The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers (9 page)

The trade-offs of using these types of authentication controls are the added cost and the extra layer of inconvenience for every user. It all depends on what you're trying to protect. Static passwords may be suffi- cient for the LA Times Web site to protect its news articles. But would you count on static passwords protecting the latest design specs for a new commercial jetliner?

THE BOTTOM LINE The stories in this book, as well as in the press, demonstrate the insecu- rity of this nation's computer systems and how vulnerable we are to an attack. It seems as if few systems are truly secure.

In this age of terrorism, we clearly need to be doing a better job of stitching up the holes. Episodes like the one recounted here raise an issue we need to face: how easily the talents and knowledge of our own unwit- ting teenagers can be turned against us to endanger our society. I believe that school kids should be taught the principles of computer ethics start- ing when they are being introduced to computing in elementary school.

Recently I attended a presentation given by Frank Abagnale, the pro- tagonist in the blockbuster film Catch Me If You Can. Frank had con- ducted a survey of high school students across the country about the ethical use of computers. Each student was asked whether he or she con- sidered it acceptable behavior to crack the password of a fellow student. Surprisingly, 48 percent of the surveyed students thought it was just fine. With attitudes like this, it's not hard to understand why people become involved in this type of activity. Chapter 2 When Terrorists Come Calling 47

If anyone has a suggestion of how to make young hackers less suscep- tible to being recruited by our enemies, foreign and domestic, I wish he or she would speak up and make his or her ideas known.

NOTES 1. "Do Terrorists Troll the Net?" by Niall McKay, Wired.com, November 14, 1998. 2. McKay article, op. cit. 3. McKay article, op. cit. 4. From the Web site satp.org, South Asia Intelligence Review. 5. "The United States and the Global Coalition Against Terrorism, September�December 2001: A Chronology," www.state.gov/r/pa/ho/pubs/fs/5889.htm. 6. Address by Major General Yashwant Deva, Avsm (Retd), President Iete, on "Information Security" at India International Centre, New Delhi on April 6, 2002, p. 9. 7. Confirming this is difficult. Since this attack took place during the Clinton administration, none of the people listed would be working in the White House any longer. But a few tidbits are avail- able. Monty Haymes did video recording. Christopher Adams is the name of a reporter with the Financial Times, a British newspaper; as far as we could ascertain, there was no White House employee by this name. Debra Reid is a photographer for the Associated Press. No one named Connie Colabatistto appears to have been working in the White House; a woman by that name is (or was) married to Gene Colabatistto, who was president of Solutions at the Space Imaging com- pany, but there is no apparent connection to them being on the White House team. 8. http://www.attrition.org/mirror/attrition/1999/05/10/www.whitehouse.gov/mirror.html. 9. Here, too, verification is difficult to come by. However, the text quoted can be viewed at http://www.attrition.org/mirror/attrition/1999/05/26/mmic.snu.ac.kr/. 10. "Computer Hackers Could Disable Military; System Compromised in Secret Exercise," by Bill Gertz, Washington Times, April 16, 1998. 11. "Wars of the Future... Today," by Tom Regan, Christian Science Monitor, June 24, 1999.

The Texas Prison Hack I don't think there's any one thing you can say to a youngster to make them change, other than to have value in themselves, you know, and never take the short road.

-- William

T

wo young convicts, each doing extended time for murder, meet

on a blazing day in the concrete yard of a Texas prison and dis-

cover they share a fascination with computers. They team up and become secret hackers right under the noses of watchful guards.

All that is in the past. These days, William Butler gets into his car at 5:30 every weekday morning and begins the commute to work through clogged Houston traffic. He considers himself a very lucky man even to be alive. He's got a steady girlfriend; he drives a shiny new car. And, he adds, "I was recently rewarded with a $7,000 raise. Not bad."

Like William, his friend Danny is also settled in life and holding down a steady job doing computer work. But neither will ever forget the long, slow years paying a hard price for their actions. Strangely, the time in prison equipped them with the skills they're now making such good use of in "the free world."

Inside: Discovering Computers Prison is a shock to the newcomer. Arriving inmates are often dumped together until the unruly and violent can be sorted out -- a severe chal- lenge to those trying to live by the rules. Surrounded by people who

49 50 The Art of Intrusion

might explode at any imagined challenge, even the meek have to hang tough and stand up for themselves. William devised his own set of rules:

I basically lived how you had to live in there. I'm just 5'10" and

I was probably 255. But it wasn't just about being big, it's a

mindset that I was not a weak person and I was nobody to be

taken advantage of. I carried myself like that. Inside, if anybody

perceives any weakness, then they take advantage of it. I didn't

lie, I didn't chat about other people's business, and don't ask me

about my business because I'll tell you to get f___ed.

Danny and I both did time on tough units. You know what I'm

saying -- gladiator units, where you had to fight all the time. So

we didn't give a shit about guards or nobody. We would fight at

the drop of a hat or do whatever we had to do.

Danny was already serving a 20-year sentence at the Wynne Unit, a prison in Huntsville, Texas, when William arrived. His initial prison job had nothing to do with computers.

They first sent me to a unit where you start you doing field work

on the farms. You go hoeing up and down rows. They could use

machines for that, but they don't -- it's a form of punishment so

you feel better about whatever job they give you later.

When Danny was transferred to the Wynne unit, he was grateful to be assigned clerical work in the Transportation Office. "I started to work on an Olivetti typewriter with a monitor and a couple of disk drives. It ran DOS and had a little memory. I messed around trying to learn how to use it." (For me, that rang familiar bells: The first computer I ever used was an Olivetti teletype with a 110-baud acoustic-coupler modem.)

He found an old computer book lying around, an instruction manual for the early database program dBase III. "I figured out how to put the reports on dBase, while everybody else was still typing theirs." He converted the office purchase orders to dBase and even started a program to track the prison's shipments of farm products to other prisons around the state.

Eventually Danny made trustee status, which brought a work assign- ment involving a higher level of trust and what's referred to as a "gate pass," allowing him to work outside the secure perimeter of the prison. He was sent to a job in the dispatch office in a trailer outside the fence, preparing shipping orders for the delivery trucks transporting the food goods. But what really mattered was that it gave him "my first real access to computers." Chapter 3 The Texas Prison Hack 51

After a while, he was given a small room in the trailer and put in charge of hardware -- assembling new machines and fixing broken ones. Here was a golden opportunity: learning how to build computers and fix them from hands-on experience. Some of the people he worked with would bring in computer books for him, which accelerated his learning curve.

Being in charge of hardware gave him access to "a shelf full of com- puter parts with nothing inventoried." He soon grew reasonably skilled at assembling machines or adding components. Prison staff didn't even inspect the systems to determine how he had configured them, so he could easily set up machines with unauthorized equipment.

Federal Prisons Are Different That kind of careless disregard for what a prisoner is up to is unlikely in a federal prison. The U.S. Bureau of Prisons has a sensibly high level of para- noia about the subject. During my time inside, I had a "NO COMPUTER" assignment, which meant it was considered a security threat for me to have any computer access. Or even access to a phone, for that matter: A prosecutor once told a federal magistrate that if I was free to use a phone while in custody, I would be able to whistle into it and send instructions to an Air Force intercontinental missile. Absurd, but the judge had no reason not to believe it. I was held in solitary for eight months.

In the federal system at that time, prisoners were allowed computer access only under a strict set of guidelines. No inmate could use any computer that was attached to a modem, or that had a network card or other communication device. Operationally critical computers and sys- tems containing sensitive information were clearly marked "Staff Use Only" so it would be immediately apparent if an inmate was using a com- puter that put security at risk. Computer hardware was strictly controlled by technology knowledgeable staff to prevent unauthorized use.

William Gets the Keys to the Castle When William was transferred from the farm prison to the Wynne unit in Huntsville, he landed an enviable job in the kitchen. "I had the keys to the castle because I could trade food for other things."

The kitchen had one computer, an ancient 286 machine with a cooling fan on the front but still good enough for him to make good progress with developing his computer skills. He was able to put some of the kitchen records, reports, and purchase order forms on the computer, which saved hours of adding columns of numbers and typing out paperwork.

After William discovered there was another prisoner who shared his interest in computers, Danny was able to help improve the quality of the 52 The Art of Intrusion

computer setup in the commissary. He pulled components off the shelf in the Agriculture trailer and then recruited the aid of some friends with maintenance assignments, who could go anywhere in the prison.

They didn't answer to anyone. So they sneaked computer parts into

the kitchen for us -- just put them into a cart and roll it down.

Then one Christmas Eve, a guard walked onto the unit with a

box that basically had parts for a whole computer in it, and a hub

and other stuff.

How did he convince a guard to break the rules so blatantly? "I just did what they call `worked my jelly' on him -- I just talked to him and befriended him." William's parents had purchased the computer items at his request, and the guard agreed to bring in the load of items as if they were Christmas presents.

To provide work space for his expanding computer installation, William appropriated a small storage room attached to the commissary. The room was unventilated but he was sure that wouldn't be a problem, and it wasn't: "I traded food to get an air conditioner, we knocked a hole in the wall and put the air conditioner unit in so we could breath and could work in comfort," he explained.

"We built three PCs back there. We took old 286 cases and put Pentium boards in them. The hard drives wouldn't fit, so we had to use toilet paper rolls for hard drive holders," which, while an innovative solu- tion, must have been funny to look at.

Why three computers? Danny would drop in sometimes, and they'd each have a computer to use. And a third guy later started "a law office" -- charging inmates for researching their legal issues online and drawing up papers for filing appeals and the like.

Meanwhile, William's skills in using a computer to organize the com- missary's paperwork came to the attention of the captain in charge of food service. He gave William an added assignment: When not busy with regular duties, he was to work on setting up computer files for the cap- tain's reports to the warden.

To carry out these additional responsibilities, William was allowed to work in the captain's office, a sweet assignment for a prisoner. But after a time William began to chafe: Those computers in the commissary were by now loaded with music files, games, and videos. In the captain's office, he had none of these pleasing diversions. Good old American innovation plus a healthy dose of gutsy fearlessness suggested a way of solving the problem.

I traded food from the kitchen to get network cable from mainte-

nance. We had the maintenance clerk order us a 1,000-foot spool Chapter 3 The Texas Prison Hack 53

of Cat 5 [Ethernet] cable. We had the guards open up pipe chases

and ran the cable. I just told them I was doing work for the

Captain and they'd open the door.

In short order, he had hardwired an Ethernet connection linking up the three computers he now had in the commissary, with the computer in the captain's office. When the captain wasn't there, William had the pleasure of playing his computer games, listening to his music, and watching his videos.

But he was running a big risk. What if the captain came back unex- pectedly and discovered him with music playing and a game on the screen, or a girlie movie? It would mean goodbye to the privileged posi- tion in the kitchen, the cushy duties in the captain's office, and the access to the computer setup he had so painstakingly assembled.

Meanwhile, Danny had his own challenges. He was now working in the Agriculture Office surrounded by computers, with telephone jacks everywhere connecting to the outside world. He was like a kid with his nose pressed to the window of the candy store and no money in his pocket. All those temptations so nearby and no way to enjoy them.

One day an officer showed up in Danny's tiny office. "[He] brought his machine in because he couldn't get connected to the Internet. I didn't really know how a modem worked, there was nobody teaching me any- thing. But I was able to help him set it up." In the process of getting the machine online, the officer, on request, gave Danny his username and password; probably he didn't see any problem about doing this, knowing that inmates weren't allowed to use any computer with online access.

Danny realized what the guard was too dense or too technically illiterate to figure out: He had given Danny an e-ticket to the Internet. Secretly running a telephone line behind a rack of cabinets into his work area, Danny hooked it up to the internal modem in his computer. With the officer's login and password that he had memorized, he was golden: He had Internet access.

Online in Safety For Danny, achieving an Internet connection opened up a whole new world on his monitor. But just as for William, he ran a huge risk every time he went online.

I was able to dial out, pick up information about computers and

all, and ask questions. I was signing on for the officer but the

whole time I was afraid it might come to light. I tried to be care-

ful not to stay on so long that I tied up the lines. 54 The Art of Intrusion

A clever workaround suggested itself. Danny installed a "splitter" on the phone line going to the fax machine. But it wasn't long before the Ag unit began to hear complaints from other prisons wanting to know why their fax line was busy so much of the time. Danny realized he'd have to get a dedicated line if he wanted to cruise the Net at leisure and in safety. A little scouting provided the answer: He discovered two tele- phone jacks that were live but not in use. Apparently none of the staff remembered they even existed. He reconnected the wire from his modem, plugging it into one of the jacks. Now he had his own outside line. Another problem solved.

In a corner of his tiny room, under a pile of boxes, he set up a com- puter as a server -- in effect, an electronic storage device for all the great stuff he planned to download, so the music files and computer hacking instructions and all the rest wouldn't be on his own computer, just in case anybody looked.

Things were shaping up, but Danny was plagued by one other diffi- culty, a considerably bigger one. He had no way of knowing what would happen if he and the officer tried to use the officer's Internet account at the same time. If Danny was already connected, would the officer get an error message saying that he couldn't get online because his account was already in use? The man might have been a dense redneck, but surely at that point he would remember giving Danny his sign-on information and begin to wonder. At the time, Danny couldn't think of a solution; the problem gnawed at him.

Still, he was proud of what he'd accomplished given the circumstances. It had taken an enormous amount of work. "I had built up a good foun- dation -- running servers, downloading anything I could get off the web, running `GetRight' [software] that would keep a download going twenty-four hours. Games, videos, hacking information, learning how networks are set up, vulnerabilities, how to find open ports."

William understood how Danny's setup in the Agriculture Department had been possible. "He was basically the network administrator because the free-world guy [the civilian employee] they had working there was a buffoon." The inmates were being assigned jobs that the employee was supposed to be doing but didn't know how, things like "the C++ and Visual Basic programming," nor did they have the smarts necessary to properly administer the network.

Another challenge also troubled Danny: His computer faced an aisle, so anybody could see what he was doing. Since the Agriculture Office was locked up after working hours, he could only go online during the day, watching for moments when everyone else in the office seemed to be too busy with their own work to take any interest in what he was up to. Picking up a clever trick that would allow him to take control of Chapter 3 The Texas Prison Hack 55