Underground: Tales of Hacking, Madness and Obsession from the Electronic Frontier (15 page)

BOOK: Underground: Tales of Hacking, Madness and Obsession from the Electronic Frontier
6.71Mb size Format: txt, pdf, ePub

Force thought it was inefficient to hand out his DEFCON program and have ten people scan the same network ten different times. It wasted time and resources. Further, it was becoming harder to get access to the main X.25 sites in Australia, like Minerva. Scanning was the type of activity likely to draw the attention of a system admin and result in the account being killed. The more people who scanned, the more accounts would be killed, and the less access the Australian hackers would have. So Force refused to hand over DEFCON to hackers outside The Realm, which is one thing that made it such a powerful group.

Scanning with DEFCON meant using Netlink, a program which legitimate users didn’t often employ. In his hunt for hackers, an admin might look for people running Netlink, or he might just examine which systems a user was connecting to. For example, if a hacker connected directly to Altos from Minerva without hopping through a respectable midpoint, such as another corporate machine overseas, he could count on the Minerva admins killing off the account.

DEFCON was revolutionary for its time, and difficult to reproduce. It was written for Prime computers, and not many hackers knew how to write programs for Primes. In fact, it was exceedingly difficult for most hackers to learn programming of any sort for large, commercial machines. Getting the system engineering manuals was tough work and many of the large companies guarded their manuals almost as trade secrets. Sure, if you bought a $100000 system, the company would give you a few sets of operating manuals, but that was well beyond the reach of a teenage hacker. In general, information was hoarded--by the computer manufacturers, by the big companies which bought the systems, by the system administrators and even by the universities.

Learning on-line was slow and almost as difficult. Most hackers used 300 or 1200 baud modems. Virtually all access to these big, expensive machines was illegal. Every moment on-line was a risky proposition.

High schools never had these sorts of expensive machines. Although many universities had systems, the administrators were usually miserly with time on-line for students. In most cases, students only got accounts on the big machines in their second year of computer science studies. Even then, student accounts were invariably on the university’s oldest, clunkiest machine. And if you weren’t a comp-sci student, forget it. Indulging your intellectual curiosity in VMS

systems would never be anything more than a pipe dream.

Even if you did manage to overcome all the roadblocks and develop some programming experience in VMS systems, for example, you might only be able to access a small number of machines on any given network. The X.25 networks connected a large number of machines which used very different operating systems. Many, such as Primes, were not in the least bit intuitive. So if you knew VMS and you hit a Prime machine, well, that was pretty much it.

Unless, of course, you happened to belong to a clan of hackers like The Realm. Then you could call up the BBS and post a message. ‘Hey, I found a really cool Primos system at this address. Ran into problems trying to figure the parameters of the Netlink command. Ideas anyone?’

And someone from your team would step forward to help.

In The Realm, Force tried to assemble a diverse group of Australia’s best hackers, each with a different area of expertise. And he happened to be the resident expert in Prime computers.

Although Force wouldn’t give DEFCON to anyone outside The Realm, he wasn’t unreasonable. If you weren’t in the system but you had an interesting network you wanted mapped, he would scan it for you. Force referred to scans for network user addresses as ‘NUA sprints’. He would give you a copy of the NUA sprint. While he was at it, he would also keep a copy for The Realm. That was efficient. Force’s pet project was creating a database of systems and networks for The Realm, so he simply added the new information to its database.

Force’s great passion was mapping new networks, and new mini-networks were being added to the main X.25 networks all the time. A large corporation, such a BHP, might set up its own small-scale network connecting its offices in Western Australia, Queensland, Victoria and the United Kingdom. That mini-network might be attached to a particular X.25 network, such as Austpac. Get into the Austpac network and chances were you could get into any of the company’s sites.

Exploration of all this uncharted territory consumed most of Force’s time. There was something cutting-edge, something truly adventurous about finding a new network and carefully piecing together a picture of what the expanding web looked like. He drew detailed pictures and diagrams showing how a new part of the network connected to the rest.

Perhaps it appealed to his sense of order, or maybe he was just an adventurer at heart. Whatever the underlying motivation, the maps provided The Realm with yet another highly prized asset.

When he wasn’t mapping networks, Force published Australia’s first underground hacking journal, Globetrotter. Widely read in the international hacking community, Globetrotter reaffirmed Australian hackers’ pre-eminent position in the international underground.

But on this particular day, Par wasn’t thinking about getting a copy of Globetrotter or asking Force to scan a network for him. He was thinking about that secret. Force’s new secret. The secret Parmaster desperately wanted.

Force had been using DEFCON to scan half a dozen networks while he chatted to Par on Altos. He found an interesting connection from the scan, so he went off to investigate it. When he connected to the unknown computer, it started firing off strings of numbers at Force’s machine. Force sat at his desk and watched the characters rush by on his screen.

It was very odd. He hadn’t done anything. He hadn’t sent any commands to the mystery computer. He hadn’t made the slightest attempt to break into the machine. Yet here the thing was throwing streams of numbers.

What kind of computer was this? There might have been some sort of header which would identify the computer, but it had zoomed by so fast in the unexpected data dump that Force had missed it.

Force flipped over to his chat with Par on Altos. He didn’t completely trust Par, thinking the friendly American sailed a bit close to the wind. But Par was an expert in X.25 networks and was bound to have some clue about these numbers. Besides, if they turned out to be something sensitive, Force didn’t have to tell Par where he found them.

‘I’ve just found a bizarre address. It is one strange system. When I connected, it just started shooting off numbers at me. Check these out.’

Force didn’t know what the numbers were, but Par sure did. ‘Those look like credit cards,’ he typed back.

‘Oh.’ Force went quiet.

Par thought the normally chatty Australian hacker seemed astonished.

After a short silence, the now curious Par nudged the conversation forward. ‘I have a way I can check out whether they really are valid cards,’ he volunteered. ‘It’ll take some time, but I should be able to do it and get back to you.’

‘Yes.’ Force seemed hesitant. ‘OK.’

On the other side of the Pacific from Par, Force thought about this turn of events. If they were valid credit cards, that was very cool.

Not because he intended to use them for credit card fraud in the way Ivan Trotsky might have done. But Force could use them for making long-distance phone calls to hack overseas. And the sheer number of cards was astonishing. Thousand and thousands of them. Maybe 10000.

All he could think was, Shit! Free connections for the rest of my life.

Hackers such as Force considered using cards to call overseas computer systems a little distasteful, but certainly acceptable. The card owner would never end up paying the bill anyway. The hackers figured that Telecom, which they despised, would probably have to wear the cost in the end, and that was fine by them. Using cards to hack was nothing like ordering consumer goods. That was real credit card fraud. And Force would never sully his hands with that sort of behaviour.

Force scrolled back over his capture of the numbers which had been injected into his machine. After closer inspection, he saw there were headers which appeared periodically through the list. One said,

‘CitiSaudi’.

He checked the prefix of the mystery machine’s network address again.

He knew from previous scans that it belonged to one of the world’s largest banks. Citibank.

The data dump continued for almost three hours. After that, the Citibank machine seemed to go dead. Force saw nothing but a blank screen, but he kept the connection open. There was no way he was going to hang up from this conversation. He figured this had to be a freak connection--that he accidentally connected to this machine somehow, that it wasn’t really at the address he had tried based on the DEFCON

scan of Citibank’s network.

How else could it have happened? Surely Citibank wouldn’t have a computer full of credit cards which spilled its guts every time someone rang up to say ‘hello’? There would be tonnes of security on a machine like that. This machine didn’t even have a password. It didn’t even need a special character command, like a secret handshake.

Freak connections happened now and then on X.25

networks. They had the same effect as a missed voice phone connection. You dial a friend’s number--and you dial it correctly--but somehow the call gets screwed up in the tangle of wires and exchanges and your call gets put through to another number entirely. Of course, once something like that happens to an X.25 hacker, he immediately tries to figure out what the hell is going on, to search every shred of data from the machine looking for the system’s real address.

Because it was an accident, he suspects he will never find the machine again.

Force stayed home from school for two days to keep the connection alive and to piece together how he landed on the doorstep of this computer. During this time, the Citibank computer woke up a few times, dumped a bit more information, and then went back to sleep. Keeping the connection alive meant running a small risk of discovery by an admin at his launch point, but the rewards in this case far exceeded the risk.

It wasn’t all that unusual for Force to skip school to hack. His parents used to tell him, ‘You better stop it, or you’ll have to wear glasses one day’. Still, they didn’t seem to worry too much, since their son had always excelled in school without much effort. At the start of his secondary school career he had tried to convince his teachers he should skip year 9. Some objected. It was a hassle, but he finally arranged it by quietly doing the coursework for year 9 while he was in year 8.

After Force had finally disconnected from the CitiSaudi computer and had a good sleep, he decided to check on whether he could reconnect to the machine. At first, no-one answered, but when he tried a little later, someone answered all right. And it was the same talkative resident who answered the door the first time. Although it only seemed to work at certain hours of the day, the Citibank network address was the right one. He was in again.

As Force looked over the captures from his Citibank hack, he noticed that the last section of the data dump didn’t contain credit card numbers like the first part. It had people’s names--Middle Eastern names--and a list of transactions. Dinner at a restaurant. A visit to a brothel. All sorts of transactions. There was also a number which looked like a credit limit, in come cases a very, very large limit, for each person. A sheik and his wife appeared to have credit limits of $1 million--each. Another name had a limit of $5 million.

There was something strange about the data, Force thought. It was not structured in a way which suggested the Citibank machine was merely transmitting data to another machine. It looked more like a text file which was being dumped from a computer to a line printer.

Force sat back and considered his exquisite discovery. He decided this was something he would share only with a very few close, trusted friends from The Realm. He would tell Phoenix and perhaps one other member, but no-one else.

As he looked through the data once more, Force began to feel a little anxious. Citibank was a huge financial institution, dependent on the complete confidence of its customers. The corporation would lose a lot of face if news of Force’s discovery got out. It might care enough to really come after him. Then, with the sudden clarity of the lightning strike photo which hung on his wall, a single thought filled his mind.

I am playing with fire.

[ ]

‘Where did you get those numbers?’ Par asked Force next time they were both on Altos.

Force hedged. Par leaped forward.

‘I checked those numbers for you. They’re valid,’ he told Force. The American was more than intrigued. He wanted that network address. It was lust. Next stop, mystery machine. ‘So, what’s the address?’

That was the one question Force didn’t want to hear. He and Par had a good relationship, sharing information comfortably if occasionally.

But that relationship only went so far. For all he knew, Par might have a less than desirable use for the information. Force didn’t know if Par carded, but he felt sure Par had friends who might be into it.

So Force refused to tell Par where to find the mystery machine.

Par wasn’t going to give up all that easily. Not that he would use the cards for free cash, but, hey, the mystery machine seemed like a very cool place to check out. There would be no peace for Force until Par got what he wanted. Nothing is so tempting to a hacker as the faintest whiff of information about a system he wants, and Par hounded Force until the Australian hacker relented just a bit.

Finally Force told Par roughly where DEFCON had been scanning for addresses when it stumbled upon the CitiSaudi machine. Force wasn’t handing over the street address, just the name of the suburb. DEFCON

had been accessing the Citibank network through Telenet, a large American data network using X.25 communications protocols. The sub-prefixes for the Citibank portion of the network were 223 and 224.

Par pestered Force some more for the rest of the numbers, but the Australian had dug his heels in. Force was too careful a player, too fastidious a hacker, to allow himself to get mixed up in the things Par might get up to.

Other books

Goblin Precinct (Dragon Precinct) by DeCandido, Keith R. A.
The Prince of Risk by Christopher Reich
La torre de la golondrina by Andrzej Sapkowski
Passion Killers by Linda Regan
Dust and Shadow by Lyndsay Faye
Valley of the Templars by Paul Christopher
Twist by Dannika Dark