The information superhighway has its share of outlaws. And although the popular notion of computer crime may be of harmless youngsters hacking into their high school grades, cyberspace is the scene of virtually every level of unlawful activity, from procurement of prostitutes to securities fraud, from child pornography to industrial espionage.
It isn’t that the Internet has given us new kinds of crime, or even new criminals. It has given society’s lawless fringe a new environment and new tools for their trade. What we see in cyberspace — often in dramatic ways — are simply new expressions of traditional criminal mindset and conduct. To those who commit the crimes, the Internet is just another playing field.
“The public perception of people who break into computer systems, unfortunately, is that they are either geniuses or misguided kids showing off,” noted Eugene Spafford, Internet security expert and professor at Purdue University. “Nothing could be further from the truth. They are criminals, plain and simple.”
For some time, problems of computer crime eluded the grasp of law enforcement, and the number of unpunished offenses climbed.
Finally, the sharp rise in reported computer break-ins, from 1,334 in 1993 to 2,341 in 1994, has been followed recently by an increase in law enforcement activities to apprehend offenders.
The Federal Law Enforcement Training Center near Brunswick, Georgia, now trains police officers in cybersleuthing.
And many lawful computer users are cooperating with law enforcement officials to bring criminals to justice. The message is going out: the Internet is no longer the lawless frontier. It isn’t a cyberspace Hole-in-the-Wall for modern day bandits and highwaymen. It is a place where crime can’t be tolerated and perpetrators must be brought to justice — lest the whole network be mired down in restrictive legislative attempts to deal with the problem.
What follows are the stories of some notable cyberspace outlaws, and what was behind their emergence in the world of on-line crime. That most were first criminals in the off-line world and then found their way onto the Internet serves to illustrate the potential for abuse of this new venue.
Kevin Mitnick, who has been called a “computer terrorist” by the Department of Justice, is perhaps the most high-profile computer criminal — and responsible for more havoc in the computer world today than virtually any other computer outlaw.
Mitnick explored computers and telephone systems for more than a decade, turning complex systems into the instruments of his lawless trade. For years, he refined his skills and pushed himself up the ladder of computerized criminality.
In the early 1980s, he started his career in crime as a “phone phreak” — one who gets free phone service by cracking the right access codes. He also built up expertise calling up companies and pretending to be a computer repairman to obtain confidential phone numbers and access codes.
He idealized Robert Redford’s character in “Three Days of the Condor” — a graduate student hired by the CIA to excerpt the plots of novels. In a scene from the film, Redford poses as a telephone serviceman and crosses phone wires to shake his pursuers. Mitnick sometimes went by the handle “Condor.”
His trouble with the law began at an early age when he became part of a gang of Los Angeles computer hackers who broke into a system at Monroe High School. In 1981, at age 17, he stole the manuals of Pacific Bell’s COSMOS computer system and software from Microport Systems — but drew only probation for both incidents, because of his age.
By the late 1980s, Mitnick was no longer beating the rap. In 1989, he was convicted of computer fraud after breaking into MCI telephone computers and accessing long distance codes, as well as doing millions of dollars in damage to Digital Equipment Corporation. Judge Mariana Pfaelzer of the U.S. District Court in Los Angeles ordered him to receive therapy while in prison — likening his obsessive hacking to substance abuse — and prohibited him from use of a telephone or a computer. He served one year behind bars in a minimum-security prison.
But when Mitnick was released, little had changed.
In September 1992, warrant-carrying FBI agents searched Mitnick’s Calabasas, California, office on suspicion of Mitnick having violated probation by hacking. The California Department of Motor Vehicles concurrently sought him for posing as a law enforcement officer to gain classified information and possibly creating false identities.
By November 1992, Mitnick had disappeared, a wanted man — but it didn’t slow his mania for computer crime.
By late 1994, he was purloining computer files, e-mail and software from a computer belonging to Tsutomu Shimomura, computational physicist and computer security expert in San Diego. Shimomura was incensed and began a crusade to find the intruder. Then technology consultant Bruce Koball in Berkeley, California, discovered strange files stored in an account which he occasionally used. After a short inspection, he found they were Shimomura’s — and Mitnick’s undoing was under way.
Koball contacted Shimomura, who confirmed that the files were his and took off on the trail of the culprit, Mitnick, accompanied by FBI agents and federal marshals.
After an elaborate cyberspace chase, Mitnick was brought down. On February 15, 1995, he surrendered from his apartment in Raleigh, North Carolina, surrounded by FBI agents.
Mitnick waived extradition and is now in jail in California, charged with computer fraud and illegal use of a telephone access device. The list of allegations against him include theft of many files and documents, including 20,000 credit card numbers from Netcom On-Line Services, which provides thousands with access to the Internet.
If convicted, Mitnick faces up to 35 years in prison and half a million dollars in fines. Until this most recent apprehension, the FBI had termed Mitnick “the most wanted computer criminal in the country” — and the techniques that snared Mitnick this time will help federal authorities gain an understanding of how to catch veteran computer thieves.
He may have seen himself as above the law, a computer hacker who used his talents strictly for juvenile fun and the pursuit of knowledge. But Kevin Poulsen’s actions turned into the first-ever espionage case against a hacker.
Poulsen, also known as “Dark Dante,” is a 29-year-old native of Pasadena, California. Once regarded as a computer child prodigy, his computer talents were the focus of his life. But his hacking obsession turned him loose in the world of crime.
He had been a brilliant teen-age hacker, celebrated for high-security intrusions reminiscent of “War Games,” the 1983 film which was the hallmark of his culture. Even fellow hackers were impressed. “Kevin is extremely good at software and brave at taking chances,” said one former colleague. “Kevin was a 24-hour-a-day hacker.”
So good was Poulsen at cracking government and military systems that the defense industry offered him a dream job as a security-cleared consultant, testing the integrity of Pentagon security systems. By day, he hacked to protect government secrets. By night, he was a high-tech bandit whose intrusions became increasingly criminal.
In November 1989, Poulsen was indicted on 19 counts of conspiracy, fraud, wiretapping and money laundering. If convicted, the charges could have brought him up to 37 years in jail. But Poulsen did not go quietly. He fled, and was beyond the reach of law enforcement for 17 months.
Poulsen had burrowed deep into the giant switching networks of Pacific Bell, exploring and exploiting nearly every element of its computers. His forays led to a now-infamous incident with KIIS-FM in Los Angeles. Each week, the station ran the “Win a Porsche by Friday” contest, with a $50,000 Porsche given to the 102nd caller after a particular sequence of songs announced earlier in the day was played.
On the morning of June 1, 1990, the trio of songs was played on the air. Businessmen, students, housewives and contest fanatics jammed the lines with auto-dialers and car phones. But Poulsen had a different method. He and his associates, stationed at their computers, seized control of the station’s 25 telephone lines, blocking out all calls but their own. Then he dialed the 102nd call — and later collected his Porsche 944.
But that wasn’t all. He allegedly wiretapped the intimate phone calls of a Hollywood actress, conspired to steal classified military orders, cracked an Army computer and snooped into an FBI investigation of former Philippine president Ferdinand Marcos — all while working on national security matters.
Once authorities caught up with Poulsen, the FBI found a trove of electronic devices in his car which, according to one agent, would have “put James Bond to shame.” And even in custody, Poulsen sought to engineer computerized efforts to sabotage the FBI investigation and destroy the full evidence of his crimes.
His original indictment was later amended to add charges of espionage and possession of classified documents. Evidence of stolen classified material was found in a locker Poulsen had obtained and used — but then failed to make rental payments for.
He is being held pending trial in San Francisco for theft of classified information. In June 1994, he pleaded guilty in U.S. District Court in Los Angeles to seven counts of mail, wire and computer fraud, money laundering and obstruction of justice in connection with the KIIS-FM incident and others, for which he was sentenced on April 10, 1995 to 51 months in prison and over $56,000 in restitution to radio stations he scammed. It was the longest sentence ever handed down for such a computer crime.
Gene Edward Howland, 41, and Daniel Glynn Van Deusen, 26, have stained the world of the Internet with a sordid and unlawful use of anonymity: child pornography and abuse.
Through their “Lifestyles” bulletin board service, this Houston, Texas, duo — who operated under the pseudonyms “Poo Bear” and “Wild One” and had been dealing in child pornography for years — serviced more than 1,000 subscribers, many of them teen-agers from the Houston area. According to local law enforcement authorities, the BBS contained graphic sex stories and images.
Using the bulletin board, they lured two boys, ages 14 and 15, to their home.
The teen-agers said they went to meet Howland and Van Deusen because “[they] were curious.”
But when they arrived, according to authorities, they were assaulted and forced to commit homosexual acts with “Poo Bear” and “Wild One” against their will.
“They felt like they didn’t have any choice — these men were bigger and stronger than they were,” said Detective Robert Schoener of the Alvin Police Department near Houston.
Van Deusen says he starred in 19 homosexual adult films under the pseudonym “Todd Fuller.”
Both men were indicted on March 11 on charges of sexual assault, aggravated sexual assault and indecency with a child, and are in custody. Police also confiscated massive amounts of materials depicting unlawful and abusive acts involving children and animals.
“Child molesters don’t hang around candy stores and playgrounds anymore,” Schoener said. “They’re finding kids through computers.”
Justin Tanner Peterson, aka “Agent Steal,” is one of the more recent cases of a hacker demonstrating his ability to use computers and the Internet to seize control of telephones and break into government computers. But before the Internet, he was using his ability with computers for every possible means to the end of unlawful personal gain.
Peterson often spoke of his undercover work to help the FBI and other agencies bring down outlaw hackers. He had even helped police locate the incriminating files stashed by Kevin Poulsen. (See “Kevin Poulsen: Hacker for the Dark Side,” above) But earlier, he had bragged of working with Poulsen to pull off his computerized break-ins at Pacific Bell headquarters — the same ones which led to Poulsen’s downfall.
In 1991, he was picked up by police for possession of a stolen vehicle. The police investigation led to him facing an eight-count federal indictment — assuming false names, accessing a computer without authorization, possessing stolen mail and fraudulently obtaining and using credit cards.
But the case was transferred to California before it could ever get off the ground, and then sealed, based upon the representation that Peterson was “acting in an undercover capacity” with the federal government.
Peterson eventually pleaded guilty to six counts and faced a sentence of 40 years in jail and a $1.5 million fine. The sentencing, however, was repeatedly put off, and Peterson roamed free on bail, presumably still on government assignment. Unwittingly, the government had given the duplicitous Peterson the opportunity to commit further crimes.
In late 1993, a government attorney asked Peterson if he had been committing crimes while on bail. According to the attorney, Peterson responded that he had.
Shortly thereafter, Peterson told a friend, “I’ve got a big problem and I’m splitting,” and disappeared the same day.
According to authorities, Peterson’s “big problem” included breaking into computers used by federal investigative agencies and a credit card information bureau. He also allegedly possessed more than 40 passwords to “secure” computers.
Peterson spent nearly a year on the run, but was apprehended in late 1994 after a foot-chase when he was spotted getting out of a BMW just two blocks from the FBI’s West Los Angeles office.
Weeks before his arrest, Peterson said in a telephone interview, “I wouldn’t want the powers I have to be in the wrong hands, someone with malicious intentions.”
Apparently, they already were.
On March 27, Peterson pleaded guilty in U.S. District Court in Los Angeles to charges of conspiring to cause an illegal $150,000 wire-transfer. He is being held without bail and faces up to 60 years in jail and $2 million in fines.
~ ~ ~
These are examples of crimes committed in the computer world by the lawless few exploiting the well-intentioned many. The damage done by those few is extensive and irreparable. But the examples here serve to debunk the myth that people who are caught breaking the law on the Internet are merely guilty of “Internet crimes.” In truth, these people are simply criminals who see the Internet as the newest arena for their illegalities.
The child pornographer who seeks new children to exploit, the prodigious criminal who “fixes” a radio contest, the child and wife abuser who turns to misappropriating copyrighted works — all have shown continuing flagrant disregard for the law and have simply moved their activities onto the information superhighway in their mistaken belief that they would not be held accountable.
Criticism of those who ask that customary law be followed on the Internet is puzzling when viewed in the context of incidents such as those above. When there is armed robbery at a bank, the usual response is not to attack the police who enforce the law or the law that makes bank robbery illegal.
The fact is that the laws apply and protect us all — on the computer, and off. Computer authorities agree that hard-core computer criminals such as Mitnick may never have been brought to justice had citizens not given assistance to law enforcement. Such cooperation is essential to creating a safe computer world where outlaws find no haven.
The potential of the Internet to link individuals from all corners of the world and unify diverse cultures and nationalities makes it a priceless resource for improving understanding between peoples.
But the freedom provided by the Internet is also open to abuse, and unless the laws are applied on the Internet as well as off it, we will not have global freedom of expression but rather cyber-terrorism. Over-regulation will also ensue if a few dishonest individuals are allowed to flout the law.
Calling for application of the laws and exercise of self-restraint is a substantial contribution to preservation of the right to free expression.
But free speech does not mean free theft, and recently, federal authorities have cracked down on crimes in cyberspace. Criminals on the information superhighway have made it necessary to have traffic rules. If the net users and the access providers do not see that the rules are followed, the courts will be forced into the role of highway patrol.
Censorship is not the real issue, but a smoke screen raised by lawbreakers to divert attention from their own wrongdoing. Laws protecting copyrights and trademarks — and those providing redress for defamation and false accusations that threaten their livelihood or reputation — apply in full to the citizens of the computer world.
It is vital that all users demand responsibility along with the freedoms the Internet brings.
To continue reading, click here: Introducing Ethics into the Computer World.
Click here to return to the Leisa Goodman’s home page on Scientology.
Visit the official Church of Scientology International site here.
© 1994-2004 Church of Scientology International. All Rights Reserved. FREEDOM and Scientology are trademarks and service marks owned by Religious Technology Center and are used with its permission. Reproduction in whole or in part is strictly forbidden without written permission from FREEDOM Magazine. Requests for permission should be directed to the editor in chief at:
6331 Hollywood Blvd.
Los Angeles, CA 90028