Cuckoo's Egg

Home > Other > Cuckoo's Egg > Page 14
Cuckoo's Egg Page 14

by Clifford Stoll


  The instructions couldn’t be plainer. Just press a couple buttons, type the account name, a password, and begin searching judicial records for whatever seems interesting. Next to the instructions were scribbled five account names and passwords, so I picked a pair and logged in. Nobody had thought to protect its passwords. I wondered how many former law students were still freeloading from the library.

  So I logged into the law computer and searched on the keywords telephone trace. It took a while to understand the legal jargon, but eventually I stumbled on the law regulating telephone traces. It turned out that a search warrant wasn’t necessary to trace a phone call made to your own telephone, so long as you wanted the trace made.

  This made sense. You shouldn’t need a court order to find out who was calling you. Indeed, some telephone companies now sell phones that display the digits of the calling telephone as your phone is ringing.

  But if we didn’t legally need a search warrant, why were the phone companies so insistent? Monday morning, clutching a xerox of 18 USCA §3121, I called Lee Cheng at the phone company. “Why do you make us get search warrants, when the law doesn’t require it?”

  “It’s partly to protect ourselves from lawsuits and partly to filter out worthless traces,” Lee said.

  “Well, if the warrant isn’t required, why won’t the Virginia phone company release the information?”

  “I dunno. But they won’t. I’ve spent half an hour talking to them, and they won’t budge.” If they wouldn’t release the number to another phone company, there wasn’t much chance they’d tell my lab. Looked like the phone trace was a dead end after all.

  Aletha Owens, our lawyer, called. “The FBI won’t give us the time of day, let alone a search warrant.”

  Same story with our lab police. They’d called around and got nowhere. Dead end.

  Over lunch at the lab cafeteria, I described the past week’s adventures to two astronomer pals, Jerry Nelson and Terry Mast.

  “You mean to say that they traced the call and won’t tell you the number?” Jerry asked incredulously.

  “That’s about the size of it. No tickee, no laundry.”

  Between sandwiches, I showed them my logbook. A couple weeks ago, while the phone technician was tracing the line, I’d copied all her jargon into my logbook. Now, Jerry started interpreting like a palm reader.

  “Hey, look, Cliff—the phone technician said 703,” Jerry said. “Area code 703 is in Virginia. And C and P … I bet that’s Chesapeake and Potomac. Yeah. They’re the phone company for northern and western Virginia.”

  Terry Mast is an experimentalist. “You copied those numbers that the phone technician said. Why not call every permutation of those numbers in area code 703, and find out if there’s a computer there?”

  Jerry Nelson looked at my notes. “Yeah, that oughta work. The technician said 1060 and 427 and 448. Try calling 703/427-1060. Or maybe 448–1060. There’s only a few combinations.”

  It was worth a try. But I’d be slightly more devious.

  I called my local telephone business office and said, “I have a couple calls on my bill that I don’t remember making. Could you tell me who I dialed?”

  The operator was completely cooperative. “Just read me the numbers and I’ll check them for you.”

  I told her six possible numbers, all in area code 703. Ten minutes later, she called back. “I’m very sorry, but five of those numbers are nonexistent or out of service. I don’t know how you got billed for them.”

  Five of the six were bad numbers! One might just do it. I said, “Oh yes, that’s all right. Who is the owner of the sixth number?”

  “That’s Mitre, Incorporated spelled M-I-T-R-E, at 703/448-1060. Would you like me to start a refund for those five other calls?”

  “I’m in a hurry right now. I’ll take care of it later.”

  Nervously, I dialed the phone number, ready to hang up when I heard a voice. A computer’s modem answered with a high-pitched whistle. Far out!

  Mitre. I knew of a defense contractor, Mitre, in Massachusetts. But not in Virginia. I’d seen their ads in electronics magazines—they were always looking for programmers who were U.S. citizens. Digging through the library, I found that, yes, Mitre did have a branch in Virginia. McLean, Virginia.

  Strange. Where had I heard of that city? The library’s atlas told me.

  The CIA’s headquarters are in McLean.

  I couldn’t believe it. The hacking seemed to be coming from Mitre in McLean, Virginia—a couple of miles from CIA headquarters. Time to call the boss.

  “Hey, Dennis, the calls are coming from Mitre. It’s a defense contractor just down the road from CIA headquarters. What do you think Teejay will say to that?”

  “How do you know it’s Mitre?”

  “Well, during the phone trace, I copied down all the numbers and digits that I heard from the technician. I called all combinations of them, and ended up at a computer modem at Mitre.”

  “So you’re not certain.” Dennis saw the hole in my argument. “If we spread this around and we’re wrong, we’ll be in hot water.”

  “But what are the chances of randomly dialing a telephone and getting a computer to answer?”

  “I don’t care. Until you find some proof, don’t act on it. Don’t call Mitre. And don’t tell our spooky friends.”

  Back to square one. I think I know the phone number of the hacker but how to prove it?

  Aah! Just wait until the hacker calls back again. Then see if the phone is busy. If it’s busy, then likely I’ve got the right number.

  There was another way to get the phone number. Less sophisticated, but more reliable.

  Back in graduate school, I’d learned how to survive without funding, power, or even office space. Grad students are lowest in the academic hierarchy, and so they have to squeeze resources from between the cracks. When you’re last on the list for telescope time, you make your observations by hanging around the mountaintop, waiting for a slice of time between other observers. When you need an electronic gizmo in the lab, you borrow it in the evening, use it all night, and return it before anyone notices. I didn’t learn much about planetary physics, but weaseling came naturally.

  Still, I couldn’t finagle a federal search warrant. All I had were the standard tools of astronomers. Exactly enough to get the information I needed.

  I dialed Chesapeake and Potomac’s business office and asked for the security office. After a few transfers, I recognized the voice of the technician that had traced last week’s call.

  After a few minutes of casual chat, she mentioned that her eleven-year-old kid was fascinated by astronomy. I saw my opening. “Think he’d like some star charts and posters of the planets?”

  “Sure! Especially that ringed thing, you know, Saturn.”

  One of the few resources that I’ve plenty of: pictures of planets and galaxies. We talked a bit about her kid, and I returned to the matter on my mind.

  “By the way, I think the hacker is coming from Mitre, over in McLean. 448-1060. Does this agree with your trace?”

  “I’m not supposed to release this information, but since you already know the number.…”

  Aah! Grad school comes through.

  I rolled a dozen posters into a mailing tube. Today, somewhere in Virginia, a kid’s wall sports a collection of planetary and galactic photos.

  McLean, Virginia … I knew more about Mars than McLean. I called my sister, Jeannie, who lived somewhere near there. At least she had the same area code.

  Jeannie had, indeed, heard of Mitre. They weren’t just a defense contractor grabbing secret Pentagon contracts. They also had ties to the CIA and the NSA. Among thousands of other projects, Mitre tested computers for security. When someone needed a secure computer, Mitre certified it.

  Odd. The hacker came from a company that certifies secure computers. Maybe one of their testers was fooling around on the side? Or did Mitre have some secret contract to explore security on the military ne
tworks?

  Time to call Mitre. It took five phone calls to pierce their veil of secretaries, but eventually I reached a man named Bill Chandler.

  It took fifteen minutes to convince him that there really was a problem. “Simply impossible. We’re running a secure shop, and nobody can break in.” I described my traces, leaving out the missing search warrants.

  “Well, I don’t know if someone’s hacking from our computers, but if they are, they’re sure not coming from the outside.”

  It took another ten minutes before he’d accept that it was his problem. Five more to decide what to do.

  I proposed a simple solution. Simple for me, at least. “The next time the hacker’s connected to Berkeley, just examine Mitre’s telephone line. Find out who’s connected to it.”

  Bill Chandler agreed. He’d round up some technicians and quietly watch Mitre’s telephone line, 448-1060. As soon as I’d call him, he’d trace his internal network and find the culprit.

  “I doubt we’ll find much,” he said. “It’s impossible to break into our secure site, and all our employees have clearances.”

  Right. If he wanted to keep his head in the sand, it was all right with me. Maybe one of Mitre’s employees was screwing around the military networks, just for kicks. But what if this was an organized effort?

  If so, who was behind it? Could some secret agency have hired Mitre? If so, it had to be someone right around the corner. Someone just a couple miles away. Time to call the CIA.

  Ten minutes later, I’m on the phone with Teejay. “Uh, I don’t know how to ask this, and you probably can’t tell me anyway, but what are the chances that our hacker is someone from the CIA?”

  Teejay wouldn’t consider it. “Absolutely zero. We don’t pry into domestic affairs. Period.”

  “Well, I can’t say for certain, but it looks like our phone traces lead to Virginia, and I was just wondering if …” I let my voice trail off, hoping Teejay would pick up.

  “Where in Virginia?” Teejay asked.

  “Northern Virginia. Someplace called McLean.”

  “Prove it.”

  “We got a telephone trace, but it hasn’t been officially released. We don’t have a search warrant, but there’s no doubt it’s from McLean.”

  “How do you know?”

  “Standard techniques I picked up in graduate school,” I said. If I told him how, he wouldn’t believe me. Anyway, he’d never reveal his methods to me.

  “What else do you know about this McLean connection?”

  “A little bit. Know any defense contractors there?” For once I played cat and mouse.

  “Cut the crap. Who is it?”

  “Mitre.”

  “Come on. Be serious.”

  “Would you believe 1820 Dolly Madison Road?”

  “Are you trying to tell me that someone from Mitre is hacking into military computers?”

  “That’s what our phone trace says.”

  “Well, I’ll be damned.… No, it’s just not possible.” Teejay went silent for a second. “Mitre’s a secure site.… Do you know anything more about this hacker?”

  “I know what brand of cigarettes he smokes.”

  Teejay laughed over the phone. “I guessed that last month.”

  “Then why didn’t you tell me?” Teejay wanted my news, but wasn’t forthcoming with his own. “Look, I’ve got to know one thing. Mitre’s a mile from you. They work on classified projects. Are you sure the hacker’s not with the CIA?”

  Teejay became suddenly bureaucratic. “I can only say that nobody in our agency is authorized to observe domestic activities, with or without a computer.” On the side, he added, “Damned if I know who this guy is, but he’d better not be one of us.”

  “Can you find out?”

  “Cliff, this is a domestic problem. I’d love to help, but we can’t touch it.”

  Well, the CIA was interested, but not much help. Time to call the FBI. For the seventh time, the Oakland FBI office didn’t raise an eyebrow. The agent there seemed more interested in how I traced the call than in where it led.

  Still, there was one more place to call. The Defense Communications Agency. They seemed to be on good terms with the Air Force Office of Special Investigations—maybe they could scare up some official interest.

  Despite ten thousand computers on the Milnet, only one person managed security. A month ago, Major Steve Rudd had asked about our problems. He hadn’t promised any action, just wanted to hear any news. Maybe the word Mitre would wake him up.

  I called him, and mentioned that we’d traced things back to McLean, Virginia. “I hope you’re kidding,” Steve said.

  “No kidding. The hacking’s coming from a defense contractor in McLean.”

  “Who?”

  “Can’t say till I check with my boss.” I wondered if he’d play cat and mouse.

  Despite his protests, I stood my ground. Maybe by keeping quiet, I could keep him interested. After a few more minutes on the phone, he gave up, exasperated. “Look, talk to your boss and see if he’ll tell us. We might be able to help if we know who to lean on. Unless you tell us, though, we can’t do much.”

  While it was fresh in my mind, I typed the day’s events into my logbook. The phone rang, and when I picked it up, a recorded message was playing: “This phone line is not secured. Do not discuss classified information.” It repeated a couple times, so I hung up. I didn’t know anything classified, and didn’t want to.

  Three minutes later, the same message came on my phone. By listening carefully, you could hear where the tape was spliced. I was just getting into the rhythm of the mechanical voice when an angry army officer interrupted.

  “Hello, is this Doctor Stoll?” People only used titles on me when I was in trouble. “This is Jim Christy of the OSI.”

  The Air Force narcs were on the phone. The Defense Communications Agency must have rang their bell.

  The narc had just one question. “Where did you trace the hacker in Virginia?”

  “Uh, I can’t tell you. This line isn’t secure.”

  “Be serious.”

  There wasn’t any reason not to tell him. At worst, he’d do nothing. At best, he might armtwist Mitre into cooperating. So I explained the traces to Jim Christy, and he seemed surprised, but satisfied.

  “I’ll call the Virginia FBI,” Jim said. “Maybe we can get some action from our end.”

  “Then you know something I don’t. The Oakland office won’t lift a finger unless there’s a million dollars involved.”

  Jim explained that the FBI offices are pretty much autonomous. What excites one agent, another won’t consider worthwhile. “It’s the luck of the draw. Sometimes you get the elevator …”

  “… and sometimes you get the shaft.” I wished him luck, asked him to keep me posted, and went back to my logbook. Seemed like the rumors were true. No police agency trusted another. The only way to solve the problem was to tell everyone who might be able to help. Sooner or later, someone might take action.

  None of us, at that time, would have guessed anything close to the truth. None of us—not the CIA, not the FBI, not the NSA, and certainly not me—knew where this twisted path would lead.

  The next morning I arrived at the lab to find nothing more than a couple stale phone messages. My boss wanted me to call our funding agency, the Department of Energy—“Give them a heads-up.” And Dan Kolkowitz called from Stanford.

  “I would have sent you electronic mail,” Dan said, “but I’m worried that someone else might read it.” We both had learned that hackers scan electronic mail. The simple solution was to use the phone.

  In between bites of a cashew-butter sandwich, I told Dan about my traces to Mitre, omitting any mention of the CIA. No need to start rumors about someone in Berkeley cooperating with Big Brother.

  Dan took it all in. “Strange. I called you to say that we’ve just traced our hacker into Virginia. McLean.”

  My tongue stuck to my mouth—maybe it was cashew-bu
tter—and it took a moment to talk. “But your hacker’s not the same guy that I’m following.”

  “Yeah. Maybe a group of hackers are using the same methods to attack different computers. In any case, I know the name of the hacker that’s breaking into Stanford.”

  “How’d you get that?”

  “Simple. We did the same thing as you: printed out everything the hacker typed. Well, one night, the hacker logged into our Stanford Unix computer and tried to solve his homework. It was a simple calculus problem, solving the area under a curve by counting squares. But the hacker loaded the entire problem into our computer, including his name and his instructor’s name.”

  “Ha! So who is he?”

  “I’m not sure. I know his name is Knute Sears. He’s in the fourth period math class, taught by a Mr. Maher. But I haven’t any idea where he is. I’ve searched the phone books in Stanford, and I can’t find him.”

  Dan and I both realized that his hacker must be a high school student. Finding the area under a curve is introductory calculus.

  “So how do you find a high school student named Sears?” Dan asked. “Ever heard of a directory of all kids in high school?”

  “No, but maybe there’s a directory of high school math teachers.” There’s a directory of everyone else, I figured.

  We compared our logs, and again decided that we were following two different people. Perhaps Knute Sears did know the hacker that was breaking into my system, but they certainly weren’t the same guy.

  After I hung up, I hopped on my bike and coasted down to campus. Surely the University library would have a directory of high school teachers. No luck. Finding an individual isn’t easy when you know their name but not their city.

  As a last straw, I could call my sister, Jeannie, in Virginia. Life was a little zooey for her. What was it like, from my sister’s perspective, to be sucked into this ever-widening vortex of computo-crud?

  All I needed at first was a little telephone work. I’d be most appreciative if she could call around the McLean area high schools to try and locate the mystery math teacher, Mr. Maher. Compared to the FBI’s foot-dragging, any help on the East Coast, no matter how minor, would amount to a substantial dragnet. Furthermore, Jeannie had experience with the Department of Defense—well, anyone was more experienced with the military than me. I trusted Jeannie’s discretion; even if she did no more than just listen, it would be a service.

 

‹ Prev