Sunday 27 November 2011

The History of Hacking: Shadow Hawk

Bill Landreth, who had been arrested in 1983, was let out on parole and there are reports of his mysterious disappearance following publication of his guide to computer security called Out of the Inner Circle. He left a note stating that he would cornmit suicide "sometime around my 22nd birthday..." There was much
discussion about all this. Was it a publicity stunt, or for real? Eventually Landreth reappeared in Seattle, Washington, in July, 1987, and he was hastily carted back to jail for breaking probation.

The month before - on the anniversary of D-Day - a cracker named Shadow Hawk (also identified by some press reports as Shadow Hawk 1) had been discovered by an AT&T security agent to be bragging on a Texas BBS called Phreak Class-2600 about how he had hacked AT&T's computer system. Shadow Hawk (really Herbert Zinn of Chicago) was an 18-year-old high school drop-out when he was arrested. He'd managed to get the FBI, the Secret Service, the Defense Criminal Investigative Service and the Chicago U.S. attorney on his tail for not only the above mentioned hack, but also for invading computers belonging to NATO and the US Air Force, and stealing a bit over $1 million worth of software. Shadow Hawk's case is important because in 1989 he became the first person to be prosecuted under the Computer Fraud and Abuse Act of 1986.

Shadow Hawk is just one example of how this hobby has gotten people in trouble with the law. Around this time there were a lot of hackers being brought down by all manner of cops: security officers for the telephone companies and other organizations, the FBI, local police and concerned citizens. This was the time when the investigators got smart. Not that they suddenly knew more about computers and hacking, but now they understood that to catch a lion, one must step into its den. These police agents started logging onto hacker BBSs and amassed huge dossiers on the people who normally used those boards. Many warnings were issued, and many arrests were made.

In August, 1986, Cliff Stoll first set out to find out why there was a 7,50 imbalance in the computer accounts at the Lawrence Berkeley Laboratory in California. Stoll's efforts led to the discovery of a group of German hackers who had broken into the computer system. In October, 1989, a book about Stoll's exploits called The Cuckoo's Egg was published and became an instant best seller.

Organized and independent hacker activity continued for the next few years with little public interest. There were threats in early 1988 by the West Berlin Chaos Computer Club that they would trigger Trojan horses they had implanted into NASA's Space Physics Analysis Network, thus causing the chaos of their name. The
threats never materialized but minor havoc was wrought anyway, as many computers were temporarily pulled from the net until the threat could be analyzed.

The end of 1988 - November 2, to be exact -marked the beginning of a new surge in anti-hacker sentiment. It was then that Robert Morris Jr.'s com-puter worm began its race through the Internet. Exploiting an undocumented bug in the sendmail program and utilizing its own internal arsenal of tricks, the worm would
infiltrate a system and quickly eat up most or all of the system's process-ing capabilities and memory space as it squiggled around from machine to machine, net to net.