TUCoPS :: Cyber Law :: slohack1.txt

San Luis Obispo police seize computers because they "think" that people are using them for hacking

                           AMATEUR HACKERS TRIPPED UP
                              By Danna Dykstra Coy

This article appeared in the Telegram-Tribune Newspaper, San Luis Obispo, CA.  
March 23, 1991. Permission to electronically reproduce this article was given 
by the newspaper's senior editor.  


San Luis Obispo police have cracked a case of computer hacking.  Now they've 
got to work out the bugs.  Officers were still interviewing suspects late 
Friday linked to a rare case of computer tampering that involved at least four 
people, two of them computer science majors from Cal Poly.  

The hackers were obvious amateurs, according to police.  They were caught 
unknowingly tapping into the computer system in the office of two local 
dermatologists.  The only information they would have obtained, had they 
cracked the system's entry code, was patient billing records.  

Police declined to name names because the investigation is on-going.  They 
don't expect any arrests, though technically, they say a crime has been 
committed.  Police believe the tampering was all in fun, though at the expense 
of the skin doctors who spent money and time fixing glitches caused by the 
electronic intrusion.  

"Maybe it was a game for the suspects, but you have to look at the bigger 
picture," said the officer assigned to the case, Gary Nemeth.  "The fact they 
were knowingly attempting to access a computer system without permission is a 
crime."  Because the case is rare in this county, police are learning as they 
go along.  "We will definitely file complaints with the District Attorney's 
Office," said Nemeth.  "They can decide whether we've got enough of a case to 
go to trial." 

Earlier this month San Luis dermatologists James Longabaugh and Jeffrey Herten 
told police they suspected somebody was trying to access the computer in the 
office they share at 15 Santa Rosa St.  The system, which contains patient 
records and billing information, continually shut down.  The doctors were 
unable to access their patients' records, said Nemeth, and paid a computer 
technician at least $1,500 to re-program their modem.  

The modem is a device that allows computers to communicate through telephone 
lines.  It can only be accessed when an operator "dials" its designated number 
by punching the numbers on a computer keyboard.  The "calling" computer then 
asks the operator to punch in a password to enter the system.  If the operator 
fails to type in the correct password, the system may ask the caller to try 
again or simply hang up.  Because the doctors' modem has a built-in security 
system, several failed attempts causes the system to shut down completely.  

The technician who suspected the problems were more than mechanical, advised 
the doctors to call the police.  "We ordered a telephone tap on the line, which 
showed in one day alone 200 calls were made to that number," said Nemeth.  "It 
was obvious someone was making a game of trying to crack the code to enter the 
system."  The tap showed four residences that placed more than three calls a 
day to the doctors' computer number.  Three of the callers were from San Luis 
Obispo and one was from Santa Margarita.  From there police went to work.  

"A lot of times I think police just tell somebody in a situation like that to 
get a new phone number," said Nemeth, "and their problem is resolved.  But 
these doctors were really worried.  They were afraid someone really wanted to 
know what they had in their files.  They wondered if it was happening to them, 
maybe it was happening to others.  I was intrigued." 

Nemeth, whose training is in police work and not computer crimes, was soon 
breaking new ground for the department.  "Here we had the addresses, but no 
proper search warrant.  We didn't know what to name in a search warrant for a 
computer tampering case."  A security investigator for Pacific Bell gave Nemeth 
the information he needed: disks, computer equipment, stereos and telephones, 
anything that could be used in a computer crime.  

Search warrants were served at the San Luis Obispo houses Thursday and Friday.  
Residents at the Santa Margarita house have yet to be served.  But police are 
certain they've already cracked the case.  At all three residences that were 
searched police found a disk that incorrectly gave the doctors' phone number as 
the key to a program called "Cygnus XI".  "It was a fluke," said Nemeth.  
"These people didn't know each other, and yet they all had this same program".  
Apparently when the suspects failed to gain access, they made a game of trying 
to crack the password, he said.  "They didn't know whose computer was hooked up 
to the phone number the program gave them," said Nemeth.  "So they tried to 
find out." 

Police confiscated hundreds of disks containing illegally obtained copies of 
software at a residence where two Cal Poly students lived, which will be turned 
over to a federal law enforcement agency, said Nemeth.  

Police Chief Jim Gardner said he doesn't expect this type of case to be the 
department's last, given modern technology.  "What got to be a little strange 
is when I heard my officers talk in briefings this week.  It was like `I need 
more information for the database'."  "To think 20 years ago when cops sat 
around and talked all you heard about was `211' cases and dope dealers." 


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH