1 ALE II-IFDFEQTIEII-I HEE-IE IN IS DATE B f EDEE ifUCg ljataEg'EabHaas -124256O -1- The following investigation was conducted by Special Agent be - b at Falls Church VA Attached are various news articles relating to the above captioned case 1 ML Mew 70 How the tracked down alleged Pentagon hack lof2 How the FBI tracked down alleged Pentagon hackers By Rob Lemos ZDNN February 27 1998 6 43 PM PST The local hunt for the hackers who broke into 11 non-classified Pentagon computers began with a small provider in Santa Rosa Calif We originally detected the intrusions because the hackers made changes to our operating systems that were easily detectable said Bill Zane owner and operator of the 3 000-user Netdex Internet Services in Santa Rosa Calif They were very sloppy in that respect That was in mid January In the weeks that followed Zane worked with FBI agents and other network administrators in tracking down the trespassers After we figured out they were there we could have closed up the security holes they were using said Zane Instead after reviewing the data and seeing the massive scope of it we decided to take a risk and leave the door open for a while FBl's big crackdown nabs small town teens 3 Poulsen Why hack the Pentagon Simple Because it's there CyberCrime Interrogation Ken Geide new No 2 anti-hacking cop In fact a while turned into 6 weeks The entire time the FBI kept their dogs on the electronic trail of what they thought could be 11 miter aws Meditate interest Hats magastiaes Eminent Games stifle it Home beaming 'Cemmunityt investor Updated February 28 1998 9 58 AM PST 3 FBI mounts big crackdown on small town teens 36 Bill to the hill No white knight HP secures export Ballet s FREE Ham Ham its meeting Eav rs i start-1 3 2 98 7 36 AM How the 1 13 tracked down alleged Pentagon hack 20f2 potential terrorists The FBI had their 10 agents in San Francisco working on overtime over the last month said Zane They considered this to be a very serious issue Joining the local agent were others from the East Coast where most of the analysis was being done Zane with system administrators from Massachusetts Institute of Technology and UC Berkeley tracked the intruders and essentially bugged their communications Those messages plus the different mode of operations lead Zane to believe someone is out there and they are an adult The other methods were much more sophisticated and acted much more serious he said A me ZDl-let Site 3'4 12 3 2 98 7 36 AM So Why hack the Pentagon Simple Because it's th 4 lof3 So why hack the Pentagon Sim ple Because it's there By Kevin Poulsen ZDNN February 27 1998 6 48 PM PST I was channel surfing last night when I caught the evening news airing a clip from the 1983 movie War Games Matthew Broderick typing on a keyboard NORAD going on full alert worldwide nuclear war looming know what that means Intruders have broken into yet another low level Pentagon computer and examined unimportant and unclassified information all so they could win bragging rights with their friends Time to run for the bomb shelters W t t f fg t FBl's big crackdown nabs small-town teens 39 Road to Cloverdale How the FBI tracked dow Pentagon hackers CyberCrime Interrogation Ken Geide new No 2 anti-hacking cop 3- At least one newspaper report suggested that the latest string of Defense Department hack attacks might be the work of the Iraqis Well Saddam can breathe a sigh of relief it turns out the suspects are a couple of teenage hobbyists in Cloverdale Calif One of them is 15 years old The systems that were cracked housed personnel and payroll data A Defense Department official characterized the intrusions as a wake-up call for increased computer security at the Pentagon They've been getting this particular wake up for 15 13 mite ta-we Presents tatemat tietpt Magaztnas Games Mac At Heme teaming i tweeter in see $338358 Updated February 28 1998 9 58 AM PST it FBI mounts big crackdown on small-town teens Bill to the hill No white knight seen for CSC HP secures cmgto export 539$ ems mes 5 P t ltiisi Elm-am FREE ail its sweating Es talif mart nu luv 3 2 98 7 37 AM 20f3 8 0 why hack-the Pentagon Simple Because it's t years now but someone keeps hitting the snooze button And with good reason The Defense Department has more computers than God and as in any large bureaucracy most of them are not very exciting Classified systems are isolated from the outside world physically and electronically and when it comes to classifying data the Pentagon errs on the side of caution So the only reason anyone would have for cracking a vulnerable Pentagon system is because it's there Should youthful adventurers be treated like serious saboteurs Sadly that's what is likely to happen after a investigation that will shadow the pranksters as they grow up get their first car and register to vote for the first time If the Defense Department wanted to shore up security on its unclassified systems they could have done it long ago But then we'd miss the drama of G men cordoning off a suburban street and filing out of a Brady Bunch home with stacks of floppy disks and modems We'd miss the chance to give the already-bloated Pentagon budget an extra billion for information security We wouldn't get to pass new laws cracking down tighter on this grave threat to the American Way of Life And we'd never see the War Games clip again Depending on who you listen to Kevin Poulsen is either a misunderstood former hacker aria menace to society He writes CHAOS Theory a weekly column on the electronic underground for CyberCrime tsp Site i310 US 14 3 2 98 7 37 AM FBI crackdown on small-town teens FBI mounts big crackdown on small-town teens By Robert Lemos ZDNN February 28 199811218 AM PST The FBI spent six weeks and dedicated more than 20 agents to an effort to track down what it feared to be organized ring of intruders who cracked into Pentagon systems But after two nighttime raids the agency found itself dealing with the revelation late Friday that its intensive investigation may have nabbed nothing more than a couple of kids During one raid the agents caught a teen identified as a 15 or 16-year old high school student in the process of breaking into a non-classified computer system A second raid targeted the home of another youth suspected of taking part in the Pentagon hacks The crackdown took place in Cloverdale a town of some 5 000 residents about 100 miles north of San Francisco The two teenagers -- as minors -- were not arrested but the FBI confiscated computer equipment and software in both homes 3 3 3 5352 39 Road to Cloverdale How the FBI tracked down Pentagon hackers it Poulsen hack the Pentagon Simple Because it's there 3 CyberCrime Interrogation Ken Geide new No 2 anti hacking cop mamawwma # 2251- H - H These are good kids said Michael Carey superintendent of the Cloverdale Unified School District I'm betting that no charges will be brought against them 15 mm 3 new i W dt f i interim Whooping Rain 3 Magazine ommas ames 5 Mat EM Home a teaming i ommanityt investor 3 9 3 ream Updated February 28 1998 9 58 FBI mounts big crackdown on small-town teens Bill to the hill No white knight seen for 080 HP secures cmpto export gag Email mils P n t this Hit imiw READ RSA's challenge solved in 39 days Pentagon hack no surgrise C gto Crew Feds at Odds 25%61 9 333me 53 awaiting E mait Marti 3 2 98 7 34 AM Fg BImormtibig crackdown on small-town teens 20f3 This ends a chapter in its investigation of several break ins of unclassified Pentagon computers The raid occurred the day after Deputy Defense Secretary John Hamre revealed that 11 unclassified Pentagon systems had been broken into earlier this month According to federal investigators other Cloverdale High students are in the process of being questioned by Secret Service and FBI agents The suspicion is that the hacking was being conducted by a ring of youths who may have been in a contest to see who could get farthest into government computers Most everyone here is thinking that this was some kind of computer contest said one student at Cloverdale High School Earlier this week Deputy Defense Secretary Hamre stated that the online trespasses were the most organized and systematic attack the Pentagon has seen to date This says amazing things about the kids' skills and really poor things about the Pentagon's security said a hacker unrelated to the incidents who preferred to be identified by his online name darkcube But the hunt isn't over at least not according Bill Zane who owns the 3 000-user Netdex Internet Services in Santa Rosa Calif The hackers apparently broke into Netdex on the way to the Pentagon in fact Zane may have given FBI agents their first bead on the intruders There's at least one more and most likely two more out there Zane said it's not just these two kids 16 3 2 98 7 34 AM 1 FBI moun big crackdown 0n small-town teens 7 at Ir- 3of3 Zane with system administrators from Massachusetts Institute of Technology and UC Berkeley tracked the intruders and essentially bugged their communications Those messages plus the different mode of operations lead Zane to believe someone is out there and they are an adult The other methods were much more sophisticated and acted much more serious he said As for the two young hackers worse crimes could have been committed would have much more concerned if they had hacked the school system or tampered with grades said Superintendent Garey It was more an innocent game than a malicious attack Alex Wellen ZDTV CyberCrime contributed to this report A Tea ZDl'le t Site HUME velar Rewirznnerzcix ianme- va 49er mm ecu usn 17 html 3 2 98 7 34 AM ALL HERE 3 EEJELAS IFIEEIB DATE ET # 3032deth at-Ifsabfas MAim% The following investigation conducted by Special Agent at Falls Church VA An Internet news story attributed to The Australian Online dated October 21 1997 by Iwas obtained which indicates thatl Ipleaded guilty to charges which carry a 10 year sentence I plead guilty in Sydney District Court to the main offence under Section 76E of the Crimes Act for his hacking into an Australian ISP named AUSnet changing their web page and distributing their clients credit card details across the Internet Damages resulting from this incident are estimated to be $2 million An additional eight charges are also indicated reported to be sentenced in November 1997 for offenses related to other charges he faces on making $50 000 worth of ille al hone calls by tappin into be the ublic telephone system hacker name is b c he old i Iis scheduled to be sentenced on February 5 1998 A copy of this Internet news story is attached A second Internet news story was obtained which also describes the legal status ofI This story was- contained in an email message dated 2 10 98 which was sent through an anonymous remailer The story indicates the author to bel This story contains the following informationzl Iof Sydney Australia is to be sentenced today for charges of hacking into the ISP AUSnet and circulatino the information on 1200 credit cards onto the Internet faces a maximum 10 year sentence in the Downing Centre Disrrict Court Damages estimated to be $2 million in lost clients and contracts into AUSnet in March 1995 two months after he was refused a job with AUSnet faces 1 count of inserting data into a computer which carries a maximum 10 year sentence and 8 counts of unlawful access to computer data A copy of this news story is attached @29an a i ozlisx'ss WED 19 01 FAX 1 681 6569 COUNTERMEASURES Dex I001 Computers News story Page 1 of 2 esteem -- #3 f teammates no 5 - a aft WM gas 13 g $51 -rr--v I um Miw'nux taesuets f Optik Surfer faces 10 years for hack attack thighs $531 By GEOFF LONG saws 0ctober'21 Optilc Surfer the hacker who broke into the system of 131 AU-Snet and xvi distributed clients credit card details across the Internet has pleaded guilty to charges carrying a maximum penalty of 10 years imprisonment The Australian Federal Police computer crime unit spent more than six months in 1995 tracking down the hacker who also altered the AUSnet Web site and sent e-mail messages from the system administrators' account Computer crime agents spent 325 almost 12 months preparing the case against the hacker Skeeve Stevens a 27-year-old computer consultant was charged with eight counts of gaining unlawful access to computer data and one count of inserting data into a computer system Stevens pleaded guilty in Sydney District Court to the main offence under Section 76E of the Crimes Act which carries a 10-year sentence and asked the court take the other eight charges into consideration when sentencing It is the second time in the past month that a hacker has pleaded guilty in court Next month another hacker will be sentenced for offences related to making up to $50 000 worth of illegal phone calls by tapping into the public telephone system Graham Henley a former agent with the Australian Federal Police computer crime unit who now heads computer forensic services for Network Security Management was involved in both cases Mr Henley tracked the source of the Optilr Surfer attack to a computer laboratory at Monash University - The court was told that after the break-in the hacker returned to the system and sent an email message to journalists from an account operated by AUSnet s technical director Identifying himself as the Optik Surfer he boasted of his break-in and said that the credit card details had been distributed to highlight the poor security at AUSnet AUSnet's Web site was also altered to greet visitors with the quote Remember too WED 19 02 FAX 1 703 8569 COUNTERMEASURES Dorm I002 Computers News story - Page 2 of 2 many secrets The quote comes from Sneakers a 199 lm about hackers starring Robert Redford Stevens originally denied being the hacker but claimed to the rriedia that he was in contact with the scacalled Optik Surfer Mr Henley was aware of Stevens as a result of a previous conviction for compute hacking Federal police alleged that Stevens actions cost AUSnet more than $2 million in contract losses Banks had had to re-issue many of the credit cards The matter was adjourned for sentencing on February 5 next year same re Hesse-e ELLE EDI-WEEKS HEREIN IS DATE 39 25-2813 BY On March 5 Special Agent Iby telephone CS then furnished the following information CS discovered an online news article which includes an interview with the hacker named Analyzer The address for this EEC web page is bin This is an interview conducted on an Internet chat service between Analyzer and another person using the name JP visited this Internet site and printed the interview That material is attached to this insert ALL IMFURI-ELTI SE OMAR-TEE HERE 331 IS TIMI LAESIFIED DATE ET awfaal f s i242550 MAJ The following investigation was conducted by Special Agents Iandl at Falls Church VA On Iof Georgetown University Computer Science Department was interviewed at her placelof employment Georgetown University Washington DC 20057 the laccount at Georgetown University could have been compromised on 12 19 97 and 02 12 98 advised that she would advise the system administrators of the Georgetown accounts of this information by he Ch On SA that the system administrator checked account advised that the account did have any unusual logins on the dates that SA provided The 12 19 97 was a login from Georgetown University and the 02 12 98 login was a dial up SLIP Serial Line Internet Protocol connection M oe Maseos 7 HEREIN IS ALL CUNTAII-TED DATE 09 31 3012 ET 6113Edi Eilg'bamfaahjne MAJ 6 The following investigation conducted by Special Agentb 133 at Falls Church VA OTHER Sealed pursuant to court order On 02 17 98 per provided attached On 02 18 98 inquires to the NATIONAL CRIME INFORMATION CENTER NCIC INTERSTATE IDENTIFICATION INDEX were negative regardin an criminal identifiable withl IDate of Birthl On 02 18 98 inquires to ghe VIRGINIA DEPARTMENT OF MOTOR VEHICLES disclosed the following information regarding Date of Birth On 02 18 98 inquires to the MARYLAND DEPARTMENT OF MOTOR VEHICLES disclosed no record regarding Date of Birth On 02 18 98 inquiries to the PERSON LOCATOR database disclosed the following regarding Ipermanent address APPROXIMATE BIRTH DATE 1 On 02 18 98 inquiries to the LEXIS-NEXIS PERSON LOCATOR database disclosed the following names listed with local address I which is al ldwelling ib7C On 02 18 98 inquires to the AUTOMATED CASE SUPPORT ACS system disclosed negative results regardingl On I FBIHQ made an inquiry to the IMMIGRATION AND NATURALIZATION INS database located at FBIHQ National Security Division and advised that there is no record of in the INS database