Kuji Media Corporation Ltd.

Criminal gangs taking over from amateur hobbyists

Owen Bowcott, Saturday June 11, 2005, The Guardian

Gary McKinnon is deemed to be so deviously manipulative at the keyboard that he has been banned from using the internet. He is not even allowed a passport. The peculiar bail conditions imposed this week on the 39-year-old computer systems administrator from Wood Green, north London, suggest that the law enforcement community stands in awe of his technological prowess.

Until his next court appearance, due on July 27, the tousle-haired programmer, who is fighting extradition to the United States, has been ordered to stay away from any computer connected to the web.

Mr McKinnon has gained international notoriety for his alleged ability to break into scores of sensitive US defence computers, steal secret passwords, sabotage email systems and delete military files. In the hi-tech world of online hacking, however, he is perceived as one of a dying breed of amateur hobbyists – those the Americans deride as “script-kiddies”.

Despite US prosecution claims that he perpetrated “the biggest military computer hack of all time”, Mr McKinnon’s supposed achievements are by no means unique. The attempt to extradite him to answer charges in Virginia and New Jersey is far more unusual. Systems run by Nasa, the Pentagon and the Department of Defence have long been hackers’ trophy targets. His misfortune, apparently, was to get caught, and to have carried out his explorations shortly after September 11.

According to security experts, US military sites are not the most heavily protected on the internet. They rely on the deterrent threat of legal action rather than deploying highly sophisticated software or enforcing best practice among military personnel.

Mathew Bevan, another British hacker arrested for breaches of security at Nasa and US Air Force sites, found himself similarly demonised by US lawyers as “the single biggest threat to world security since Adolf Hitler” back in 1994. The case against him eventually collapsed. Like Mr McKinnon, he was also hunting for evidence about UFOs hidden on military installations.

Mr Bevan, now 30, is an IT consultant and living in Wiltshire. “The security on US military machines is probably not much better than it was back then,” he said. “There were plenty of military machines with sensitive information that had account names with no passwords. Others had been left with the standard default passwords used by the manufacturers.

“University systems and corporations are much harder to break into than military machines: universities because there are always students testing their skills, and companies because they have shareholders demanding better security.”

In Britain, the hacking subculture that nurtured Mr McKinnon’s talents has been driven underground by diligent enforcement of the Computer Misuse Act, which since 1990 has criminalised those who gain unauthorised access to computer systems.

Mr Bevan typifies the career trajectory once pursued by teenage hackers. After years hunched alone over a computer screen, and an infamous brush with the law, he has graduated to running his own company, the Kuji Media Corporation, which offers security and technology advice.

“Hackers are a dying breed,” said Mr Bevan. “Organised criminals have cottoned on to the potential rewards. There’s viruses and trojan programs flooding out of places like Russia and Bulgaria these days.

“I get people asking, ‘Why is my machine running slowly?’ And when you look, there are 300 viruses, bits of adware [advertising programs] and trojans mucking up the system. Internet service providers should really be doing deals with security firms to provide virus-free connections.”

Mr Bevan said he spoke to Mr McKinnon in 2002, “after he was first busted”.

“He’s only been selected by US prosecutors because he’s an excellent scapegoat. Maybe the amount of recreational hacking is the same, but the volume of people on the net means far more are involved in genuinely nefarious activities.”

“Pharming”, for example, is the latest threat to the integrity of internet banking services. It has emerged from Estonia in the past few months. This cunning electronic fraud may force banks to issue customers with a new generation of identity devices.

Unlike “phishing” scams – which rely on the gullibility of those who receive emails urging them to log on to sites purporting to be their online bank and confirm passwords and account details – pharming is more insidious.

Customers’ computers are infected by a trojan program – either delivered through an innocent-looking email or inadvertently downloaded from a fake advert on the internet. When the user tries to log on to the online account, the hidden program diverts the web browser to a seemingly identical site operated by criminal gangs in eastern Europe. Their electronic identities are captured, then used to empty the accounts.

“There’s discussions about whether banks will eventually have to give out security devices for customers to plug into their computers,” said Sandra Quinn of APACS, the banking industry’s payments organisation. “Barclays have already carried out trials.”

Last year, online fraud cost British banks ?12m, an increase on previous losses. That figure was dwarfed, however, by the ?150m taken via what is known as “card not present” frauds, where goods are purchased over the telephone using stolen credit cards or simply their numbers.

The array of online threats grows all the time. Denial of service (DoS) attacks, where firms’ email systems are bombarded into overload, are frequently accompanied by blackmail demands for cash to switch off the onslaught. Last year, the bookmaker William Hill was targeted and then received a demand for $50,000 (?28,000).

“Bot” programs enable computers across the net to be hijacked by remote users who in effect turn them into “zombie” machines which can be used in DoS attacks. Keylogging programs can infiltrate computers and record the keystrokes customers make in typing in credit card numbers or passwords. The criminals behind these attacks are based mainly in eastern Europe, it is believed, because law enforcement there is relatively slack and there is a plentiful supply of skilled but poorly paid programmers.

“It’s a classic low-risk crime,” said Ms Quinn. “We have seen some police action, however, and now we are getting phishing attacks coming from China.”

Threats have also been made to call-centre staff working in the financial services sector in Britain, in an attempt to force them to record and hand over customer account details. Many companies now prevent staff from using pens or paper when they sit at their screens.

The difficulty in penetrating banks has encouraged gangs to combine online techniques with strongarm tactics. The reported theft of computer backup tapes from US financial institutions while in transit to storage facilities has generated concerns about the security of millions of customers’ accounts.

An attempt earlier this year to steal ?220m by electronic transfers from the London headquarters of the Japanese bank Sumitomo was foiled, but it sparked alarm about criminals infiltrating banks to carry out insider robberies.

“Gary McKinnon appears to be an example of the type of hacking that people have moved away from,” said Felicity Bull of the National Hi-Tech Crime Unit, which investigates major computer crime in Britain. “We know that organised crime is now hiring IT-literate workers.”

Some law enforcement agencies now question whether the Computer Misuse Act needs to be overhauled, enabling it to be used to prosecute those involved in DoS attacks.

In Washington, the secret service is the force responsible for combating online fraud and hacking. “There are still plenty of script-kiddies out there bragging about what they’re doing,” one agent, Jim Dobson, told the Guardian. Some were still at high school, he said, adding: “There’s a huge amount of information out there.”

Other threats, such as gangs in Russia targeting financial institutions, or those in Asia carrying out intellectual property thefts, have eclipsed the old-style hacker community, he acknowledged.

The rise of mobile phone technology has provided fresh opportunities for a new generation of hackers.

Meanwhile, wireless computer networks have been found to be particularly vulnerable, said Paul Carratu, whose Surrey firm carries out penetration testing to assess security systems. “People are not using the encryption devices they should.”

Last month, two British hackers, Jordan Bradley, from Darlington, and Andrew Harvey, from Durham, who belonged to an Anglo-US group called the “Thr34t Krew”, pleaded guilty in Newcastle to computer crime offences. The TK worm they released exploited a weakness in web servers and caused up to ?5.5m damage to companies using the net. They now face possible prison sentences.

It may be too soon to write off the perverse ingenuity of British hackers.

The lingo and what to look out for

Trojan (horse) An innocent-looking program concealing destructive intentions.

Pharming Hijacking online bank customers by infecting web browsers. They are redirected to fake internet sites and asked to disclose account details.

Phishing Sending out emails telling online account customers they must reconfirm IDs and passwords. When they hit reply they are sent to a cloned web page.

Key logging Programs which record keystrokes and can be used to retrieve credit card and PIN numbers.

Malware Umbrella term for assorted malicious software programs which sabotage your computer.

Zombies Online computers that have been infected by trojans and can then be remotely controlled to churn out spam emails at targeted sites.

Bots Programs used to infect and control computers which are then turned into zombies.

By Margaret Ryan – BBC News

As a Briton faces possible extradition to the US for alleged computer crime, a former hacker, whose prosecution collapsed, talks about the lure of breaking into systems.

Matthew Bevan had stood accused of mounting a determined “information warfare” campaign against the US air force and leading defence contractors in 1994.

The case against Mr Bevan collapsed
US Senate hearings were initially told the security breaches were the work of highly skilled foreign agents.

Mr Bevan, whose hacker alias was Kuji, was charged with conspiracy and faced accusations of being an Eastern European spy.

But the truth was somewhat more prosaic, said the 30-year-old computer consultant.

“I was just a kid in my bedroom hunting for UFO information.”

Then a computer programmer for an insurance firm, he says he had previously been bullied and had felt ostracised by his peers.

“But the computer system was a place where I was king and showed power.

“In the real world I had none and I was quite defenceless. I didn’t deliberately cause any damage.”

Thrill of the chase

But the amateur hacker’s pastime landed him in court in the UK after his activities came to the attention of the US authorities and the British police tracked him down.

Mr Bevan can only talk about his own experiences – but his case, he believes, was overblown from the start as he was portrayed in the States as a spy running rings of spies.

It’s like a parent finding their child’s diary. You know you shouldn’t look at it but you just can’t help yourself

“At the time I was ‘the single biggest threat to world security since Adolf Hitler’,” he said.

By the time his case came to court the allegations made against him had died down.

The case against him finally collapsed in 1997 after the judge was told he posed no threat to security.

Another, a 16-year-old defendant, was fined £1,200 after admitting breaking into a number of US military systems.

Mr Bevan, who now lives in Wiltshire, freely admits that, for hackers, successfully breaking into systems provides an ego boost.

Reports claiming that UFO were being held secretly at American military installations had set the young hacker down the path of trying to find out more.

“It’s an adrenalin rush. It’s like a parent finding their child’s diary.

“You know you shouldn’t look at it but you just can’t help yourself.

“You know it’s wrong but you still do it. It becomes addictive,” he explained.

Competitive element

More than a decade on Mr Bevan understands the havoc hackers can cause in compelling companies to install more security, but resents the suggestion his actions were done out of malice.

“It’s like a spider’s web – once you break into one machine you can compromise a few accounts.

The search for UFOs prompted Mr Bevan’s hacking

“You may go into a machine not with the intent to find anything but just as a staging ground for another computer system.”

“It’s a case of ‘how many computers can I hack into in two hours?’ We used to have competitions.”

But he claimed hackers had been “tainted” by the rise in identity theft and viruses.

For the hacker, he argued there is an ethical code that information should be free and there are strict rules about using that information.

He believes companies have to accept some responsibility for hacking, arguing insurance firms would not generally pay out on insurance claims if it could be shown that not enough care had been taken in guarding against it.

To this day he believes his arrest was politically motivated, suggesting hacking cases make headlines when companies want funding to fight cyber crime.

“In my cynical view the powers that be decided ‘we’ll have you two and make a good example of you'”, he said.

Childhood pursuit

He says he had already left hacking behind him before the day he was arrested at work.

Since his case was dropped the world of hacking has changed but he believes the potential for disruption remains stronger than ever as young people become ever more computer literate.

“When I was doing it people didn’t have net access in the UK. I was dialling up to the States,” he said.

For many hacking is a young person’s pursuit that they eventually grow out of, he suggested, but before they do the potential for disruption is incalculable.

“They [children] are smart and can develop skills that adults can’t keep up with,” he said.

A British man who allegedly hacked into US military and Nasa computer networks has been arrested, say Scotland Yard.

Gary McKinnon, 39, of Wood Green, north London, faces extradition proceedings over claims he hacked into 53 military and Nasa computers in 2001 and 2002.

The US government believe tracking and correcting the alleged problems has cost around $1m (?570,000).

Mr McKinnon is being held at a central London police station and will appear at Bow Street Magistrates Court.

Mr McKinnon was arrested by officers from the Metropolitan Police Service Extradition Unit on Tuesday night around 1830BST.

Mr McKinnon is charged with the biggest military computer hack of all time

The unemployed computer systems administrator, who is known on the internet as `Solo’, is due to appear in court on Wednesday.

He is accused of hacking into computer networks operated by Nasa, the US Army, US Navy, Department of Defence and the US Air Force.

One of the networks belonged to the Pentagon.

If he is extradited and found guilty, Mr McKinnon faces a maximum penalty of five years in prison and a ?157,000 fine.

The Briton was indicted in 2002 by a Federal Grand Jury on eight counts of computer-related crimes in 14 different states.

It claimed that he hacked into an army computer at Fort Myer, Virginia, obtained administrator privileges and transmitted codes, information and commands.

Unauthorised access

He is accused of then deleting around 1,300 user accounts.

The indictment alleged Mr McKinnon also “deleted critical system files” on the computer, copied a file containing usernames and encrypted passwords for the computer, in addition to installing tools to gain unauthorised access to other computers.

A loss of over $5,000 (£2,725) to the Army stemmed from the alleged damage, according to the indictment.

At the time of the indictment, Paul McNulty, the US Attorney for the Eastern District of Virginia, said: “Mr McKinnon is charged with the biggest military computer hack of all time.”

http://news.bbc.co.uk/1/hi/uk/4071708.stm

By TED BRIDIS
Associated Press Writer

WASHINGTON – Federal authorities have cracked the case of an international hacker who broke into roughly 100 unclassified U.S. military networks over the past year, officials said Monday.

Officials declined to identify the hacker, a British citizen, but said he could be indicted as early as Tuesday in federal courts in northern Virginia and New Jersey. Those U.S. court jurisdictions include the Pentagon in Virginia and Picatiny Arsenal in New Jersey, one of the Army’s premier research facilities.

The officials declined Monday to say whether this person was already in custody, but one familiar with the investigation, who spoke only on condition of anonymity, said investigators consider the break-ins the work of a professional rather than a recreational hacker.

Authorities planned to announce details of the investigation Tuesday afternoon.

Officials said U.S. authorities were weighing whether to seek the hacker’s extradition from England, a move that would be exceedingly rare among international computer crime investigations.

Officials said this hacker case has been a priority among Army and Navy investigators for at least one year. One person familiar with the investigation said the hacker broke into roughly 100 U.S. military networks, none of them classified. Another person said the indictments were being drafted to reflect break-ins to a “large number” of military networks.

In England, officials from the Crown Prosecution Service, Scotland Yard and the Home Office declined comment Monday.

A civilian Internet security expert, Chris Wysopal, said that a less-skilled, recreational hacker might be able to break into a single military network, but it would be unlikely that same person could mount attacks against dozens of separate networks.

“Whenever it’s a multistage attack, it’s definitely a more sophisticated attacker,” said Chris Wysopal, a founding member of AtStake Inc., a security firm in Cambridge, Mass. “That’s a huge investigation.”

The cyber-security of U.S. military networks is considered fair, compared to other parts of government and many private companies and organizations. But until heightened security concerns after the Sept. 11 attacks, the Defense Department operated thousands of publicly accessible Web sites. Each represented possible entry-points from the Internet into military systems unless they were kept secured and monitored regularly.

It would be very unusual for U.S. officials to seek extradition. In previous major cyber-crimes, such as the release of the “Love Bug” virus in May 2000 by a Filipino computer student and attacks in February 2000 by a Canadian youth against major American e-commerce Web sites, U.S. authorities have waived interest in extraditing hacker suspects to stand trial here.

Once, the FBI tricked two Russian computer experts, Vasily Gorshkov and Alexey Ivanov, into traveling to the United States so they could be arrested rather than extradited. The Russians were indicted in April 2001 on charges they hacked into dozens of U.S. banks and e-commerce sites, and then demanding money for not publicizing the break-ins.

FBI agents, posing as potential customers from a mock company called Invita Computer Security, lured the Russians to Seattle and asked the pair for a hacking demonstration, then arrested them. Gorshkov was sentenced to three years in prison; Ivanov has pleaded guilty but hasn’t been sentenced.

But the Bush administration has toughened anti-hacking laws since Sept. 11 and increasingly lobbied foreign governments to cooperate in international computer-crime investigations. The United States and England were among 26 nations that last year signed the Council of Europe Convention on Cybercrime, an international treaty that provides for hacker extraditions even among countries without other formal extradition agreements.

There have been other, high-profile hacker intrusions into U.S. military systems.

In one long-running operation, the subject of a U.S. spy investigations dubbed “Storm Cloud” and “Moonlight Maze,” hackers traced back to Russia were found to have been quietly downloading millions of pages of sensitive data, including one colonel’s e-mail inbox. During three years, most recently in April 2001, government computer operators watched as reams of electronic documents flowed from Defense Department computers, among others.

In 1994, two young hackers known as “Kuji” and “Datastream Cowboy” were arrested in England on charges they broke into the U.S. Air Force’s Rome Laboratory. They planted eavesdropping software that allowed them to monitor e-mails and other sensitive information.

(Copyright 2002 by The Associated Press. All Rights Reserved.)

UK Hacker Says He Found Anti-Gravity Engine File
At W/P AFB

By Matthew Williams

2-7-99

Mathew Bevan is a 23 old computer hacker with an interest in UFOs. Recently he made front page world headlines when he was charged with hacking offences which included access to the most secret military computers of the United States Military. Mathew was able to access computers, which had the ability to launch nuclear missiles or other missiles. Described by one pentagon spokesman as being “The biggest threat to world peace since Adolf Hitler”, Mathew Bevan talks to Matthew Williams about how he did it and the fact that whilst in Wright Patterson Air Force Base computers he saw plans to a secret Anti Gravity propulsion engine….

Matthew Williams: How many years have you been into the Internet.

Mathew Bevan: Since about 16. It was a case that over here there were very few Internet providers. The only one was Demon Internet and the closest phone number to dial was in Bristol, so it was just easier to do a free (hacked) phonecall to the States and use a free provider and not worry about paying any bills.

MW: How does one “hack” the phones – what is the procedure involved.

MB: You use a little program on the old computer… The Amiga was the first computer to be used for “Blueboxing” (hacking phones) and the reason was that it has four channels of sound whereas the PC could only go “BEEP”. To get the blueboxing to work you had to play dual tones into your phone. There was a set of frequencies of tone not dissimilar to DTMF which is on most modern phones (DTMF – the tones played when you press a number on your phone keypad). When the special tones were played it would cause the network to do a number of special things.

What you then needed to do is to call a 0800 number for a foreign countries operator service – such as Columbia or Hawaii. You would play a few tones down the line and it would cut the operator off and BT would think that you had hung up the call but in fact you were still in the trunking system and you play a few more tones and you could re-route your call anywhere.

MW: Is it complicated to do these things because playing sets of musical tones down the phone line sounds quite complicated and what if you make a mistake.

MB: Well it is complicated but is a case of playing around to see what you could do. If you make a mistake you just hang up and try again. There were some other interesting things you could do like dialling a number and when you get the engaged signal then play a couple of tones and break into the call and listen without the two parties knowing you were there.

MW: You are saying that there are ways to listen to calls without being detected and this can be done from any home phone with such codes! Are you saying that you could listen to another call anywhere in the world?

MB: Yes but most of the time I was calling into the States anyway so that’s where I did it the most. I think that secretly listening in is what it was designed for.

MW: So when did you go from hacking innocent university computers into hacking the military computers?

MB: It was a case of getting onto a system and getting the password file and then running the encrypted passwords through a code cracking program so that you get the passwords. Once you have the passwords then you can get a higher level of access and get into peoples files and folders and you can monitor the system to see what it is happening. You can see that there are people that are themselves who are going from computer to computer with legitimate reasons. Now it would just happen that some of these people would be working on projects with the military. You could find that a professor would be contacting a military site (computer).

One would get fed up with doing small computer systems and would want to try to hack something bigger. The thing with people is that they tend to like the same password for multiple systems and so if you have hacked their account on a relatively unprotected system then the password will probably work on another more well protected system. The professor probably has some silly password like “professor” on the university computer and more often than not would use the same on a military system.

It is not a case of sitting there typing in millions of passwords and hoping that you get the right one. There are much more intelligent programs to do that for you and get you in to a system.

We now use things called SNIFFERS, which are covert and do not harm the system in any way. These sit in the background and watch for people’s passwords and they send them back to you. This is something that I was charged with and the offence read “modification to a system with intent to impair the operation of the computer”. Well the whole point of a sniffer is that it sits there and nobody knows it is there – if it did any harm we wouldn’t use them.

Well once inside you would use various hacker techniques to bump up your access level to that of systems administrator, so that you would have the entire system under your control. You could connect to other systems on the network with the same authority. You could monitor people’s emails and you could get into their project folders and look at their research and development work or papers that they have written. Occasionally you would get into somewhere that was quite interesting but it wasn’t always that way. Most of it was quite boring. Back in the old days before Internet Browsers that give you nice pictures and buttons to click on, it was all text based and you had to use the keyboard to type commands. There were pictures, but you had to manually download them and view them “offline”.

MW: So what were the most exciting computer systems you hacked?

MW: Firstly there was the FLEX system. This stands for Force Level Execution, and this is the thing which the News of the World newspaper picked up on. The reason this system was of interest because it had control of nuclear missiles. To explain what this program does; the official line is to plan an air war and to find out what things are incoming and what air strikes are pending. The system would then advise you of where to strike next with the best killing ratio and where to launch you missiles etc. From looking on the computer and through the “source code” I got the impression that the system had direct access to real missiles. What type of missiles I do not know and the News of the World printed that these were in fact Peacekeeper Missiles, but that didn’t come from me – I don’t know where they got those details from…?

The easiest comparison I could make is that it was a very similar system to the Skynet System in the Terminator movies. This means that the computer has access to all available information and can make intelligent decisions about how to operate a war and even control the weapons.

Of course the FLEX system is secret and something that they do not want the public to know about and the fact that weapons are controlled solely by computer. You would think that there would be other failsafe system but, as far as I could tell, that was not the case.

There were other systems such as Wright Patterson Air Force base and White Sands Missile Testing Ground, some now I forget – I went to a lot. I had been to so many I had to tell the police that I could not remember all the systems I had been in.

The lawyers couldn’t get their stories straight even for a trial of this type, which you would have expected. They would not present evidence to show how I was able to hack into their systems. So with the details of the computer systems real purpose having been removed from the case then I am now pretty sure that I did have a good idea about the real function of the programs – they didn’t want this information out in any form. This was probably the reason that they were so pissed off about it because I came forward and told everyone. You see after I was arrested then I started to get some very strange phone calls from people claiming to be in the military, Koreans and other people. I had weird semi-threatening things said to me and this is why I moved away to get away from these treats and this is another reason that I spilled the beans, in order to keep myself and my wife safe, after all what is the point of silencing me after I had talked.

MW: Where were you living and did the police give you any assistance in your moving because of these threats.

MB: Firstly I was living in Grangetown and then I was moved by the benefits agency to another location. They were aware of the court case and the sensitivity and people from Scotland Yard were helping in this respect also. I was given a new name under the benefits agency computers and was living under name of Mr Smith for a while.

MW: Why do you think they were prepared to go to this trouble to help you?

MB: What you have to understand is the fact that there was a big Senate hearing on the fact that two hackers had got into secret computer systems. One of these was a 16-year-old who they had arrested and the other person was supposedly thought to be a foreign spy who was paying the 16-year-old for information. I was made out to be the foreign spy and I was prepared to believe from the threats I was getting that these people were serious. So I had to move home.

To give you an idea of the level of the ominous phone calls I was getting, at the time I was just about to change my phone over to British Telecom. Just days before I was arrested I was due to sign the BT phone forms and send them off, but had not done do at that point. Then I had another threatening phone call and I told them to **** off and said that I was now having my number changed. The voice on the other end of the line said “yeah we know that your new number is going to be 01222 233blah blah blah” and so they knew my new number already! My wife asked often who was speaking and one name we got was Chung Lee Makasuki and he gave some phone number in China, I think.

MW: When you were arrested what happened?

MB: I was working at Admiral Insurance at the time in their computer department for around a year and a half. One of the managers came in and asked me to come and have a look at one of their computer systems and I got up and went with him. I went with him to the MDs office and there were seven people in the office, your typical men in black so to speak but as this was the MDs office I didn’t at first see this as abnormal. When I got inside one of then said to me “Mathew Bevan” and I replied “yes” and then he put up his hand and said “I am placing you under arrest for hacking of NASA and various Air Force bases.” I was standing there stunned and I was going “Oh, gosh… ummm.” They then told me that they were going to search my desk, which they did, then they took me back to my house and searched there too.

When they got to the house they took all my X Files videos and X Files posters and the reason was because the “KUJI” hacker that they were after had a computer user description which read “The Truth Is Out There”. So they wanted to use the X Files material to prove that they had the correct “KUJI”. They just wanted to pin me on anything they could. They took all of my computer kit as well as my passport.

During the interview I agreed that I used the handle ‘Kuji’ and afterwards the police gave me my property back such as the X Files videos, posters,monitor and the keyboard back but they kept everything else.

I was taken to the Central Police station in Cardiff. The officers were from the computer crime unit of the Met Police. I believe that the C.C.U. also uses the code S.O.6 which leads me to believe that they are intelligence (MI6) related but I don’t think they would admit that.

MW: What was the atmosphere like in the interviews?

MB: It was a good cop bad cop scenario. The one person was very nice and the other guy was quite nasty and was giving snide remarks and shouting at me. There were bits in the interviews that were really stupid too where I was asked by the nice cop if I had any political leanings and I said no – then the other cop stepped in and said “Yeah, but your a vegetarian” and he then said “So you do have a leaning then.”. To this I then replied “Well if being vegetarian is a political leaning then I plead guilty!”. The other copper then steps in and make a lighthearted comment and then the other one steps in again and says “ah so you indicate a leaning then” and so on.

I was under arrest for the best part of 36 hours but there was about 28 hours spent in the cells. I wasn’t allowed to speak to my wife or anyone else. They threatened that they would arrest my wife and I pointed out that she knew nothing about computers and they said tough because they would arrest her anyway. This was part of their oppression tactics. I said what do I have to do to stop you arresting her and they said that if I co-operated then they would not arrest her. So the only telephone calls I was allowed were to my solicitor because they didn’t want me to tell anyone I had been arrested.

One thing I didn’t realise but found out was the fact that in Cardiff police station they bug the cells with listening devices and recently a few people have had tape recorded evidence used against them when they have admitted to things whilst in custody. This is immoral but they seem to be able to do it.

MW: What sort of specific questions were you asked by the police in the interview.

MB: They asked me about the Rome Labs computer and if I had placed a sniffer program on the computers. I would not admit to this. They also asked me about Goddard Space Flight Centre and Wright Patterson, I admitted to these but was never charged with them! They don’t charge me with the right things. They then charge me with conspiracy with the other hacker, but by the time they realise that they don’t have any evidence to prove this it transpires that they could not charge me with the original intended charges anyway because they are out of time by 6 months; They would have had to charge me with a summary offence within six months of my arrest. They also found out that they were out of time for a 3-year clause

The Americans position in court was that they claimed that they had to spend 1/2 a million dollars to repair their computer systems. A fundamental question that my defence asked was could we see a backup of the system to show before and after these so called repairs to prove what was being claimed. The Americans said that we could not see the records because they were so sensitive and also said that it was not in the jurisdiction of the British courts to order them to show the files. If it were any other trial then you would ask how could we accept this evidence but because we are asked to take the Americans word, this is supposed to be good enough.

The next thing that happened was that my barrister had meetings with the prosecution and he then turns around to me and says that he feels that they will find me guilty on some charges so I should give in and change my plea to guilty. So I ‘relieved’ him of his professional duties and got a new barrister who was then completely on my side and who felt that I did indeed have a worthwhile and quite solid defence.

MW: What was the final stage of the case and how did you get acquitted?

MB: The judge surprised everyone by saying to the prosecution that because my charges were lesser than those of the other hacker and that the other hacker had received a small fine of ?1200 then my sentence at best would be non-custodial so to proceed with such a case would not produce a large penalty whilst the costs for running such a case would run into millions. It was estimated that if I would be found guilty I would get a ?450 fine and considering that the court’s daily costs would be ?10,000 it would not be worth it.

However the prosecution was determined still and said that they would still proceed and then at the last stage they pulled out and said that they wished to offer no evidence and that it wasn’t in the public interest to run the case. Verdicts of not guilty were entered, this being the equivalent of a full acquittal and so ensuring that the police would waive the right to re-arrest me in conjunction with these charges.

This being the case I was then free to admit to the press and everyone else that I had in fact done some of those things and that I did hack those systems. This pissed Scotland Yard off immensely and they are now being very awkward about returning the seized goods that are in evidence storage even though the case has been dropped.

MW: How were you tracked down?

MB: I cannot be sure because this was never disclosed – I have my suspicions that I was grassed on by a hacker. They said they found my number on somebody’s computer system and traced me back like that but I think somebody told them who I was. The point was if it took them 2 years to find my number on the other hackers hard- drive as they claim then that is incompetence, as a search of a 250meg drive takes less than five minutes.

MW: Where does the story take a turn to where you started hacking military sites for UFO information?

MB: In a hacker magazine called PHRACK, it gave a list of sites that people who said they were interested in UFOs would like to see hacked and that hackers should check these out. Allegedly there were forty people who were trying to penetrate these sites and they got into some of them but they all went missing?

MW: A group of forty people went missing?

MB: Apparently so. They said in the magazine that if you were going to do it then do it carefully and printed a list of the sites. I used that list and used it and I also used some of the folklore of UFOs like “Roswell wreckage taken to Wright field”, “Lockheed space missile company have connection to Area 51” etc. It is then just a case then of picking up the addresses and names of these computers. They are quite easy to find as the military provide you with as much information on their computers as you could ever want.

It was a case of “go for it”, “lets have a look”. As far as I was concerned I was not traceable and not causing any harm to anybody. If I couldn’t get in then no big deal, if I could then I was not going to screw the system up.

MW: You did gain access to some interesting UFO type files – what were these?

MB: The information was obtained through the Wright Patterson Air Base computer system. I was looking for information on the Roswell crash. On one of the computers at Wright Patterson the systems administrator was very un-secured. Captain Beth Long was the system administrator she is supposedly working in a pumping station in Alaska now instead of working at Wright Patterson – the reason being, because she had no password so this meant that anyone logging in as her meant they had the highest level of access on the system with no password needed!

Wright Pattersons’ computers were strange because unlike all other computers I had hacked which had clear warnings to hackers and people using the system regarding the classified information, their system had a banner which read in flashing red letters that no classified information is to be stored on the computer system. This throws you a bit. I was unsure if it was a real banner or if it was to put off people who had got that far.

In getting into that there was one machine on the network where I read current files and future project proposals. I read documents which gave me the impression that they had an anti-gravity engine which was capable of at least Mach 12 to Mach 15. I don’t know how exactly how fast that is but I think that is faster than most aircraft we know of today. Supposedly the aircraft which employs this engine uses a reactor to which there were a lot of detailed numbers and figures for, but I have no idea what all this meant. I can remember that the documents referred to a super heavy element, whatever that means. The element is the main fuel for the reactor. The engine worked by making a disturbance of molecules at the front of the craft so that it was able to stop the inertia or G-force inside the craft. I got the impression that this information was the type of material I was looking for because it was far in advance of our current technology and could be something to do with the Roswell UFO. Finding this threw me ecause I didn’t know if this information was a disinformation exercise and that people were meant to get in and find this stuff or if it was real. I can’t be sure and this is the one annoying thing.

In the interviews that were carried out with the police Wright Patterson was mentioned. Officer D S Janes asked me, had I been in there and I said that I had. He then asked me if I had got any information from this computer and I said that I had found details of an anti-gravity propulsion system. He asked if I downloaded any files from this project and I said no and I had only read the files online. As I said earlier I admitted to this but no charges were brought against me on this matter which is a bit odd. Then the interviewing officer asked me if I knew what Hanger 18 meant. I said “well if you are thinking of a building where they store extraterrestrial aircraft then this is what you might mean but perhaps you mean it is a computer or a bulletin board -is this what you mean?”. He replied that this could be the place that he was thinking of. This was the only time that Hanger 18 was mentioned in the interview.

In one of the hearings at magistrates’ court there was a special agent who came over called Jim Hanson. When asked what did he feel I was trying to achieve by my hacking he said that he believed I was not trying to do any harm but was just looking for information on Hanger 18. The prosecution then asked Jim Hanson in a light-hearted manner if he could confirm if Hanger 18 exists and Hanson responded “I can’t tell you that because I am not party to that information”.

What surprised me is the fact that I was asked about the little known Hanger 18 story instead of somewhere well known such as Area 51. Some members of the press alluded that I had hacked into Area 51, but I never said this and I refused to comment on the UFO issue to them. There were things I was not prepared to talk about to the press because I was not sure if I would be able to sell my story or not, so I did not want to give the information away.

The point was that I knew where Wright Patterson airbase was but I didn’t know, until I read a UFO magazine recently, that Hanger 18 was located at Wright Patterson. This was the first I ever learned about this.

When you put it all together it seems weird – the fact that I hacked into Wright Patterson and found details of a secret gravity engine and then the coppers asking me about Hanger 18, even to have a secret service agent in an open court saying about Hanger 18 and then me later on finding out that the two places are the same.

MW: Wasn’t there a ban on press reporting of your case?

MB: The press were there and they heard many interesting things which the failed to print but yes there was a ban on reporting the case, they said because they did not want the press opinion to influence the case in any way. This is the principal of subjudicy.

The prosecution had originally intended to have the case heard in secret (In Camera) but we did not allow this to happen.

MW: Have you ever seen any UFOs yourself?

MB: There was a time when I was going back to Newport from Cardiff and there were two very feint lights which were like passenger plane lights at first. They looked like they were going towards Rhoose airport but in-between them there was a start which was shooting back and forth between these two points. I had to force my friends to look at the lights because they would not look and said was crazy but when eventually they did look they agreed that they had seen something strange.

My Wife and I went on holiday to Fuertaventura in the Canaries and there were unusual lights in the sky above us which we watched for many hours. They changed colour and went on and off. They seemed so far away that they couldn’t be sure if they were satellites or not. I am not saying that this could not have been explainable phenomena.

MW: What interest did you have in UFOs before the trial.

MB: Just before I got into the hacking scene I was making the free phone calls and I found a Bulletin Board in Australia which had loads of UFO files. There were about 500 or 600 text files on offer so I downloaded them all and waded through them slowly. I found it really interesting and I wanted to know more. I go into the MUFON files and Keelynet Bulletin Boards and they had interesting things on them also.

It seems to me that far more people have seen UFOs and have evidence of this than there is evidence of GOD but people go around believing in GOD and are not ridiculed for this in any way!

My opinion is that there is a lot of information UFO information out there and it is hard to separate the liars from the truthful people. The thing is that some of the wilder claims may also be the truth but sometimes you cannot be certain of any claims either way.

The types of thing I mean are cases where people say that they have been onboard spacecraft and seen the classic alien with big black eyes and that they had experiences which are consistent with other witnesses. You then hear from the same person that the aliens took her for a ride and they were walking around on the moon without a spacesuit and the story starts to take a strange turn. It seems that people seem to go overboard but who knows that person may in fact be telling the truth.

MW: Do you know much about Bob Lazar? Tell me what you about his story.

MB: Well yes, Bob Lazar was able to show documents from his previous work to show that he worked with certain companies, but they deny he ever worked for them.

As I remember he is a really nerdy looking guy that claims to have worked at Area 51’s S3 complex I think? He claimed to have been working on crashed UFO technology. He said that he had seen saucers in hangers and had seen one flying one day. Only recently I saw the original interview he gave on video where he talked about his work and was drawing on a blackboard. I think he got prosecuted for running a brothel, I don’t know much more than that.

MW: Do you know anything about the propulsion systems he was talking about in his work on the saucers?

MB: No not really – I can remember the shape of the craft and I can remember that the propulsion system was in the bottom of the craft and that it is like a segmented thing. I remember a little area in the middle where the “guys” would sit. I don’t really remember the details or specifics of that.

MW: I am interested because you used the term “heavy element reactor” earlier on and I wondered if you have heard about something called “element 115”?

MB: No I did chemistry at school but was very bad at it and got kicked out. I don’t know anything about elements full stop really.

MW: Bob Lazars story was that he worked on propulsion systems, which utilised a reactor, fuelled by a super heavy element. Everyday scientists do not know of the element 115 of which he speaks. Does this mean anything to you?

MB: Maybe that is a parallel. The only things I know about him really is that he worked on UFOs and his involvement in the brothel and the fact that he looks a bit “geeky”.

MW: Can you remember any names of people on the project. Were there dates on any of the letters you saw regarding the propulsion system?

MB: Nope, as for dates all the information was current at 1994. Whether this was a totally new engine or if it was a new version I can’t be sure. I do know that it was a working prototype.

MW: Did they say what type of aircraft the propulsion system would be used in?

MB: Not that I remember, although I believe the engine was in use.

MW: Do you fear going to the United States?

MB: I am, not so much worried about being tried in the US for these things because they still have the same flawed evidence – but I fear that over there they would just stick me in prison without a trial and leave me to rot. This is something I have to look at carefully and to study the international law on these matters because there is a question of where was the crime committed on my computer in my house in the UK or in the US on their systems. This is a legal dilemma and is open to question.

A point is that there is a hacker out there now called Kevin Minick who did some minor hacking and has been in prison for 2 years and hasn’t been charged with anything yet! This can happen.

MW: Why did you do all this? Are you an anarchist or is this political or just for pure curiosity?

MB: I just get a thrill out of exploring new computer systems. If you could see my CV I now have knowledge of all these computers systems I have used. If employers wanted to know how I got that experience it may get a bit awkward to have to tell them that these were military systems I was playing with – but it still makes for a good CV! I can now admit to my hacking and not have any fear because it may be a plus point in that I know a lot about systems security.

I did it for the pure adrenaline buzz of hacking a secret system. This can keep you awake on no food for hours and this is one of the other reasons – because of the thrill.

MW: Thank you very much.

MB: Thanks.

In final clarification on some of the interview I asked Mathew if he saw any images on the computer systems at Wright Patterson Airbase. He says he saw one but remembers that the antigravity engine was a working prototype and is fitted in some form of aircraft and is in use although the type of aircraft was not disclosed. The information was dated around 1994, when the system was originally breached. It is now up to researchers and hackers alike to try and find out more.

Friday, 27 October, 2000, 17:57 GMT 18:57 UK
Hacking: A history

The ILOVEYOU virus as victims saw it

By BBC News Online internet reporter Mark Ward

Great hacks of our time

The original meaning of the word “hack” was born at MIT, and originally meant an elegant, witty or inspired way of doing almost anything.

Many early hacks took the form of elaborate practical jokes. In 1994, MIT students put a convincing replica of a campus police car on top of the Institute’s Great Dome.

Now the meaning has changed to become something of a portmanteau term associated with the breaking into or harming of any kind of computer or telecommunications system.

Purists claim that those who break into computer systems should be properly called “crackers” and those targeting phones should be known as “phreaks”.

1969

Arpanet, the forerunner of the internet, is founded. The first network has only four nodes.

1971

First e-mail program written by Ray Tomlinson and used on Arpanet which now has 64 nodes.

1972

John Draper, also known as Captain Crunch, finds that a toy whistle given away in the cereal with the same name could be used to mimic the 2600 hertz tones phone lines used to set up long distance calls.

1980

In October, Arpanet comes to a crashing halt thanks to the accidental distribution of a virus.

1983

The internet is formed when Arpanet is split into military and civilian sections.

Wargames, a film that glamorises hacking, is released. Many hackers later claim it inspired them to start playing around with computers and networks.

1986

In August, while following up a 75 cent accounting error in the computer logs at the Lawrence Berkeley Lab at the University of California, Berkeley, network manager Clifford Stoll uncovers evidence of hackers at work. A year-long investigation results in the arrest of the five German hackers responsible.

1988

Robert Morris, a graduate student at Cornell University, sets off an internet worm program that quickly replicates itself to over 6,000 hosts bringing almost the whole network to a halt. Morris is arrested soon afterwards and is punished by being fined $10,000, sentenced to three years on probation and ordered to do 400 hours of community service.

1989

Kevin Mitnick: Arrested
twice for hacking
Kevin Mitnick is
convicted of stealing software from Digital Equipment and codes for long-distance lines from US telephone company MCI. He is the first person convicted under a new law against gaining access to an interstate computer network for criminal purposes. He serves a one-year prison term.

At the Cern laboratory for research in high- energy physics in Geneva, Tim Berners-Lee and Robert Cailliau develop the protocols that will become the world wide web.

1993

Kevin Poulsen, Ronald Austin and Justin Peterson are charged with conspiring to rig a radio phone-in competition to win prizes. The trio seized control of phone lines to the radio station ensuring only their calls got through. The group allegedly netted two Porsches, $20,000 in cash and holidays in Hawaii.

1994

A 16-year-old music student called Richard Pryce, better known by the hacker alias Datastream Cowboy, is arrested and charged with breaking into hundreds of computers including those at the Griffiths Air Force base, Nasa and the Korean Atomic Research Institute. His online mentor, “Kuji”, is never found.

Also this year, a group directed by Russian hackers breaks into the computers of Citibank and transfers more than $10 million from customers’ accounts. Eventually, Citibank recovered all but $400,000 of the pilfered money.

1995

In February, Kevin Mitnick is arrested for a second time. He is charged with stealing 20,000 credit card numbers. He eventually spends four years in jail and on his release his parole conditions demand that he avoid contact with computers and mobile phones.

On November 15, Christopher Pile becomes the first person to be jailed for writing and distributing a computer virus. Mr Pile, who called himself the Black Baron, was sentenced to 18 months in jail.

The US General Accounting Office reveals that US Defense Department computers sustained 250,000 attacks in 1995.

1996

Popular websites are attacked and defaced in an attempt to protest about the treatment of Kevin Mitnick.

The internet now has over 16 million hosts and is growing rapidly.

1999

David Smith: Creator of
the Melissa virus
In March, the Melissa
virus goes on the rampage and wreaks havoc with computers worldwide. After a short investigation, the FBI tracks down and arrests the writer of the virus, a 29-year- old New Jersey computer programmer, David L Smith.

2000

In February, some of the most popular websites in the world such as Amazon and Yahoo are almost overwhelmed by being flooded with bogus requests for data.

In May, the ILOVEYOU virus is unleashed and clogs computers worldwide. Over the coming months, variants of the virus are released that manage to catch out companies that didn’t do enough to protect themselves.

In October, Microsoft admits that its corporate network has been hacked and source code for future Windows products has been seen.

Hacker turns to vendors as IT PI

Steve Masters [05-12-1997]

One of the two hackers accused of almost starting World War III from his bedroom in the UK walked free from court on 21 November because the law is not set up to deal with cases like his, writes Sean Fleming.

In an interview with Computing, Matthew Bevan announced he is now considering a career in IT security.

Bevan was arrested on 21 June 1996 and charged with intent to secure access to computer systems belonging to the US Air Force and defence manufacturer Lockheed. His accusers maintained he knew that such access would be unauthorised.

More than three years and 14 court appearances later, the case has been dropped. The prosecution declared it would not be in the public interest to pursue the matter.

Bevan, who used the name Kuji, and Richard Pryce – known as Datastream Cowboy – stood accused of hacking into a research centre at Griffiss Air Force base in New York state. It took two years for the US authorities to admit the break-in had taken place.

In a statement to the court, US Air Force investigator Jim Christy said the incident cost the US Air Force $211,722 (#124,000) – exclusive of the cost of their investigations.

Christy outlined the events that almost brought East and West to the brink of war. He described how Datastream Cowboy (aged 16 at the time) hacked his way into a research facility in Korea. The US authorities became aware of this when they realised that the contents of the Korean Atomic Research Institute’s database had been deposited on USAF’s New York system.

‘Initially it was unclear whether the system belonged to North Korea or South Korea,’ Christy said. ‘The concern was that if it was North Korea, they would think the transfer of data was an intrusion by the US Air Force.’

It turned out to be South Korean data, but it is not hard to imagine the potential outcome had the 16-year-old found his way into North Korea’s system. The US press referred to Bevan and Pryce as ‘digital delinquents’.

Pryce walked out of court this summer with a #1,200 fine – not much of a slap on the wrists for actions that might have sparked a war. The lenience of his sentence was the key to Bevan escaping punishment altogether.

Simon Evenden, Bevan’s solicitor, told Computing why the prosecution chose not pursue his client. He stressed that in court, judge Jeffrey Rivlin QC made it clear that he felt the prosecution had in no way done anything wrong when preparing its case.

‘The case collapsed simply because it was not economically viable to take it forward. It would have cost hundreds of thousands of pounds to bring witnesses over from the US and because of what happened to Pryce, Matthew would probably only have been fined or given community service. So it was agreed that it was not in the public interests to continue.’

Had the case continued, getting the prosecution evidence to stand up in court could have proved problematic. It is unlikely the court would have accepted any evidence stored on a computer, unless it could satisfy itself it had not been tampered with. The US authorities were happy to supply copies of emails plus records showing times and dates at which computers were hacked into, but they would not allow the court access to original information.

In the light of the Bevan case, the defence and prosecution teams are to come together in an attempt to plug some of the gaps in the law. They will be arguing for changes to a system that is clearly finding it hard to keep pace with technological change.

From the horse’s mouth Interview with Matthew Bevan

Offered the choice between pleading guilty in the hope of the court being lenient or fighting it out, Matthew Bevan plumped for the latter. He explained why to Computing. ‘As far as I was concerned, I was charged with conspiracy, which was not true, and charged with working with Richard Pryce, which was not true. As well as having to prove that I did it, the prosecution would have had to prove there had been intent. I was accused of putting a sniffer on one of the computers. The point of a sniffer is to sit undetected on a computer monitoring who’s using it and copying their passwords. It’s not there to impair the performance of the computer. So, even if they could have proved I put it there, they couldn’t prove intent to cause damage.’ Bevan is now considering a career in IT security. ‘If I can find a job where I can get paid for doing the same sort of thing as hacking, I won’t complain,’ he said.

Hacked off: Court frees Air Force one

By Steve Masters [26-11-1997]

A hacker charged with breaking into the US Air Force’s command and control centres walked free from court last week

A hacker charged with breaking into the US Air Force’s command and control centres walked free from court last week, writes Sean Fleming.

The Crown Prosecution Service (CPU) said a costly court case would not be in the interests of the public.

Matthew Bevan, known as Kuji, was one of two hackers alleged to have accessed US military intelligence centres in 1994. Richard Pryce was fined #1,200 earlier this year.

Bevan has said that he was searching the US Air Force’s command and control centre for evidence of encounters with UFOs.

US Air Force investigator Jim Christy revealed that the hackers had also accessed the South Korean Atomic Research Institute, copied all the data and placed it on the US Air Force system.

Christy pointed out that the US was concerned this would be misinterpreted by the Koreans as an act of US aggression.

Taken from “The Sunday Business Post Online” www.sbpost.ie
Cib Cover Story Confessions of a hacker
Dublin , Ireland, April 1, 2001

Mathew Bevan was known as Kuji, hacker extraordinaire, probing everything from company ceo’s files to US military bases. The Pentagon described him as “the number one threat to US security”. One day men in dark suits arrested him and he faced charges that might have sent him to jail for 15 years

This, in his own words, is his story.

I cannot help being a hacker. I have always been clever and resourceful. Later on, I became addicted to the adrenaline of electronically rifling a chief executive’s files or looking at the latest space station plans at NASA. In the months leading up to my arrest, I was described by a Pentagon official as “possibly the single biggest threat to world peace since Adolf Hitler”. Then, I faced 15 years in prison.

But first I would like to tell you about my background. I believe it will help you understand why I became what I am. This is my story.
I was 12 when I first got a computer. I was given a Sinclair ZX81 and a subscription to some computing magazines.

When I was 12, I was a nerd. I was beaten and bullied almost every day of my young school life. Through my latter school years the physical abuse was replaced with name-calling and other mental abuse.

Later on, I realised that it was this time in my life which proved the precursor to my hacking.
Like most nerds, I upgraded my machine as often as I could. At the age of 15, I bought an Amiga 500. To me, the Amiga was a piece of computing genius. Not only did it have better graphics than any PC, but also had four channel stereo sound, something that would prove useful in the months to come.

My first revelation was in discovering bulletin boards. A bulletin board was what would be described as a usenet chat forum today. Except it was much more basic. And much less regulated. My friend gave me his 2,400 baud modem and, for a month, I called every BBS (Bulletin Board) number I could get my hands on.

At the end of the month, my mother showed me a ?400 phone bill. She said she never wanted to see a phone bill like that again. From that point onwards, she never did.

I began learning about manipulation of the phone system. Not only could I make free calls, but I could obfuscate call origin. Like every aspiring hacker, I wanted to be anonymous. I found I could do so by diverting the call through several countries before reaching my destination.

I had the ability to call anywhere in the world for free and be untraceable. I was given the number to a bulletin board in Belgium called Sin City. It was a hangout for electronic deviants. I met people on that bulletin boards who were interested in the skills I had accumulated on the phone system. As a trade for that information they gave me documents, files and other information to break into computers.

Then, hackers were free with their information and less wary of the law. Then, there was no such thing as a Computer Misuse Act (British legislation) and hackers could see no harm in anything they were doing. (Today, we face longer prison sentences than those who have committed the most heinous of crimes. We can now be dealt with under the new [British] anti-terrorist laws putting our crimes above that of murder.)

So I began to make friends. I was able for the first time to interact with people all across the globe. These people wanted nothing more than to share interests and as a result we became good friends, even though I would only ever actually meet a handful of them in person. Here, in the computer realm, I was strong and fearless, even if I felt scared and powerless in real life. I would get up and go to school, hate it, return home and get on the internet until about 4am or 5am. Then I would sleep for an hour or two and repeat the cycle.

I began taking the path of the computer mis-user very quickly, and it was not long before I was breaking into all sorts of machines, big and small. I did it purely because I could. One way of describing it is in relation to the curiosity that a parent feels when they find their child’s diary. They know it is wrong to read it, but something inside is just too inquisitive.

Hacking is like that in many ways. You know it’s wrong but the excitement, the rush of being in a powerful institution’s files is overwhelming. That is where the addictive nature of hacking can take hold. You feel the rush once — you want it again. And again. And again.

I cannot actually remember the first; I hacked so many machines in quick succession that the specifics elude me for all but the most memorable.
But this was soon to come.

I hacked everything I could, but there was something lacking; I wanted a direction. I found that needed direction on a bulletin board based in Australia. The bulletin board was called Destiny Stone and was run by a phone phreaker called Ripmax. A phone phreaker is a term for someone who hacks at systems using a phone connection. Ripmax had ended up on the wrong side of the law. What I found on his system were hundreds of documents about UFOs, government cover-ups and conspiracy theories.

I became interested. At that time, a hacker publication called PHRACK released a story about the alleged disappearance of 40 hackers. They had been targeting military systems to try an uncover the truth.

PHRACK printed the names of the bases that were thought to have been the targets by the missing group. I noted all of the military bases that were named in the various UFO documents I had downloaded.

I then began a systematic attack on each of the ones I could find with online equivalents. I had many jump-off points with which to attack these military bases. I thought I was safe.

I had already broken so many other systems, corporate, educational, and government contractors that it would be easy to find routes into the systems.

I was naive. While I was penetrating the different bases, four thousand miles away a group of high-ranking military personnel from the Air Force Office of Special Investigations (AFOSI) and Air Force Information Warfare Centre (AFIWAC) were gathered around a few computer terminals at Griffiss Air Force Base in Rome, New York.
This group, I learned from later reports (and three subsequent US Senate enquiries), were `hacker trackers’. They monitored all activity including keystrokes within the network and they were watching a particular chain of events closely. Over the preceding days, they had been following the activities of two hackers, Datastream Cowboy and Kuji, who had penetrated numerous sensitive computer systems belonging to the army and Air Force.

They discovered via an informant on an Internet chat system, IRC, that Datastream Cowboy was a 15 year old English boy. Shortly afterwards, a boy, Richard Pryce was arrested by the Metropolitan Computer Crime Unit, in England.
For legal reasons, I must be careful now about how I continue. The other hacker was deemed more elusive and wily and the only thing the group had to go on was his handle Kuji. Little was known about this hacker. Kuji had been spotted on an Australian bulletin board by investigators but that is where information ran dry. Investigators said that Kuji would stay online for only short periods of time, never long enough to be traced successfully.

The investigators said that while Datastream Cowboy made mistakes, Kuji seemes flawless in his technique. They would observe what they believed to be Datastream Cowboy attempting to attack a site, fail, talk to Kuji and a minute later successfully get in.

They concluded that Kuji was far more sophisticated and had financial motives. They decided that Kuji was a spy, tutoring the younger Datastream Cowboy in exchange for military secrets. It did not occur to them that the culprit could be an 18 year old kid living in Cardiff with very little stashed under the floorboards.
In the following year, Kuji became the subject of unprecedented comment and speculation. The story of the hacking broke. US Senate enquiries ensued. One pentagon official described Kuji as “possibly the single biggest threat to world peace since Adolf Hitler”.

One year later, a year after Pryce’s arrest (he was later fined ?1,200), a tip-off to the police identified ‘Kuji’ and subsequently I was arrested at work.

At the time, I was working in the IT department of an Insurance company and was fixing the MD’s computer. A group of dark suited men walked into the office. I was read my rights and arrested for various computer crimes against NATO, NASA, the US Air Force and other military installations.
I had a suspicion they might find me, but believed that due to them looking for a spy the chances were slim. My reaction was one of calm. I had read reports of Pryce’s arrest and was aware that he had broken down in tears. Reports had claimed that he began shouting “God, what have I done”. I did not want that to be held against me.

I was taken to the local police station for questioning and charged with conspiracy under the (British) Computer Misuse Act.
For the next 18 months I was prosecuted and underwent preparation for a trial which could have sent me to prison for 15 years.
I maintained throughout that any hacking I had done was on my own. There was no conspiracy. My argument was that I was in competition. As such I refused to accept any deals with which the prosecution offered based upon conspiracy.
In addition, conflicting information regarding sensitive information held on the sites and various other technical faults affected the prosecution’s case.

By the time the prosecution realised there was no conspiracy, they had run out of time to charge me with the other original offence, unauthorised access. This left them with only three more serious offences including unauthorised access with intent to impair the operation of the computer. This was nonsense. I would never wish to impair a machine I am having fun using to attack other machines.

The case was finally decided before going to trial with the prosecution offering no evidence. That meant a full acquittal with not guilty verdicts recorded. The British Crown Prosecution Service held that it was not in the public interest to prosecute me. They estimated the cost of a four month trial at ?10,000 a day plus the cost of bringing high ranking military personnel from America.

Looking back, I now believe that my case was not about hacking, but an exercise in propaganda. In the same year that a handful of hackers were caught, there was an estimated 250,000 attacks on computers in the US Department of Defence.
It was a prime target. I believe it was no coincidence that when the Senate was being asked for money to fund protection against Information Warfare, a case study appearing to proving their point fell in their laps.

But I am not bitter. I have respect, now. I am not bullied anymore. I will not attack your company anymore. I now work on the right side of the law as a computer consultant, mainly work performing penetration tests. I also volunteer my time and technical ability to www.antichildporn.org.

But I am still a hacker.

Mathew Bevan can be reached at hacker@kujimedia.com or www.kujimedia.com

EuroKom IT Security Seminar

Thursday 18th October, 2001

CEO’s and IT Managers from over fifty companies and organisations attended the EuroKom IT security seminar, which was held on 17 October in Citywest, Dublin. The seminar was opened by Noel Treacy, TD Minister for Science and Technology who told the attendees that ‘Confidence in IT Security is crucial to the success of eBusiness.’ Minister Treacy went on to elaborate on the actions that the Government are taking as a pro-active approach to meeting the challenges and opportunities which the digital economy presents. (The full text of the Minister’s speech can be viewed here.)

Brian Lynch, EuroKom’s Sales and Marketing Director, announced a partnership with Celare Ltd, one of Northern Ireland’s leading providers of IT Security Services. Brian stated that through this collaboration with Celare, EuroKom could now offer a unique range of corporate communications and security solutions throughout Ireland.

Keynote speaker at the seminar was Matt Bevan, otherwise known as ‘Kuji’, a reformed hacker who was quoted by the FBI as having ‘?created more harm than the KGB.’ Kuji, then a computer student, is alleged to have penetrated the US Air Force computer systems in 1994. He did it in the back bedroom of his parent’s home near Cardiff in Wales using a computer that his parents had given him for his 16th birthday. Kuji is also alleged to have hacked into NATO and NASA computer systems. In one case, he is also said to have hacked into the US FLEX system (Force Level Execution) and had the power to fire a Peacekeeper missile with a payload of 150 kilotonnes. Newspaper headlines at the time claimed that he ” Could have Started World War 3″ and that he “Even knew Mel Gibson’s Credit card number”. To this day, he believes that his e-mail, ordinary mail and telephones are still monitored by the Pentagon. (In 1994, there were 38,000 intrusions into Pentagon computers of which only 900 were detected.)