of America have called my home
at least 2000 times.  My harshest critics communicate on Dragonfire, where I'm
on teletrial, video lynching in which a computer user with grievance dials
the board and presses charges against the offending party.  Other hackers --
- including the defendant -- post concurrences or rebuttals.  Despite the
mealtime interruptions, all this was at most a minor nuisance; some	was
amusing, even fun.

FRAUD:  The fun stopped with a call from a man who identified himself as Joe. 
'I'm calling to warn you,' he said.  When I barked back, he said, 'Wait, I'm
on your side.  Someone has broken into TRW and obtained a list of your credit
card numbers, your home address, social-security number and wife's name and
is posting it on bulletin boards around the country.' He named the charge
cards in my wallet.  Credit-card numbers are a very hot commidity among some
hackers.  To get one from a computer system and post it is the hacker
equivalent of making the team.  After hearing from Joe, I visited the local
office of the TRW credit bureau and got a copy of my credit record.  Sure
enough, it showed Nov.  13 inquiry by the Lennox(Mass) Savings Bank, an
institution with no reason whatever to ask about me.  Clearly some hacker had
used Lennox's password to the TRW computer to get to my files (the bank has
since changed the password).  It wasn't long before I found out what was being
done with my credit-card numbers, thanks to another friendly hacker who tipped
me to Pirate 80, a bulletin board in Charlseton West Virginia, where I found
this:  'I'm sure you guys have heard about Montana Wildhack.  He's the guy who
wrote the obscene story about phreaking in NEWSWEEK.  Well my friend did a
credit card check on TRW... try this number, it's a Visa... please nail this
guy bad... Captain Quieg.'

Captin Quieg may himself be nailed.  He has violated the Credit Card Fraud Act
of 1984 signed by President Reagan on Oct.  12.  The law provides $10,000 fine
and up to 15 year prison term for 'trafficking' in illegally obtained credit-
card account numbers.  His 'friend' has committed a felony violation of the
California computer crime law.  TRW spokesman Delia Fernadex said that TRW
would 'be more than happy to prosecute' both of them.

TRW has good reason for concern.  Its computers hold the credit histories of
120 million people.  Last year TRW sold 50 million credit reports on their
customers.  But these highly confidential personal records are so poorly
guarded that computerized teenagers can ransack the files and depart
undetected.  TRW passwords -- unlike many others -- often print out when
entered by TRW's customers.  Hackers then look for discarded printouts.  A
good source:  the trash of banks and automobile dealerships, which routinely,
do credit checks.  ' Everybody hacks TRW,' says Cleveland hacker King Blotto,
whose bulletin board has a security system the Pentagon would envy.  'It's the
easiest.' For her part, Fernandez insists that TRW 'does everything it can to
keep the system secure.'

In my case, however, that was not enough.  My credit limits would hardly
support big time fraud, but victimization takes many forms.  Another hacker
said it was likely that merchandise would be ordered in my name and shipped
to me -- just to harass me.  'I used to use credit card numbers against
someone I didn't like,' said the hacker.  'I'd call Sears and have a dozen
toilets shipped to his house.'

Meanwhile, back on Dragonfire, my tele-trial was going strong.  The charges,
as pressed by Unknown Warrior, include 'endangering all phreaks and hacks.'
The judge in this case is a hacker with the apt name of Ax Murderer.  Possible
sentences range from 'exile from the entire planet' to 'kill the dude'.  King
Blotto has taken up my defense, using hacker power to make his first pleading: 
he dialed up Dragonfire, broke into its operating system and 'crashed' the
bulletin board, destroying all its messages naming me.  The board is back up
now, with a retrial in full swing.  But then, exile from the electronic
underground looks better all the time.



TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH