Kuji Media Corporation Ltd.

(By Jay Lyman, www.NewsFactor.com) – After drawing the ire of the online file-swapping community and Internet users at large, the Recording Industry Association of America (RIAA) Web site was defaced and taken offline Wednesday. The defacement, described as “the funniest hack ever” on a forum site, resembled the normal RIAA site but featured such links as “Piracy can be beneficial to the music industry” and “Where can I find information on giant monkeys?”

After drawing the ire of the online file-swapping community and Internet users at large, the Recording Industry Association of America (RIAA) Web site was defaced and taken offline Wednesday.

The defacement, described as “the funniest hack ever” on a forum site, resembled the normal RIAA site but featured such links as “Piracy can be beneficial to the music industry” and “Where can I find information on giant monkeys?”

Fix in the Works

While the RIAA would not acknowledge that its site had been hacked or defaced, the group, which has tried to prevent Napster ( news – web sites)-like online file sharing, admitted that its site was offline.

“There’s a problem with our site that we’re fixing,” an RIAA spokesperson told NewsFactor. “It should be back up shortly.”

The spokesperson would not comment on whether the association is a favorite target of hackers or is disliked by an array of Internet users.

Defacement Cheered

However, distaste for the RIAA and its legal offensive on Internet music file-sharing services was apparent in posts to forum site Fark.com, which generally cheered the defacement and jeered at the recording industry.

Among posts at the online forum were: “Yeah! Stick it to the man!” and “That hack is like six levels deep. Someone put their time into this. Sweet.”

“There is a growing sentiment of ill will toward the RIAA, the Motion Picture Association of America and content owners in general,” Yankee Group senior analyst Mike Goodman told NewsFactor.

Goodman said that despite the RIAA’s legal contentions that free online music trading violates copyright law and constitutes piracy, the majority of consumers resent content owners’ efforts to clamp down on file sharing.

“It’s a bit more of a radical reaction,” Goodman said of the defacement. “But it underlies a much more mainstream feeling that we’re going to share our music online and you guys are infringing on that.” Goodman pointed out that the general feeling among consumers is that file sharing is an inalienable right.

Industry Cries Foul

While studies, including a recent Yankee Group report, have indicated that free online music trading will flourish until legitimate, licensed sites offer the content, ownership and portability that consumers want, the RIAA continues to blame free online music trading for declining CD sales.

Music CD sales declined 7 percent in the first half of this year, costing the industry more than US$280 million, the RIAA said this week.

In addition, an RIAA-commissioned study indicated that increased music downloading from the Internet corresponds to reduced CD purchases. The RIAA, which has leveraged copyright law against peer-to-peer site Napster, among others, has warned that it might pursue individual users of free online file trading services.

Technology Revolution

Goodman said the RIAA must take the defacement seriously but can do little about it other than increase the site’s security. He alluded to the explosion of free online music trading by saying, “Technology is causing a revolution in the way consumers consume content.”

He pointed out that content owners are trying to impede this revolution, but “it’s not a particularly consumer-friendly approach.”

UK Hacker Says He Found Anti-Gravity Engine File
At W/P AFB

By Matthew Williams

2-7-99

Mathew Bevan is a 23 old computer hacker with an interest in UFOs. Recently he made front page world headlines when he was charged with hacking offences which included access to the most secret military computers of the United States Military. Mathew was able to access computers, which had the ability to launch nuclear missiles or other missiles. Described by one pentagon spokesman as being “The biggest threat to world peace since Adolf Hitler”, Mathew Bevan talks to Matthew Williams about how he did it and the fact that whilst in Wright Patterson Air Force Base computers he saw plans to a secret Anti Gravity propulsion engine….

Matthew Williams: How many years have you been into the Internet.

Mathew Bevan: Since about 16. It was a case that over here there were very few Internet providers. The only one was Demon Internet and the closest phone number to dial was in Bristol, so it was just easier to do a free (hacked) phonecall to the States and use a free provider and not worry about paying any bills.

MW: How does one “hack” the phones – what is the procedure involved.

MB: You use a little program on the old computer… The Amiga was the first computer to be used for “Blueboxing” (hacking phones) and the reason was that it has four channels of sound whereas the PC could only go “BEEP”. To get the blueboxing to work you had to play dual tones into your phone. There was a set of frequencies of tone not dissimilar to DTMF which is on most modern phones (DTMF – the tones played when you press a number on your phone keypad). When the special tones were played it would cause the network to do a number of special things.

What you then needed to do is to call a 0800 number for a foreign countries operator service – such as Columbia or Hawaii. You would play a few tones down the line and it would cut the operator off and BT would think that you had hung up the call but in fact you were still in the trunking system and you play a few more tones and you could re-route your call anywhere.

MW: Is it complicated to do these things because playing sets of musical tones down the phone line sounds quite complicated and what if you make a mistake.

MB: Well it is complicated but is a case of playing around to see what you could do. If you make a mistake you just hang up and try again. There were some other interesting things you could do like dialling a number and when you get the engaged signal then play a couple of tones and break into the call and listen without the two parties knowing you were there.

MW: You are saying that there are ways to listen to calls without being detected and this can be done from any home phone with such codes! Are you saying that you could listen to another call anywhere in the world?

MB: Yes but most of the time I was calling into the States anyway so that’s where I did it the most. I think that secretly listening in is what it was designed for.

MW: So when did you go from hacking innocent university computers into hacking the military computers?

MB: It was a case of getting onto a system and getting the password file and then running the encrypted passwords through a code cracking program so that you get the passwords. Once you have the passwords then you can get a higher level of access and get into peoples files and folders and you can monitor the system to see what it is happening. You can see that there are people that are themselves who are going from computer to computer with legitimate reasons. Now it would just happen that some of these people would be working on projects with the military. You could find that a professor would be contacting a military site (computer).

One would get fed up with doing small computer systems and would want to try to hack something bigger. The thing with people is that they tend to like the same password for multiple systems and so if you have hacked their account on a relatively unprotected system then the password will probably work on another more well protected system. The professor probably has some silly password like “professor” on the university computer and more often than not would use the same on a military system.

It is not a case of sitting there typing in millions of passwords and hoping that you get the right one. There are much more intelligent programs to do that for you and get you in to a system.

We now use things called SNIFFERS, which are covert and do not harm the system in any way. These sit in the background and watch for people’s passwords and they send them back to you. This is something that I was charged with and the offence read “modification to a system with intent to impair the operation of the computer”. Well the whole point of a sniffer is that it sits there and nobody knows it is there – if it did any harm we wouldn’t use them.

Well once inside you would use various hacker techniques to bump up your access level to that of systems administrator, so that you would have the entire system under your control. You could connect to other systems on the network with the same authority. You could monitor people’s emails and you could get into their project folders and look at their research and development work or papers that they have written. Occasionally you would get into somewhere that was quite interesting but it wasn’t always that way. Most of it was quite boring. Back in the old days before Internet Browsers that give you nice pictures and buttons to click on, it was all text based and you had to use the keyboard to type commands. There were pictures, but you had to manually download them and view them “offline”.

MW: So what were the most exciting computer systems you hacked?

MW: Firstly there was the FLEX system. This stands for Force Level Execution, and this is the thing which the News of the World newspaper picked up on. The reason this system was of interest because it had control of nuclear missiles. To explain what this program does; the official line is to plan an air war and to find out what things are incoming and what air strikes are pending. The system would then advise you of where to strike next with the best killing ratio and where to launch you missiles etc. From looking on the computer and through the “source code” I got the impression that the system had direct access to real missiles. What type of missiles I do not know and the News of the World printed that these were in fact Peacekeeper Missiles, but that didn’t come from me – I don’t know where they got those details from…?

The easiest comparison I could make is that it was a very similar system to the Skynet System in the Terminator movies. This means that the computer has access to all available information and can make intelligent decisions about how to operate a war and even control the weapons.

Of course the FLEX system is secret and something that they do not want the public to know about and the fact that weapons are controlled solely by computer. You would think that there would be other failsafe system but, as far as I could tell, that was not the case.

There were other systems such as Wright Patterson Air Force base and White Sands Missile Testing Ground, some now I forget – I went to a lot. I had been to so many I had to tell the police that I could not remember all the systems I had been in.

The lawyers couldn’t get their stories straight even for a trial of this type, which you would have expected. They would not present evidence to show how I was able to hack into their systems. So with the details of the computer systems real purpose having been removed from the case then I am now pretty sure that I did have a good idea about the real function of the programs – they didn’t want this information out in any form. This was probably the reason that they were so pissed off about it because I came forward and told everyone. You see after I was arrested then I started to get some very strange phone calls from people claiming to be in the military, Koreans and other people. I had weird semi-threatening things said to me and this is why I moved away to get away from these treats and this is another reason that I spilled the beans, in order to keep myself and my wife safe, after all what is the point of silencing me after I had talked.

MW: Where were you living and did the police give you any assistance in your moving because of these threats.

MB: Firstly I was living in Grangetown and then I was moved by the benefits agency to another location. They were aware of the court case and the sensitivity and people from Scotland Yard were helping in this respect also. I was given a new name under the benefits agency computers and was living under name of Mr Smith for a while.

MW: Why do you think they were prepared to go to this trouble to help you?

MB: What you have to understand is the fact that there was a big Senate hearing on the fact that two hackers had got into secret computer systems. One of these was a 16-year-old who they had arrested and the other person was supposedly thought to be a foreign spy who was paying the 16-year-old for information. I was made out to be the foreign spy and I was prepared to believe from the threats I was getting that these people were serious. So I had to move home.

To give you an idea of the level of the ominous phone calls I was getting, at the time I was just about to change my phone over to British Telecom. Just days before I was arrested I was due to sign the BT phone forms and send them off, but had not done do at that point. Then I had another threatening phone call and I told them to **** off and said that I was now having my number changed. The voice on the other end of the line said “yeah we know that your new number is going to be 01222 233blah blah blah” and so they knew my new number already! My wife asked often who was speaking and one name we got was Chung Lee Makasuki and he gave some phone number in China, I think.

MW: When you were arrested what happened?

MB: I was working at Admiral Insurance at the time in their computer department for around a year and a half. One of the managers came in and asked me to come and have a look at one of their computer systems and I got up and went with him. I went with him to the MDs office and there were seven people in the office, your typical men in black so to speak but as this was the MDs office I didn’t at first see this as abnormal. When I got inside one of then said to me “Mathew Bevan” and I replied “yes” and then he put up his hand and said “I am placing you under arrest for hacking of NASA and various Air Force bases.” I was standing there stunned and I was going “Oh, gosh… ummm.” They then told me that they were going to search my desk, which they did, then they took me back to my house and searched there too.

When they got to the house they took all my X Files videos and X Files posters and the reason was because the “KUJI” hacker that they were after had a computer user description which read “The Truth Is Out There”. So they wanted to use the X Files material to prove that they had the correct “KUJI”. They just wanted to pin me on anything they could. They took all of my computer kit as well as my passport.

During the interview I agreed that I used the handle ‘Kuji’ and afterwards the police gave me my property back such as the X Files videos, posters,monitor and the keyboard back but they kept everything else.

I was taken to the Central Police station in Cardiff. The officers were from the computer crime unit of the Met Police. I believe that the C.C.U. also uses the code S.O.6 which leads me to believe that they are intelligence (MI6) related but I don’t think they would admit that.

MW: What was the atmosphere like in the interviews?

MB: It was a good cop bad cop scenario. The one person was very nice and the other guy was quite nasty and was giving snide remarks and shouting at me. There were bits in the interviews that were really stupid too where I was asked by the nice cop if I had any political leanings and I said no – then the other cop stepped in and said “Yeah, but your a vegetarian” and he then said “So you do have a leaning then.”. To this I then replied “Well if being vegetarian is a political leaning then I plead guilty!”. The other copper then steps in and make a lighthearted comment and then the other one steps in again and says “ah so you indicate a leaning then” and so on.

I was under arrest for the best part of 36 hours but there was about 28 hours spent in the cells. I wasn’t allowed to speak to my wife or anyone else. They threatened that they would arrest my wife and I pointed out that she knew nothing about computers and they said tough because they would arrest her anyway. This was part of their oppression tactics. I said what do I have to do to stop you arresting her and they said that if I co-operated then they would not arrest her. So the only telephone calls I was allowed were to my solicitor because they didn’t want me to tell anyone I had been arrested.

One thing I didn’t realise but found out was the fact that in Cardiff police station they bug the cells with listening devices and recently a few people have had tape recorded evidence used against them when they have admitted to things whilst in custody. This is immoral but they seem to be able to do it.

MW: What sort of specific questions were you asked by the police in the interview.

MB: They asked me about the Rome Labs computer and if I had placed a sniffer program on the computers. I would not admit to this. They also asked me about Goddard Space Flight Centre and Wright Patterson, I admitted to these but was never charged with them! They don’t charge me with the right things. They then charge me with conspiracy with the other hacker, but by the time they realise that they don’t have any evidence to prove this it transpires that they could not charge me with the original intended charges anyway because they are out of time by 6 months; They would have had to charge me with a summary offence within six months of my arrest. They also found out that they were out of time for a 3-year clause

The Americans position in court was that they claimed that they had to spend 1/2 a million dollars to repair their computer systems. A fundamental question that my defence asked was could we see a backup of the system to show before and after these so called repairs to prove what was being claimed. The Americans said that we could not see the records because they were so sensitive and also said that it was not in the jurisdiction of the British courts to order them to show the files. If it were any other trial then you would ask how could we accept this evidence but because we are asked to take the Americans word, this is supposed to be good enough.

The next thing that happened was that my barrister had meetings with the prosecution and he then turns around to me and says that he feels that they will find me guilty on some charges so I should give in and change my plea to guilty. So I ‘relieved’ him of his professional duties and got a new barrister who was then completely on my side and who felt that I did indeed have a worthwhile and quite solid defence.

MW: What was the final stage of the case and how did you get acquitted?

MB: The judge surprised everyone by saying to the prosecution that because my charges were lesser than those of the other hacker and that the other hacker had received a small fine of ?1200 then my sentence at best would be non-custodial so to proceed with such a case would not produce a large penalty whilst the costs for running such a case would run into millions. It was estimated that if I would be found guilty I would get a ?450 fine and considering that the court’s daily costs would be ?10,000 it would not be worth it.

However the prosecution was determined still and said that they would still proceed and then at the last stage they pulled out and said that they wished to offer no evidence and that it wasn’t in the public interest to run the case. Verdicts of not guilty were entered, this being the equivalent of a full acquittal and so ensuring that the police would waive the right to re-arrest me in conjunction with these charges.

This being the case I was then free to admit to the press and everyone else that I had in fact done some of those things and that I did hack those systems. This pissed Scotland Yard off immensely and they are now being very awkward about returning the seized goods that are in evidence storage even though the case has been dropped.

MW: How were you tracked down?

MB: I cannot be sure because this was never disclosed – I have my suspicions that I was grassed on by a hacker. They said they found my number on somebody’s computer system and traced me back like that but I think somebody told them who I was. The point was if it took them 2 years to find my number on the other hackers hard- drive as they claim then that is incompetence, as a search of a 250meg drive takes less than five minutes.

MW: Where does the story take a turn to where you started hacking military sites for UFO information?

MB: In a hacker magazine called PHRACK, it gave a list of sites that people who said they were interested in UFOs would like to see hacked and that hackers should check these out. Allegedly there were forty people who were trying to penetrate these sites and they got into some of them but they all went missing?

MW: A group of forty people went missing?

MB: Apparently so. They said in the magazine that if you were going to do it then do it carefully and printed a list of the sites. I used that list and used it and I also used some of the folklore of UFOs like “Roswell wreckage taken to Wright field”, “Lockheed space missile company have connection to Area 51” etc. It is then just a case then of picking up the addresses and names of these computers. They are quite easy to find as the military provide you with as much information on their computers as you could ever want.

It was a case of “go for it”, “lets have a look”. As far as I was concerned I was not traceable and not causing any harm to anybody. If I couldn’t get in then no big deal, if I could then I was not going to screw the system up.

MW: You did gain access to some interesting UFO type files – what were these?

MB: The information was obtained through the Wright Patterson Air Base computer system. I was looking for information on the Roswell crash. On one of the computers at Wright Patterson the systems administrator was very un-secured. Captain Beth Long was the system administrator she is supposedly working in a pumping station in Alaska now instead of working at Wright Patterson – the reason being, because she had no password so this meant that anyone logging in as her meant they had the highest level of access on the system with no password needed!

Wright Pattersons’ computers were strange because unlike all other computers I had hacked which had clear warnings to hackers and people using the system regarding the classified information, their system had a banner which read in flashing red letters that no classified information is to be stored on the computer system. This throws you a bit. I was unsure if it was a real banner or if it was to put off people who had got that far.

In getting into that there was one machine on the network where I read current files and future project proposals. I read documents which gave me the impression that they had an anti-gravity engine which was capable of at least Mach 12 to Mach 15. I don’t know how exactly how fast that is but I think that is faster than most aircraft we know of today. Supposedly the aircraft which employs this engine uses a reactor to which there were a lot of detailed numbers and figures for, but I have no idea what all this meant. I can remember that the documents referred to a super heavy element, whatever that means. The element is the main fuel for the reactor. The engine worked by making a disturbance of molecules at the front of the craft so that it was able to stop the inertia or G-force inside the craft. I got the impression that this information was the type of material I was looking for because it was far in advance of our current technology and could be something to do with the Roswell UFO. Finding this threw me ecause I didn’t know if this information was a disinformation exercise and that people were meant to get in and find this stuff or if it was real. I can’t be sure and this is the one annoying thing.

In the interviews that were carried out with the police Wright Patterson was mentioned. Officer D S Janes asked me, had I been in there and I said that I had. He then asked me if I had got any information from this computer and I said that I had found details of an anti-gravity propulsion system. He asked if I downloaded any files from this project and I said no and I had only read the files online. As I said earlier I admitted to this but no charges were brought against me on this matter which is a bit odd. Then the interviewing officer asked me if I knew what Hanger 18 meant. I said “well if you are thinking of a building where they store extraterrestrial aircraft then this is what you might mean but perhaps you mean it is a computer or a bulletin board -is this what you mean?”. He replied that this could be the place that he was thinking of. This was the only time that Hanger 18 was mentioned in the interview.

In one of the hearings at magistrates’ court there was a special agent who came over called Jim Hanson. When asked what did he feel I was trying to achieve by my hacking he said that he believed I was not trying to do any harm but was just looking for information on Hanger 18. The prosecution then asked Jim Hanson in a light-hearted manner if he could confirm if Hanger 18 exists and Hanson responded “I can’t tell you that because I am not party to that information”.

What surprised me is the fact that I was asked about the little known Hanger 18 story instead of somewhere well known such as Area 51. Some members of the press alluded that I had hacked into Area 51, but I never said this and I refused to comment on the UFO issue to them. There were things I was not prepared to talk about to the press because I was not sure if I would be able to sell my story or not, so I did not want to give the information away.

The point was that I knew where Wright Patterson airbase was but I didn’t know, until I read a UFO magazine recently, that Hanger 18 was located at Wright Patterson. This was the first I ever learned about this.

When you put it all together it seems weird – the fact that I hacked into Wright Patterson and found details of a secret gravity engine and then the coppers asking me about Hanger 18, even to have a secret service agent in an open court saying about Hanger 18 and then me later on finding out that the two places are the same.

MW: Wasn’t there a ban on press reporting of your case?

MB: The press were there and they heard many interesting things which the failed to print but yes there was a ban on reporting the case, they said because they did not want the press opinion to influence the case in any way. This is the principal of subjudicy.

The prosecution had originally intended to have the case heard in secret (In Camera) but we did not allow this to happen.

MW: Have you ever seen any UFOs yourself?

MB: There was a time when I was going back to Newport from Cardiff and there were two very feint lights which were like passenger plane lights at first. They looked like they were going towards Rhoose airport but in-between them there was a start which was shooting back and forth between these two points. I had to force my friends to look at the lights because they would not look and said was crazy but when eventually they did look they agreed that they had seen something strange.

My Wife and I went on holiday to Fuertaventura in the Canaries and there were unusual lights in the sky above us which we watched for many hours. They changed colour and went on and off. They seemed so far away that they couldn’t be sure if they were satellites or not. I am not saying that this could not have been explainable phenomena.

MW: What interest did you have in UFOs before the trial.

MB: Just before I got into the hacking scene I was making the free phone calls and I found a Bulletin Board in Australia which had loads of UFO files. There were about 500 or 600 text files on offer so I downloaded them all and waded through them slowly. I found it really interesting and I wanted to know more. I go into the MUFON files and Keelynet Bulletin Boards and they had interesting things on them also.

It seems to me that far more people have seen UFOs and have evidence of this than there is evidence of GOD but people go around believing in GOD and are not ridiculed for this in any way!

My opinion is that there is a lot of information UFO information out there and it is hard to separate the liars from the truthful people. The thing is that some of the wilder claims may also be the truth but sometimes you cannot be certain of any claims either way.

The types of thing I mean are cases where people say that they have been onboard spacecraft and seen the classic alien with big black eyes and that they had experiences which are consistent with other witnesses. You then hear from the same person that the aliens took her for a ride and they were walking around on the moon without a spacesuit and the story starts to take a strange turn. It seems that people seem to go overboard but who knows that person may in fact be telling the truth.

MW: Do you know much about Bob Lazar? Tell me what you about his story.

MB: Well yes, Bob Lazar was able to show documents from his previous work to show that he worked with certain companies, but they deny he ever worked for them.

As I remember he is a really nerdy looking guy that claims to have worked at Area 51’s S3 complex I think? He claimed to have been working on crashed UFO technology. He said that he had seen saucers in hangers and had seen one flying one day. Only recently I saw the original interview he gave on video where he talked about his work and was drawing on a blackboard. I think he got prosecuted for running a brothel, I don’t know much more than that.

MW: Do you know anything about the propulsion systems he was talking about in his work on the saucers?

MB: No not really – I can remember the shape of the craft and I can remember that the propulsion system was in the bottom of the craft and that it is like a segmented thing. I remember a little area in the middle where the “guys” would sit. I don’t really remember the details or specifics of that.

MW: I am interested because you used the term “heavy element reactor” earlier on and I wondered if you have heard about something called “element 115”?

MB: No I did chemistry at school but was very bad at it and got kicked out. I don’t know anything about elements full stop really.

MW: Bob Lazars story was that he worked on propulsion systems, which utilised a reactor, fuelled by a super heavy element. Everyday scientists do not know of the element 115 of which he speaks. Does this mean anything to you?

MB: Maybe that is a parallel. The only things I know about him really is that he worked on UFOs and his involvement in the brothel and the fact that he looks a bit “geeky”.

MW: Can you remember any names of people on the project. Were there dates on any of the letters you saw regarding the propulsion system?

MB: Nope, as for dates all the information was current at 1994. Whether this was a totally new engine or if it was a new version I can’t be sure. I do know that it was a working prototype.

MW: Did they say what type of aircraft the propulsion system would be used in?

MB: Not that I remember, although I believe the engine was in use.

MW: Do you fear going to the United States?

MB: I am, not so much worried about being tried in the US for these things because they still have the same flawed evidence – but I fear that over there they would just stick me in prison without a trial and leave me to rot. This is something I have to look at carefully and to study the international law on these matters because there is a question of where was the crime committed on my computer in my house in the UK or in the US on their systems. This is a legal dilemma and is open to question.

A point is that there is a hacker out there now called Kevin Minick who did some minor hacking and has been in prison for 2 years and hasn’t been charged with anything yet! This can happen.

MW: Why did you do all this? Are you an anarchist or is this political or just for pure curiosity?

MB: I just get a thrill out of exploring new computer systems. If you could see my CV I now have knowledge of all these computers systems I have used. If employers wanted to know how I got that experience it may get a bit awkward to have to tell them that these were military systems I was playing with – but it still makes for a good CV! I can now admit to my hacking and not have any fear because it may be a plus point in that I know a lot about systems security.

I did it for the pure adrenaline buzz of hacking a secret system. This can keep you awake on no food for hours and this is one of the other reasons – because of the thrill.

MW: Thank you very much.

MB: Thanks.

In final clarification on some of the interview I asked Mathew if he saw any images on the computer systems at Wright Patterson Airbase. He says he saw one but remembers that the antigravity engine was a working prototype and is fitted in some form of aircraft and is in use although the type of aircraft was not disclosed. The information was dated around 1994, when the system was originally breached. It is now up to researchers and hackers alike to try and find out more.

Friday, 27 October, 2000, 17:57 GMT 18:57 UK
Hacking: A history

The ILOVEYOU virus as victims saw it

By BBC News Online internet reporter Mark Ward

Great hacks of our time

The original meaning of the word “hack” was born at MIT, and originally meant an elegant, witty or inspired way of doing almost anything.

Many early hacks took the form of elaborate practical jokes. In 1994, MIT students put a convincing replica of a campus police car on top of the Institute’s Great Dome.

Now the meaning has changed to become something of a portmanteau term associated with the breaking into or harming of any kind of computer or telecommunications system.

Purists claim that those who break into computer systems should be properly called “crackers” and those targeting phones should be known as “phreaks”.

1969

Arpanet, the forerunner of the internet, is founded. The first network has only four nodes.

1971

First e-mail program written by Ray Tomlinson and used on Arpanet which now has 64 nodes.

1972

John Draper, also known as Captain Crunch, finds that a toy whistle given away in the cereal with the same name could be used to mimic the 2600 hertz tones phone lines used to set up long distance calls.

1980

In October, Arpanet comes to a crashing halt thanks to the accidental distribution of a virus.

1983

The internet is formed when Arpanet is split into military and civilian sections.

Wargames, a film that glamorises hacking, is released. Many hackers later claim it inspired them to start playing around with computers and networks.

1986

In August, while following up a 75 cent accounting error in the computer logs at the Lawrence Berkeley Lab at the University of California, Berkeley, network manager Clifford Stoll uncovers evidence of hackers at work. A year-long investigation results in the arrest of the five German hackers responsible.

1988

Robert Morris, a graduate student at Cornell University, sets off an internet worm program that quickly replicates itself to over 6,000 hosts bringing almost the whole network to a halt. Morris is arrested soon afterwards and is punished by being fined $10,000, sentenced to three years on probation and ordered to do 400 hours of community service.

1989

Kevin Mitnick: Arrested
twice for hacking
Kevin Mitnick is
convicted of stealing software from Digital Equipment and codes for long-distance lines from US telephone company MCI. He is the first person convicted under a new law against gaining access to an interstate computer network for criminal purposes. He serves a one-year prison term.

At the Cern laboratory for research in high- energy physics in Geneva, Tim Berners-Lee and Robert Cailliau develop the protocols that will become the world wide web.

1993

Kevin Poulsen, Ronald Austin and Justin Peterson are charged with conspiring to rig a radio phone-in competition to win prizes. The trio seized control of phone lines to the radio station ensuring only their calls got through. The group allegedly netted two Porsches, $20,000 in cash and holidays in Hawaii.

1994

A 16-year-old music student called Richard Pryce, better known by the hacker alias Datastream Cowboy, is arrested and charged with breaking into hundreds of computers including those at the Griffiths Air Force base, Nasa and the Korean Atomic Research Institute. His online mentor, “Kuji”, is never found.

Also this year, a group directed by Russian hackers breaks into the computers of Citibank and transfers more than $10 million from customers’ accounts. Eventually, Citibank recovered all but $400,000 of the pilfered money.

1995

In February, Kevin Mitnick is arrested for a second time. He is charged with stealing 20,000 credit card numbers. He eventually spends four years in jail and on his release his parole conditions demand that he avoid contact with computers and mobile phones.

On November 15, Christopher Pile becomes the first person to be jailed for writing and distributing a computer virus. Mr Pile, who called himself the Black Baron, was sentenced to 18 months in jail.

The US General Accounting Office reveals that US Defense Department computers sustained 250,000 attacks in 1995.

1996

Popular websites are attacked and defaced in an attempt to protest about the treatment of Kevin Mitnick.

The internet now has over 16 million hosts and is growing rapidly.

1999

David Smith: Creator of
the Melissa virus
In March, the Melissa
virus goes on the rampage and wreaks havoc with computers worldwide. After a short investigation, the FBI tracks down and arrests the writer of the virus, a 29-year- old New Jersey computer programmer, David L Smith.

2000

In February, some of the most popular websites in the world such as Amazon and Yahoo are almost overwhelmed by being flooded with bogus requests for data.

In May, the ILOVEYOU virus is unleashed and clogs computers worldwide. Over the coming months, variants of the virus are released that manage to catch out companies that didn’t do enough to protect themselves.

In October, Microsoft admits that its corporate network has been hacked and source code for future Windows products has been seen.

04/04/98 THE SCHOOLBOY SPY.

By Jonathan Ungoed-Thomas

The Americans called him their No 1 enemy, but he was only 16. Jonathan Ungoed-Thomas reveals one of the strangest stories of the cyber-age. On the evening of April 15, 1994, six American special agents sat in a concrete basement at a secret air force base patiently waiting for an attack. Their unseen and unknown enemy had for weeks been rampaging across the Pentagon network of computers, cracking security codes and downloading secret files.

Defence officials feared the infiltrator was a foreign agent. They were monitoring his movements in a desperate effort to trace him to his lair. He had first been spotted by a systems manager at the Rome Laboratory at the Griffiss air base in New York state, the premier command and control research facility in the United States. He had breached the security system and was using assumed computer identities from the air base to attack other sites, including Nasa, Wright-Patterson air force base – which monitors UFO sightings – and Hanscom air force base in Massachusetts. He was also planting “sniffer files” to pick up every password used in the system. This was a new type of warfare, a “cyber attack” at the heart of the most powerful military machine on earth. But the American military had been preparing for “cyber war” and it had a new breed of agent ready to fight back against the infiltrator. Computer specialists from the Air Force Office of Special Investigations (AFOSI) and the Air Force Information Warfare Centre in San Antonio, Texas, were dispatched to Rome Laboratory to catch the attacker.

By the end of the second week of their attempt to outwit him, their windowless basement room was a mess of food wrappers, sleeping bags and empty Coca-Cola cans. Sitting among the debris, the American cyber agents saw a silent alarm throb on one of the many terminals packed into the 30ft by 30ft room. Datastream Cowboy, as he called himself, was online again. They carefully tracked him on a computer screen as he used the access code of a high-ranking Pentagon employee to sign on. This gave him the power to delete files, copy secret information and even crash the system. As he sifted through battlefield simulation data, artificial intelligence files and reports on Gulf war weaponry, the agents worked frantically at their terminals, trying yet again to establish who he was and where he had come from. It was futile. Datastream Cowboy always bounced around the world before launching an attack and it was impossible even to establish in which country he was sitting.

Suddenly he left the Pentagon system. The agents rapidly checked the computer address of his new target and were chilled by the result: he was trying to get access to a nuclear facility somewhere in Korea. The shocked agents saw a terrible crisis coming. The United States was embroiled in tense negotiations with North Korea about its suspected nuclear weapons programme. The Clinton administration was publicly split between a faction that wanted to punish the Stalinist regime in Pyongyang for attempting to develop a nuclear bomb and State Department diplomats who insisted on a gentler approach.

If the paranoid North Koreans detected a computer attack on their nuclear facility from an American air base – because Datastream Cowboy had assumed an American military identity by routeing his assault through the Griffiss computer – they would be bound to believe that the hawks had won and this was an act of war. Senior defence officials were hurriedly briefed as the agents attempted to establish the exact location in Korea of the computer that Datastream Cowboy was trying to crack.

After several tense hours, they had their answer. His target was in South Korea, not North. The security alert was over, but the damage meted out by Datastream Cowboy was not. In the space of a few weeks he had caused more harm than the KGB, in the view of the American military, and was the “No 1 threat to US security”.

What made Datastream Cowboy so dangerous, in the view of the Americans, was that he was not alone; he was working with a more sophisticated hacker who used the “handle” of Kuji. The agents repeatedly watched Datastream Cowboy unsuccessfully attack a military site and retreat for an e-mail briefing from Kuji. He would then return and successfully hack into the site. Both Datastream Cowboy and Kuji were untraceable. They were weaving a path through computer systems in South Africa, Mexico and Europe before launching their attacks. Over 26 days, Datastream Cowboy and Kuji broke into the Rome Laboratory more than 150 times. Kuji was also monitored attempting an assault on the computers at Nato headquarters near Brussels. It was only three years after the final collapse of Soviet communism, but there was already a strong fear within the American government that the United States had become vulnerable to a new military threat: electronic and computer warfare.

Both America’s superpower military arsenal and its huge civilian economy had become reliant on microchips and in the words of Jamie Gorelick, a deputy attorney-general: “Some day we will wake up to find that the electronic equivalent of Pearl Harbor has crippled our computer networks and caused more chaos than a well placed nuclear strike. We do not want to wait for that wake-up call.”

What made the American military so vulnerable was that the Internet – the computer communications system that had been developed by Pentagon scientists as a tool for survival after nuclear war – was opening up in 1994 to anyone in the world who had access to a cheap and powerful personal computer.

The Internet automatically brought hackers to the very gates of the Pentagon’s most secret files – and it could not be policed, as it had been deliberately set up without controls to ensure ease of access for nuclear survivors.

According to official American figures, the Pentagon’s military computers are now suffering cyber attacks at the rate of 250,000 a year and it is retaliating with a $3.6bn programme of computer protection to key systems. THE attacks by Datastream Cowboy and Kuji were the opening shots in this barrage, and the Pentagon generals insisted that they had to be found and put out of action. It would have been relatively simple to shut them out of the Pentagon network, but they would survive to attack again – and their identities and the information they had already stolen would have remained unknown. The American cyber agents were ordered to continue chasing them through the electronic maze.

But how? They used a process called “fingering” in which they tried to detect every computer that Datastream Cowboy had used as stepping stones before attacking them. A computer on the Internet gives its own address in the first few bytes of any communication and the agents tried to trace Datastream Cowboy’s path backwards. The process can often be hit and miss because of the vast amount of traffic on the Internet and the hacker’s path was simply too long and circuitous to follow to its end. The agents almost gave up hope. Then old-fashioned police work was brought to bear. In the cyber age, where do hackers hang out? On the Internet, of course. They “chat” with each other through their screens.

The agents had informants who cruised the Internet and one of these made the breakthrough. He found that Datastream Cowboy hung out at Cyberspace, an Internet “service provider” based in Seattle. Moreover, he was a particularly chatty individual who was eager to engage other hackers in e-mail conversation. Naive, too. Before long, the informant had established that Datastream Cowboy lived in the United Kingdom. He even gave out his home telephone number.

Jubilant, a senior AFOSI agent contacted the computer crime unit in Scotland Yard for assistance. Datastream Cowboy’s number was traced to a house in a cul-de-sac in Colindale, part of the anonymous north London suburbs. In cold war days it would have been a classic address for a spy’s hideaway.

Telephone line checks revealed that the hacker was first dialling into Bogota, the Colombian capital, and then using a free phone line from there to hack his way into the sensitive military sites.

American agents flew to London and staked out the address with British police officers. Detectives were cautious, however, about making an immediate arrest because they wanted Datastream Cowboy to be online when they entered the house, so that he would be caught in the act.

At 8pm on May 12, 1994, four unmarked cars were parked outside the Colindale house. Inside one of them, a detective’s mobile phone rang. An agent from the Rome Laboratory was on the other end: Datastream Cowboy was online. Officers made a second call to British Telecom in Milton Keynes and established that a free phone call was being made to South America. Posing as a courier, one of the officers knocked on the door. As it was opened by a middle-aged man, eight policemen silently appeared and swept into the house. The officers quietly searched the downstairs and first floor. Then, creeping up the stairs to a loft-room, they saw a teenager hunched in his chair tapping frantically away on the keyboard of his ?700 PC World computer. They had found Datastream Cowboy.

One of the detectives walked up silently behind the young suspect and gently removed his hands from the computer. For 16-year-old Richard Pryce, a music student, it was the shock of his life. He looked at the policemen as they prepared to arrest him and collapsed on the floor in tears.

“They thought they were going to find a super-criminal and they just found me, a teenager playing around on his computer,” says Pryce now. “My mother had noticed people sitting outside our house for a few days beforehand, but I didn’t think much of it. I never thought I would get caught and it was very disturbing when I did.

“It had just been a game or a challenge from which I had got a real buzz. It was unbelievable because the computers were so easy to hack, like painting by numbers.”

Pryce, who was then a pupil at The Purcell School in Harrow, Middlesex, was arrested at his home but released on police bail the same evening. Five stolen files, including a battle simulation program, were discovered on the hard disk of his computer. Another stolen file, which dealt with artificial intelligence and the American Air Order of Battle, was too large to fit on to his desktop computer. So he had placed it in his own storage space at an Internet service provider that he used in New York, accessing it with a personal password.

During the subsequent police interviews, one pressing question remained unanswered: who was Kuji? Pryce claimed he had only talked with his hacking mentor on the Internet and did not know where he lived. American investigators regarded Kuji as a far more sophisticated hacker than Datastream. He would only stay on a telephone for a short time, not long enough to be traced successfully. “Kuji assisted and mentored Datastream and in return received from Datastream stolen information…Nobody knows what Kuji did with this information or why it was being collected,” agents reported.

Mark Morris, who was then a detective sergeant with Scotland Yard’s computer crime unit, was one of the investigating officers on the case. “It was awesome that Pryce, who was just one teenager with a computer, could cause so much havoc, but the greater worry in the US was about Kuji,” says Morris. “The fear was that he could be a spy working for a hostile foreign power. The job was then to find him.”

Pryce did give detectives one telephone number, but it was a red herring: a school library in Surrey. During the next two years of compiling evidence in Britain and America in the case against Pryce, British detectives and American agents failed to turn up any evidence that might lead to Kuji. Their break finally came in June 1996 when the computer crime unit decided to sift once again through the mass of information on the hard disk of Pryce’s computer.

Morris took on the job. “I was at home with my laptop and went through every bit of that hard disk, which was a huge task.” It took him three weeks. If all the files had been printed out they would have filled 40 filing cabinets.

At last he found what he wanted. “At the bottom of a file in the DOS directory I saw the name Kuji. Next to the name was a telephone number. Pryce might not have even known it was on his system because he downloaded so much information.”

For American agents hoping to catch a superspy, Kuji’s telephone number was a grave disappointment. He was based in Cardiff. A team of officers drove up to his address, a terraced house, and finally discovered Kuji’s identity. He was 21-year-old Mathew Bevan, a soft-spoken computer worker with a fascination for science fiction. His bedroom wall was covered with posters from The X Files and one of his consuming interests was the Roswell incident, the alleged crash of a UFO near Roswell, New Mexico, in July 1947. He was arrested on June 21, 1996, at the offices of Admiral Insurance where he worked.

“I would never have been caught if it wasn’t for Pryce and even then they took two years to find me,” Bevan says now. “And the only reason Pryce got caught was that he gave his number to a secret service informant.” Bevan, the son of a police officer, said he had not even been alarmed when Datastream Cowboy disappeared from the Internet. “Everyone was joking with me on the e-mail that he must have been arrested, but I didn’t believe it. It wasn’t until a year later that a friend phoned me and said: ‘Have you seen the papers? They think you’re a spy’.”

However, Bevan became confident that he had escaped detection and was stunned when he was arrested. “I was told to go and check the managing director’s computer. I went in and there were seven or eight of them in suits and I was arrested.” He was charged the next day with two counts of conspiracy under the Criminal Law Act 1997. He was later charged with three offences under the Computer Misuse Act 1990.

Pryce had been charged in June 1995, about 13 months after his arrest, with 12 offences under Section 1 of the Computer Misuse Act 1990. He was also charged with conspiracy three days before Bevan’s arrest. At the culmination of one of the biggest ever international computer crime investigations and after a massive security scare in the United States, law enforcers were left with a meagre and faintly embarrassing prize: two young hackers who in their spare time, from the comfort of their bedrooms, had penetrated what should have been the most secure defence network in the world. To rub salt into the wounds, their credentials were hardly impressive. Pryce had scraped a D grade in computer studies at A-level and Bevan had dropped out of an HND course in computer science.

Pryce’s father, Nick, who restores musical instruments, said: “They said Richard was a No 1 security threat and I think that was just rubbish. They had overreacted and when they found out it was just a teenager, they still wanted to try to make an example of him. I never knew what he was doing at the time; I just thought he was in his bedroom playing on his computer. When I found out, I never thought he had done anything particularly wrong and neither did our friends. He just showed how bad security was on those computers.”

But how did two rather ordinary young men manage to penetrate the Pentagon computer system and spark such a massive security alert? Both were bright and articulate, but there was nothing in their backgrounds to suggest a computer wizardry that would outwit the American military. Their success was based on a mixture of persistence and good luck, which was abetted by crude security mistakes in the Pentagon computer system. Pryce had had a musical upbringing with his two sisters, Sally and Katie, and had a passion for playing the double bass. He was bought his computer when he was 15 to help him in his studies. He would spend his spare time linked up to a bulletin board on the Internet, where computer users traded information and chatted. It was here that he got his first introduction to hacking.

“I used to get software off the bulletin boards and from one of them I got a ‘bluebox’, which could recreate the various frequencies to get free phonecalls,” he said. “I would phone South America and this software would make noises which would make the operator think I had hung up. I could then make calls anywhere in the world for free.”

Now 20 and in his third year at the Royal College of Music in London, Pryce said: “I would get on to the Internet and there would be hackers’ forums where I learnt the techniques and picked up the software I needed. You also get text files explaining what you can do to different types of computer. “It was just a game, a challenge. I was amazed at how good I got at it. It escalated very quickly from being able to hack a low-profile computer like a university to being able to hack a military system. The name Datastream Cowboy just came to me in a flash of inspiration.”

The attack on Rome Laboratory, his greatest success, relied on a ferret called Carmen. Pryce easily gained low-level security access to the Rome computer using a default guest password. Once inside the system, he retrieved the password file and downloaded it on to his computer. He then set up a program to bombard the password file with 50,000 words a second. “I just left the computer running overnight until it cracked it,” he explained.

If all the air force officers with access to the computer had followed orders and used passwords with a mixture of numerals and letters, his attack would have been foiled; but luck was on his side.

Morris, who has since left Scotland Yard’s computer crime unit and now works in London for Computer Forensic Investigations, a private company, revealed: “He managed to crack the file because a lieutenant in the USAF had used the password Carmen. It was the name of his pet ferret. Once Pryce had got that, he was free to roam the system. There was information there that was deemed classified and highly confidential and he was able to see it.”

Once he was in the system, Pryce kept getting access to higher levels in his aim to become a “root user”, which gives the hacker total control of the computer with the power to shut out other users and command the entire system.

“I was interested in Rome Labs because I knew they developed stuff for the military. I just wanted to find out what they were doing. I read that UFO material was being kept at Wright Patterson base and I thought it would also be a laugh to get in there. I also hacked into a Nasa site,” he said. “Rome Labs was my main project. I got the programming code for an artificial intelligence project. I downloaded files so I could view them at leisure at home.

“I know there was a big fuss when I tried to hack into a computer in Korea, but there was nothing sinister about it. I just fancied having a go at a different sort of computer and I happened to be on the Rome Laboratory computer. I just tapped in the address for the Korean research computer, but I didn’t hack into it. It never went further than that.” During an intensive three months of hacking, Pryce sent e- mails at least twice a week to the fellow hacker he knew as Kuji, without knowing his real name was Mathew Bevan.

Bevan, who is now 23, was more of a loner than Pryce and would spend up to 30 hours without a break on his computer. He claims the fraternity of hackers gave him the friendship that he had failed to find during his childhood. “I was bullied at school and I found my little community and interaction through my computer,” he said. “The hackers would all egg each other on. There wasn’t anything malicious about it. If there was, I could have downed as many computer systems as I wanted. I was just really looking for anything about UFOs. It was like war games; I just couldn’t believe what we could get into. I wasn’t tutoring Pryce, but the Americans made out I was because they thought I was some kind of east European masterspy.” Pryce agrees: “We embarrassed them by showing how lax their security was and that’s why they made out we had been a huge security threat. I’m now amazed by what I did, but I wasn’t surprised at the time. It was just my hobby. Some people watched television for six hours a day, I hacked computers.”

The first time Pryce and Bevan met in person was in July 1996 when they appeared at Bow Street magistrates court jointly charged with conspiracy and offences under the Computer Misuse Act. “He was at the back of the court when I went in and his mother said: ‘You’d better say hello’, which he did. We didn’t even have a chat,” said Bevan.

Conspiracy charges against both Pryce and Bevan were later dropped, but in March last year Pryce was fined ?1,200 after admitting 12 offences under the Computer Misuse Act. His lawyers said in mitigation that there had been some exaggeration when the Senate armed services committee had been told in 1996 that the Datastream Cowboy had caused more harm than the KGB and was the “No 1 threat to US security”. The remaining charges against Bevan were dropped in November after the Crown Prosecution Service decided it was not in the public interest to pursue the case.

Nevertheless, the case of Datastream Cowboy and Kuji remains one of the most notorious in American cyber history. The two young men are living this down in different ways. Pryce’s computer was confiscated, to his initial dismay. “After I had my computer taken away it was quite difficult because I had been doing it every night for a year,” he said. “If they hadn’t caught me, I would have carried on.” Now he thinks hacking was a waste of time and insists he will never do it again. He does not even own a computer any more.

Bevan, however, has put his notoriety to good use: he is now employed testing the computer security of private companies.Targeting the Pentagon United States defence computers have for years been one of the most covetedtargets for hacking addicts inspired by the film War Games, which showed a boy cracking an American defence network and nearly starting the third world war.

One of the pioneers of this craze was Kevin Mitnick, who repeatedly hacked into Pentagon computers in the mid-1980s. He was jailed in 1989 but continued his exploits on his release and was arrested again after a two-year hunt by the FBI. The number of cyber attacks on the Pentagon is estimated by Washington officials as 250,000 annually, but the incidents the public hears about are only the few where hackers get caught. In 1996 six Danes who hacked into Pentagon computers were given sentences of up to three months. The same year, special agents tracked down three teenage hackers in Croatia who had also succeeded in penetrating Pentagon computers.

They were never identified or charged, however, as there is no law against computer hacking in Croatia. Last month there was a spectacular example of the hackers’ work when American defence officials revealed that the Pentagon computer network had been subjected to a relentless two-month attack. CIA agents were reportedly anxious that the hackers might be the agents of Saddam Hussein.

FBI agents blamed a secret convention of hackers believed to be held in New York. A few days ago, the real culprit gave himself up. Ehud Tenenbaum, an Israeli teenager who dubbed himself The Analyser, had worked with two young hackers in California. Under house arrest in Tel Aviv, he said the attacks were not malicious. He had concentrated on American government sites because he hated organisations. “Chaos, I think it is a nice idea,” he said.

(c) Times Newspapers Ltd, 1998.

SUNDAY TIMES 29/03/98

Infowar.Com & Interpact, Inc. WebWarrior@Infowar.Com

Submit articles to: infowar@infowar.com
Voice: 813.393.6600 Fax: 813.393.6361

Last modified: Sun, 03 Jan 1999 00:04:46 GMT

O1 Apr 97 HACKER PAYS THE PIPER: AGE (MELBORNE) Reuter Textline

Music student RICHARD PRYCE, was only 16 when he first appeared at Bow Street Magistrates Court in London in 1994, charged with hacking into the US Air Force computer system using the PC in his bedroom. Last week his case was finally concluded. He pleaded guilty to 12 charges under Britain’s Computer Misuse Act, 1990, and was fined 1200 (Dollars A2400).

Reuter Textline
Copyright (C) Reuters Limited 1980-1997

LOVELL WHITE DURRANT: Richard Pryce fined GBP 1,200 for offences under the computer misuse act 1990

Mr Bartle, a magistrate at Bow Street Magistrates Court, today accepted Richard Pryce’s plea of guilty
in respect of 12 offences of gaining unauthorised access to computer systems under the Computer Misuse Act 1990 when, aged 16, he “hacked” into computer systems in the United States of America, including those of the US Air Force, from a personal computer installed at his home. Following a plea in mitigation which stressed that Richard had been motivated by the curiosity of a teenager, had since been punished by substantial disruption to his career over a three year period and was of good character, the magistrate fined him GBP 1,200. Mr Pryce was represented by international law firm Lovell White Durrant.

The charges against Richard Pryce Richard was arrested at his parents’ home on 12 May
1994, when he was 16, by members of the Computer Crime Unit of New Scotland Yard, who were executing a search warrant. He had been traced by the US authorities to England after an informant provided them with a copy of an on-line conversation which had occurred several months earlier in which Richard disclosed that he was 16, from England and interested in US military systems. He had also provided the informant with his home telephone number. Following his arrest, Richard was released the same day on police bail. On 7 June 1995 – some 13 months after his original arrest, by which time he was in the middle of his A-level exams – he was charged at Holborn police station with 12 offences under Section 1(1) of the Computer Misuse Act 1990.

Three of these charges were later dropped and three more inserted in their place. On 19 June 1996 Richard was charged with two offences of conspiracy to commit an offence under Sections 1 and 3 of the same Act – charges which were withdrawn on 14 March 1997 after an abuse of process application was commenced by the defence. Despite implying that they would charge him with other offences under Section 3, the Prosecution eventually decided to proceed solely in respect of the revised set of 12 offences under Section 1(1).

The plea in mitigation The Defendant’s legal team stressed three points in the plea in mitigation made on his behalf.

First, Richard was not motivated by malice or by a desire for financial gain, and did not erase or alter
data on the computer systems or disclose any sensitive information.

His actions were motivated by the curiosity of a bright 16 year old who was not a sophisticated
computer user; he exploited vulnerabilities of the computer systems using information and methods to
gain access to insecure systems which were widely known and available.

Second, instead of being charged in a juvenile court, where he would have been dealt with speedily and with little publicity, Richard had suffered very public disruption to his career over a period of three
years. He had been punished severely already, through the repeated hearings and frequent alteration of the charges against him, extensive media and public interest in him and the case, and confiscation of equipment and material being used for his A-level studies.

Third, he had received excellent character references, had no previous convictions and had co-
operated with the police throughout.

The sentence After hearing the evidence, Mr Bartle accepted Richard’s plea of guilty. He rejected the option of a custodial sentence, on the grounds that it would be excessive in the light of the offences committed. He also rejected the option of a Community Service Order, on the grounds that it would have interfered unfairly with his music studies. Instead, the magistrate opted for a fine, at GBP 1,200 set at a level which takes account of Richard’s financial circumstances as a student (notably the fact that he receives a means-tested local authority grant). He also ordered him to pay GBP 250 towards costs.

Mr Pryce was represented in Court by Mr Martin Hicks, lead by Mr Geoffrey Robertson QC. Mr Geoffrey
Robertson, QC said: “The sentence handed down in this case should not be
misconstrued or interpreted in a way that suggests that the Courts do not take “hacking”, and its
effect, very seriously indeed. The particular combination of circumstances – the age of the
defendant, the delays in the prosecution process and the co-operation given by Richard – all contributed to the sentence which, in the circumstance, is just and fair. However, it should also be said that the case against Richard has been blown out of all proportion by the police, politicians (particularly in the United States) and the media, for reasons which have nothing to do with the facts of the case.

We are pleased that the magistrate saw reason and accepted our plea in mitigation. Richard has already paid heavily for what was, in effect, a schoolboy prank. It was not his fault that security systems in the computing and defense industries left something to be desired.

Mrs Pryce, Richard’s mother, said: On behalf of my son and the family as a whole, I would just like to say that we are relieved this is all over and very much hope that Richard will now be allowed to get on with his studies at the Royal College of Music. He has had a very tough time for nearly three years – despite accepting his guilt for the offences with which he was finally charged and his willingness to co-operate with the police – and would now like to put it all behind him.

NOTES FOR EDITORS

Richard Pryce
Richard Charles Vaughan Pryce was born on 26 May 1977. He lives with his parents, Nick and Alison, and his two sisters, Sally (aged 17) and Katie (aged 15) in Kingsbury, North London. His father and mother run their own business restoring musical instruments.

In September 1995, Richard started his studies at the Royal College of Music, where he has been awarded a scholarship following auditions at the Royal College.

He is an accomplished double bass player: he was the youngest member of the Brittan Pears orchestra and has toured in the UK and Europe with other orchestras.

At the time the offences were committed, Richard was
a pupil at Purcell School, Harrow in Middlesex. He
took his A-levels in 1995 (receiving an A in music
and a D in computer science).

The Computer Misuse Act 1990
Under Section 1 of the Computer Misuse Act 1990, it
is a criminal offence to cause a computer to perform
any function with a view to securing unauthorised
access, knowing at the time that that is the case.
The maximum sentence for an adult on conviction is
six months imprisonment or a fine not exceeding GBP
5,000 or both.

Under Section 3 of the Computer Misuse Act 1990, it
is a criminal offence to do any act which causes
unauthorised modification of the contents of a
computer with intent to impair its operation, prevent
or hinder access to a program or data, or to impair
the operation of a program or the reliability of any
data. Where the matter is dealt with in the
Magistrates’ Court, the maximum sentence for an adult
on conviction is six months imprisonment or a fine
not exceeding GBP 5,000 or both. Where the matter is
tried on indictment in the Crown Court, the maximum
sentence for an adult on conviction is five years
imprisonment or a fine (unlimited) or both

CONTACT: Fenella Gentleman, marketing communications
manager, Lovell White Durrant
Tel: +44 (0)171 236 0066
e-mail: fenella.gentleman@lovellwhitedurrant.com
WWW: http://www.lovellwhitedurrant.com

*M2 COMMUNICATIONS DISCLAIMS ALL LIABILITY FOR
INFORMATION PROVIDED WITHIN M2 PRESSWIRE. DATA
SUPPLIED BY NAMED PARTY/PARTIES.*

Copyright ? 1997 M2 Communications, Ltd., All Rights Reserved.

LOVELL WHITE DURRANT: Richard Pryce fined GBP 1,200 for offences under the computer misuse act 1990., M2 PressWIRE, 03-24-1997.

View Previous Article View Article Index View Next Article

23 Mar 97 SOUTH CHINA MORNING POST: HACKER OF THE WEEK
:The teenage security threat: Asia Intelligence Wire

RICHARD PRYCE

If you had to imagine the number one threat to America’s security, you might go for a terrorist group or a coalition of Iraq, Libya and North Korea. You would be unlikely to select a teenage double bass player at a British music college.

But RICHARD PRYCE, from a north London suburb, can count himself among those who have been elevated to the ranks of major threats to United States national security up there alongside Iraqi leader Saddam Hussein.

Pryce’s claim to fame, or infamy, lies in the way he hacked into America’s deepest defence secrets. At one point, he was even accused of having caused more harm to the US defence and missile systems than Russian intelligence. One might, equally, imagine that such a number one threat would operate from a secret base filled with the latest computers and advanced software. But PRYCE did it all from his bedroom in the suburb of Colindale, with equipment worth a grand total of GBP7SO (HK$9,315).

He was just 16 at the time. PRYCE, who only got a D grade in computer science, obtained the passwords to download super-secret computer records in New York and California, including an Air Force base which deals with sensitive subjects such as artificial intelligence.

When he was brought to trial last week, his solicitor said that officials believed he was being manipulated by an East European outfit.
A US congressional report on computer attacks said he had been seizing control of defence department computers on the direction of an unknown third In the Senate in Washington, PRYCE was accused of “causing more harm than the KGB” and described as the number one threat to US security.
The magistrates took a more lenient view. Fining PRYCE GBP1,200 on Friday, they accepted his innocent motives after he admitted 12 charges of gaining access to the computers.

But they did order his computer equipment to be confiscated.
PRYCE, now 19, was arrested after the US Air Force Office of Special Intelligence investigated the hacking.
They codenamed the unknown culprit “Datastream Cowboy”, and finally got his name from other computer users.

The Pentagon said yesterday it was taking measures to stop its systems coming under computer attack.

22 Mar 97 British teenager fined after hacking into US defence system:
His lawyer says RICHARD PRYCE used information he learned on the Internet to gain access.

By JASON BENNETTO LONDON

LONDON – A British teenager who barely passed computer science was fined Friday for hacking into United States defence and missile systems and removing files on artificial intelligence and battle management.

RICHARD PRYCE was only 16 when he used a basic dollars 1,650 computer from his bedroom in north London to infiltrate some of America’s top security establishments.

Codenamed Datastream Cowboy, PRYCE, now 18, was the subject of allegations in the US Senate, where the unknown ‘spy’ was accused of ‘causing more harm than the KGB.’

He has also been described as ‘the number one threat to US security.’ But his lawyer insisted Friday it was a ‘schoolboy prank’ and that the teenager with just six months experience had used information taken off the Internet to break into the US networks.

Lawyers believe the case shows the extraordinary lax security deployed within US military systems.

PRYCE was fined dollars 3,200 after pleading guilty to 12 charges of gaining unauthorized access to computer systems in March and April 1994.
He has now dropped his interest in computers in favor of a double bass that he studies at the Royal College of Music in London.

The first that Pryce’s parents, Nick and Alison, knew of their son’s activities was when members of Scotland Yard’s Computer Crime Unit arrived at the home in Colindale to arrest him.
Bow Street Magistrates’ Court heard that PRYCE managed to hack into the Griffiss Air Force Base in New York.

It is alleged he downloaded material from the air force base about artificial intelligence and battlefield management systems.
He also broke into the Lockheed Space and Missile Company in California. The systems he was said to have obtained access to included those for ballistic weapons research and aircraft design, payroll, procurement, personnel records and electronic mail.

Pryce’s forays led to allegations that a spy had managed to infiltrate secret intelligence data.
His hacking was described as an example of a growing and serious threat to US national security in reports and testimony to a Senate committee by the US General Accounting Office.

Some of the more outlandish allegations about the effects of Pryce’s hacking exploits were later seen as an attempt to obtain extra funding. Indeed, US officials later insisted PRYCE had been unable to access any secret information.

Despite these claims it is understood that the British authorities were considering using a Public Immunity Certificate, a gagging order, to cover part of the hearing, but decided not to bother after the more serious charges were dropped.

Defence lawyer Geoffrey Robertson said that what the Pentagon had at first suspected was a European spy-ring was later
discovered to be the teenaged Londoner.

‘He was riding, rather than surfing, the Internet.
‘He made no profit and there was no subversion of defence systems,’ he said.
His lawyer says RICHARD PRYCE used information he learned on the Internet to gain access.

The Vancouver Sun Page A10
FINAL Copyright (C) The Vancouver Sun 1994-1997

Datastream Cowboy returns to bass

THE teenage hacker who was fined for breaking into secret US Air Force systems yesterday claimed he had turned his back on computing and that “it was just a phase”.

Richard Pryce, 19, a student at the Royal College of Music, intends to pursue a career as a professional musician with his double bass.

Pryce, who was known as the “Datastream Cowboy” by fellow hackers, said yesterday: “I’m not going back to my old ways. I have put that behind me. It was just a phase I was going through. Now I would like to be a professional musician.”

He said that even if computer firms offered him high-profile jobs he would not accept them. Instead he is trying to work out how to pay the £1,200 fine and £250 costs after he admitted 12 charges of gaining unauthorised access to US military computers, at Bow Street Magistrates on Thursday.

‘Datastream Cowboy’, 19, fined £1,200 for hacking secret US computer systems
By David Graves

A TEENAGE computer hacker known on the Internet as the “Datastream Cowboy,” who US military intelligence officials claimed had caused more harm than the KGB, was fined £1,200 yesterday for gaining unauthorised access to secret US Air Force computer systems.

The US Senate armed services committee was told later that the Royal College of Music student was “the number one threat to US security”.

Geoffrey Robertson, QC, defending, told Bow Street magistrates that the Pentagon had expected to find an East European spy ring responsible for the 200 security breaches, not an A-level student with a £750 personal computer in his bedroom.

Mr Roberston said Pryce had been guilty of “a schoolboy prank” and could not be blamed for the fact that security systems in the US military files “left something to be desired”. He downloaded scores of secret files, including details of the research and development of ballistic missiles.

Pryce, of Colindale, north London, admitted 12 specimen offences under the Computer Misuse Act 1990 and was ordered to pay £250 costs.