177 lines
8.7 KiB
Plaintext
177 lines
8.7 KiB
Plaintext
|
Slippery cybervandal caught in his own electronic web
|
|||
|
|
-----------------------------------------------------
|
|||
|
|
|
|||
|
|
(c) Copyright the News & Observer Publishing Co.
|
|||
|
|
How a computer sleuth traced a digital trail
|
|||
|
|
|
|||
|
|
New York Times
|
|||
|
|
|
|||
|
|
RALEIGH, N.C. (9:05 p.m.) -- After a search of more than two years, a team
|
|||
|
|
of FBI agents early Wednesday morning captured a 31-year-old computer
|
|||
|
|
expert accused of a long crime spree that includes the theft of thousands
|
|||
|
|
of data files and at least 20,000 credit card numbers from computer
|
|||
|
|
systems around the nation.
|
|||
|
|
|
|||
|
|
The arrest of Kevin D. Mitnick, one of the most wanted computer criminals,
|
|||
|
|
followed a 24-hour stakeout of a Raleigh apartment building here.
|
|||
|
|
|
|||
|
|
A convicted computer felon on the run from federal law enforcement
|
|||
|
|
officials since November 1992, Mitnick has used his sophisticated skills
|
|||
|
|
over the years to worm his way into many of the nation's telephone and
|
|||
|
|
cellular telephone networks and vandalize government, corporate and
|
|||
|
|
university computer systems. Most recently, he had become a suspect in a
|
|||
|
|
rash of break-ins on the global Internet computer network.
|
|||
|
|
|
|||
|
|
"He was clearly the most wanted computer hacker in the world," said Kent
|
|||
|
|
Walker, an assistant U.S. attorney in San Francisco who helped coordinate
|
|||
|
|
the investigation. "He allegedly had access to corporate trade secrets
|
|||
|
|
worth billions of dollars. He was a very big threat."
|
|||
|
|
|
|||
|
|
But federal officials say Mitnick's confidence in his hacking skills may
|
|||
|
|
have been his undoing. On Christmas Day, he broke into the home computer
|
|||
|
|
of a computer security expert, Tsutomu Shimomura, a researcher at the
|
|||
|
|
federally financed San Diego Supercomputer Center.
|
|||
|
|
|
|||
|
|
Shimomura then made a crusade of tracking down the intruder, an obsession
|
|||
|
|
that led to Wednesday's arrest.
|
|||
|
|
|
|||
|
|
It was Shimomura, working from a monitoring post in San Jose, Calif., who
|
|||
|
|
determined last Saturday that Mitnick was operating through a computer
|
|||
|
|
modem connected to a cellular telephone somewhere near Raleigh, N.C.
|
|||
|
|
|
|||
|
|
Sunday morning, Shimomura flew to Raleigh, where he helped telephone
|
|||
|
|
company technicians and federal investigators use cellular-frequency
|
|||
|
|
scanners to home in on Mitnick.
|
|||
|
|
|
|||
|
|
Mitnick was arrested at 2 o'clock Wednesday morning in his apartment in
|
|||
|
|
the Duraleigh Hills neighborhood of northwest Raleigh, after FBI agents used
|
|||
|
|
their scanners to determine that Mitnick, in keeping with his nocturnal
|
|||
|
|
habits, had connected once again to the Internet.
|
|||
|
|
|
|||
|
|
Shimomura was present Wednesday at Mitnick's pre-arraignment hearing at
|
|||
|
|
the
|
|||
|
|
federal courthouse in Raleigh. At the end of the hearing, Mitnick, who now
|
|||
|
|
has shoulder-length brown hair and was wearing a black sweat suit and
|
|||
|
|
handcuffs, turned to Shimomura, whom he had never met face to face.
|
|||
|
|
|
|||
|
|
"Hello, Tsutomu," Mitnick said. "I respect your skills."
|
|||
|
|
|
|||
|
|
Shimomura, who is 30 and also has shoulder-length hair, nodded solemnly.
|
|||
|
|
|
|||
|
|
|
|||
|
|
Mitnick, already wanted in California for a federal parole violation, was
|
|||
|
|
charged Wednesday with two federal crimes. The first, illegal use of a
|
|||
|
|
telephone access device, is punishable by up to 15 years in prison and a
|
|||
|
|
$250,000 fine.
|
|||
|
|
|
|||
|
|
The second charge, computer fraud, carries potential penalties of 20 years
|
|||
|
|
in prison and a $250,000 fine. Federal prosecutors said they were
|
|||
|
|
considering additional charges related to Mitnick's reported Internet
|
|||
|
|
spree.
|
|||
|
|
|
|||
|
|
Federal officials say Mitnick's motives have always been murky. He was
|
|||
|
|
recently found to have stashed thousands of credit card numbers on
|
|||
|
|
computers in the San Francisco Bay area -- including the card numbers of
|
|||
|
|
some of the best-known millionaires in Silicon Valley. But there is no
|
|||
|
|
evidence yet that Mitnick had attempted to use those credit card accounts.
|
|||
|
|
|
|||
|
|
Indeed, frequently ignoring the possibility of straightforward financial
|
|||
|
|
gain from the information he has stolen, Mitnick has often seemed more
|
|||
|
|
concerned with proving that his technical skills are better than those
|
|||
|
|
whose job it is to protect the computer networks he has attacked.
|
|||
|
|
|
|||
|
|
Federal officials say the arrest of Mitnick does not necessarily solve all
|
|||
|
|
the recent Internet crimes, because his trail of electronic mail has
|
|||
|
|
indicated that he may have accomplices. One of them is an unknown computer
|
|||
|
|
operator, thought to be in Israel, with whom Mitnick has corresponded
|
|||
|
|
electronically and boasted of his Internet exploits, investigators said.
|
|||
|
|
|
|||
|
|
Still, the capture of Mitnick gives the FBI custody of a notoriously
|
|||
|
|
persistent and elusive computer break-in expert. Raised in the San
|
|||
|
|
Fernando Valley near Los Angeles by his mother, Mitnick has been in and out of
|
|||
|
|
trouble with the law since 1981.
|
|||
|
|
|
|||
|
|
It was then, as a 17-year-old, that he was placed on probation for
|
|||
|
|
stealing computer manuals from a Pacific Bell telephone switching center in Los
|
|||
|
|
Angeles.
|
|||
|
|
<EFBFBD> <20>' 0*0*0*<2A> <20> <20> Those who know Mitnick paint a picture of a man obsessed with the power
|
|||
|
|
inherent in controlling the nation's computer and telephone networks.
|
|||
|
|
|
|||
|
|
The recent break-ins he is accused of conducting include forays into
|
|||
|
|
computer systems at Apple Computer Inc. and Motorola Inc. and attacks on
|
|||
|
|
commercial services that provide computer users with access to the
|
|||
|
|
Internet, including the Well in Sausalito, Calif., Netcom in San Jose,
|
|||
|
|
Calif., and the Colorado Supernet, in Boulder, Colo.
|
|||
|
|
|
|||
|
|
To make it difficult for investigators to determine where the attacks were
|
|||
|
|
coming from, Mitnick is said to have used his computer and modem to
|
|||
|
|
manipulate a local telephone company switch in Raleigh to disguise his
|
|||
|
|
whereabouts.
|
|||
|
|
|
|||
|
|
In recent weeks, as an elite team of computer security experts tightened
|
|||
|
|
an invisible electronic net around the fugitive, Mitnick continued to taunt
|
|||
|
|
his pursuers, apparently unaware of how close they were to capturing him.
|
|||
|
|
|
|||
|
|
About 10 days ago, for example, someone whom investigators believe to have
|
|||
|
|
been Mitnick left a voice-mail message for Shimomura, a Japanese citizen.
|
|||
|
|
The message reprimanded Shimomura for converting the intruder's earlier
|
|||
|
|
voice-mail messages into computer audio files and making them available on
|
|||
|
|
the Internet.
|
|||
|
|
|
|||
|
|
"Ah Tsutomu, my learned disciple," the taunting voice said. "I see that
|
|||
|
|
you put my voice on the Net. I'm very disappointed, my son."
|
|||
|
|
|
|||
|
|
But the continued attempts at one-upmanship simply gave the pursuers more
|
|||
|
|
electronic evidence.
|
|||
|
|
|
|||
|
|
"He was a challenge for law enforcement, but in the end he was caught by
|
|||
|
|
his own obsession," said Kathleen Cunningham, a deputy marshal for the
|
|||
|
|
U.S. Marshals Service who has pursued Mitnick for several years.
|
|||
|
|
|
|||
|
|
Mitnick first came to national attention in 1982 when, as a teen-age
|
|||
|
|
prank, he used a computer and a modem to break into a North American Air Defense
|
|||
|
|
Command computer.
|
|||
|
|
|
|||
|
|
He subsequently gained temporary control of three central offices of
|
|||
|
|
telephone companies in New York City and all the phone switching centers
|
|||
|
|
in California.
|
|||
|
|
|
|||
|
|
This gave him the ability to listen in on calls and pull pranks like
|
|||
|
|
reprogramming the home phone of someone he did not like so that each time
|
|||
|
|
the phone was picked up, a recording asked for a deposit of a coin.
|
|||
|
|
|
|||
|
|
But the break-ins escalated beyond sophomoric pranks. For months in 1988,
|
|||
|
|
Mitnick secretly read the electronic mail of computer security officials
|
|||
|
|
at MCI Communications and Digital Equipment Corp., learning how their
|
|||
|
|
computers and phone equipment were protected.
|
|||
|
|
Officials at Digital later accused him of causing $4 million in damage to
|
|||
|
|
computer operations at the company and stealing $1 million of software. He
|
|||
|
|
was convicted in July 1989 and sentenced to a year in a low-security
|
|||
|
|
federal prison in Lompoc, Calif.
|
|||
|
|
|
|||
|
|
One of his lawyers convinced the court that Mitnick had an addiction to
|
|||
|
|
computers. In July 1989, after his release from prison, he was placed in a
|
|||
|
|
treatment program for compulsive disorders, the Beit T'Shuvah center in
|
|||
|
|
Los Angeles. During his six months there, he was prohibited from touching a
|
|||
|
|
computer or modem.
|
|||
|
|
|
|||
|
|
That restriction was a condition of his probation when he was released in
|
|||
|
|
mid-1990, and it was for reportedly violating this condition that federal
|
|||
|
|
officials were pursuing him when he dropped out of sight in November 1992.
|
|||
|
|
|
|||
|
|
In September 1993, the California Department of Motor Vehicles also issued
|
|||
|
|
a warrant for his arrest. The warrant stated that Mitnick had wiretapped
|
|||
|
|
calls from FBI agents. He then used law-enforcement access codes obtained
|
|||
|
|
by eavesdropping on the agents to illegally gain access the drivers'
|
|||
|
|
license data base in California.
|
|||
|
|
|
|||
|
|
Federal law enforcement officials believe that Mitnick has conducted a
|
|||
|
|
long string of computer and phone telephone network break-ins during more than
|
|||
|
|
two years on the run.
|
|||
|
|
|
|||
|
|
And they say his ability to remain at large until now illustrates the new
|
|||
|
|
challenges that law enforcement officials face in apprehending criminals
|
|||
|
|
who can cloak themselves behind a curtain of forged electronic data.
|
|||
|
|
|
|||
|
|
|