Combining the Cybereason operations-centric EDR with Nuspire’s top-notch security operations team enables defenders to combat sophisticated and persistent threats to our mutual customer’s organizations...
May 2, 2022 |
Born in Israel in 1975, Malicious Life Podcast host Ran studied Electrical Engineering at the Technion Institute of Technology, and worked as an electronics engineer and programmer for several High Tech companies in Israel.
In 2007, created the popular Israeli podcast Making History. He is author of three books (all in Hebrew): Perpetuum Mobile: About the history of Perpetual Motion Machines; The Little University of Science: A book about all of Science (well, the important bits, anyway) in bite-sized chunks; Battle of Minds: About the history of computer malware.
Malicious Life by Cybereason exposes the human and financial powers operating under the surface that make cybercrime what it is today. Malicious Life explores the people and the stories behind the cybersecurity industry and its evolution. Host Ran Levi interviews hackers and industry experts, discussing the hacking culture of the 1970s and 80s, the subsequent rise of viruses in the 1990s and today’s advanced cyber threats.
Malicious Life theme music: ‘Circuits’ by TKMusic, licensed under Creative Commons License. Malicious Life podcast is sponsored and produced by Cybereason. Subscribe and listen on your favorite platform:All Posts by Malicious Life Podcast
In May 1990, officials from several law enforcement agencies gathered in Phoenix, Arizona, to announce a nationwide crackdown on illegal computer activity: a huge operation carried out by hundreds of Secret Service and FBI agents in over twelve major cities. They presented to the nation a sweeping, successful move against a new kind of criminal: hackers. As one official put it, it was time America realized that computer-based crimes are no joke:
“It is not a game. They are attempting and are getting into credit cards, they’re getting into telephone systems, medical records, credit records – they’re getting into everything.”
Garry M. Jenkins, the sitting Assistant Director of the U.S. Secret Service, was one of the architects of the raid. He didn’t mince words either, announcing:
“Today, the Secret Service is sending a clear message to those computer hackers who have decided to violate the laws of this nation in the mistaken belief that they can successfully avoid detection by hiding behind the relative anonymity of their computer terminals.”
What a marvelous triumph for the rule of law against devious criminals… or rather, that was the narrative promoted by the U.S. government. But in fact, things were not exactly as they seemed. Operation Sundevil turned out to be a very controversial action by the government – and its effects are still being felt today.
We cannot understand Operation Sundevil without first understanding Bulletin Board Systems – BBSs, for short. BBSs were computer servers allowing users to share information and files and exchange messages in public chat rooms. If this sounds not too different from our modern Internet, it’s because Bulletin Board Systems were indeed the immediate precursors of the World Wide Web – and they dominated the community of computer enthusiasts during much of the 1980s, filling the same function as a primitive pre-Internet. They were generally text-based, operated mostly by computer hobbyists and usually dedicated to a specific subject, such as computer hardware or telecommunications.
The first bulletin boards used acoustic couplers to convey information between servers and clients: acoustic couplers were devices that converted electronic signals into acoustic sounds, which were then sent over the telephone system. This was achieved by placing a standard telephone handset into a specially designed cradle, in which a loudspeaker played the sounds into the handset – and a microphone would pick up the sounds coming from the opposite end of the line. As can be expected, this type of communication was extremely slow – only some 1200 bits of information per second, at best.
Next came dial-up internet connections, which still converted the digital signals into analog audio waves – but did so without the awkward cradle and handset contraption, but by directly connecting the computer terminal to the telephone line itself. This improved transfer speeds significantly – first to 2400 bits per second, and then to 9600 bits per second. While still being considered extremely slow by today’s standards, dial-up modems allowed computer enthusiasts to remotely exchange information more efficiently than ever before, and greatly helped the spread of bulletin boards.
Yet the most significant constraint on Bulletin Board Systems wasn’t necessarily the information bandwidth – but the financial one. All these communications were taking place over commercial telephone lines, often across state lines and even international borders – and long distance calls were very expensive back then, up to several dollars per minute. This meant that the hobbyist who operated the bulletin boards – some of them were even minors still living with their parents – often racked up hefty monthly telephone bills. These financial pressures, coupled with a deep interest in computers and telecommunications, drove some of the operators and users of these boards to explore the option of manipulating the telephone system.
This was nothing new, of course: “Phreaking” – a combination of words “phone” and “freak” – was a well known scene in the 1970s. The phreakers, as they were called, manipulated the telephone system by reverse engineering the specific set of tones used to control the operation of the network. A well-known example of this was the 2600 hertz tone: a dial tone which signaled the telephone switch to initiate a long distance call. A phreaker named John Draper famously found out that a plastic whistle given out as a prize in Captain Crunch cereal boxes could create this specific frequency, and so a simple Captain Crunch whistle could make you the king of long-distance calls.
As telephone companies upgraded their systems in the early 1980s, these simple tricks died out – but the spirit of phreaking lived on. Several phreakers started to use computers and software to build more elaborate schemes and tried to gather information about the inner workings of telephone companies and their systems. They were still known as phreakers – but today, we’d call them hackers. It was in fact, the phenomenon of phreaking which gave birth to the very first hackers.
In 1989, a hacker using the handle Prophet hacked into the computers of telecommunications company BellSouth. Prophet was browsing through the company’s systems, looking at different files – and then laid eyes on the ultimate prize. It was a document with an exceptionally boring title: “BellSouth Control Office Administration of Enhanced 911 Services for Special Services and Major Account Centers”, usually shortened to E911. It was a comprehensive guide for the national emergency telephone system of the United States.
After getting copied by Prophet, this document – a helpful resource for many in the phreaking community – was published on an e-zine called Phrack, operating through a special bulletin board. Quickly, thousands of copies of the file were spread all across the United States.
When BellSouth found out about the hack in 1989 and informed the authorities – many law enforcement officials had enough. The rise in criminal hacking and phreaking activity distressed telephone companies – which put pressure on the U.S. government to act. Additionally, the U.S. government started to learn more about hacking and phreaking – with many officials fearing a new type of criminal activity they did not understand. They could tolerate phreaking in the civilian sphere, but they couldn’t let hackers and phreakers meddle with 911 numbers. Some people in the government feared that people would hack into 911 emergency numbers, damage the good efforts of law enforcement agents, hinder the ability to effectively respond to emergencies – and even endanger lives.
And so E991 became the casus belli of Operation Sundevil, named after the Sundevil football stadium of Arizona State University located just next to the local Secret Service headquarters. 150 Secret Service agents, accompanied by various squads of local police, raided houses where suspected criminal activity took place. Very few arrests took place during the operation since government agents weren’t looking for criminals – but for computers. Forty-two computers and 23,000 floppy discs were taken into police custody – leading to 25 different bulletin boards going dark at once. Many different hacking and phreaking tools, as well as illegal information, fell into the Secret Service’s hands.
Operation Sundevil got a lot of media attention. The press conference announcing the raids was reported across the nation, and signaled to the general public that the government was finally taking the necessary actions to stop this new and threatening crime.
But as time went by, more and more news organizations started reporting on the meagre yields of Operation Sundevil. By 1992, two years after the raid, only two hackers were charged as a result of the operation. Other cases were outright dismissed. As time went by, Operation Sundevil seemed less and less like a real action against criminal activity – and more and more a mere public relations stunt. It seems that the US government wanted to convey a stern message to hackers and phreakers: beware of crossing the red line between an innocent hobby – and a bonafide crime.
And indeed, the raids did have a significant psychological effect on many hackers. Up until that point, most computer crimes went unpunished, and even the rare cases that did end up in court culminated in suspended sentences or community service. In that sense, Operation Sundevil came out of the blue: an activity that was considered as recreational – suddenly became a priority for federal law enforcement agencies. Word quickly spread through bulletin boards – and many hackers feared they’d be among the next targets.
But there was another, less expected outcome to the operation. After all, as Newton said – every action has an equal and opposite reaction. And the equal and opposite reaction to Operation Sundevil was the birth of a new power in the cybersphere: the EFF.
The massive crackdown against hackers and phreakers across the United States drew the ire of several computer hobbyists, civil liberty activists and Silicon Valley businessmen. One of them, David Sobel of a group called Computer Professionals for Social Responsibility, said the following things to New Scientist in 1992:
“There was little justification for many of the raids…. The government confiscated equipment that had nothing to do with any crimes… Law enforcement officials sometimes overstate the dangers posed by hackers, who are often teenagers engaging in electronic vandalism rather than systematic fraud.”
Three activists enraged by the raids – entrepreneur Mitch Kapor, civil rights activist John Gilmore and John Perry Barlow – a poet and an occasional lyricist for the Grateful Dead – founded in July 1990, an organization called The Electronic Frontier Foundation. The group was also helped by Apple co-founder Steve Wozniak.
The Electronic Frontier Foundation was a new civil rights organization aimed at civil issues raised by ascendant technologies. It was not created as a legal defense fund for hackers and to this day is still not interested in helping scammers or malevolent criminals. Instead, the EFF wished to protect people when their digital rights were curtailed by the government for no legal reason.
The EFF’s first major case was that of Steve Jackson Games. An unlikely protagonist of the crackdown, Steve Jackson Games is a game publishing company based in Austin, Texas. The company was targeted in a government raid searching for the E911 document, and during the raid, all of its electronic equipment was taken into police custody. Despite the fact that no copies of the E911 document were found on the company’s computers, all of the content of the company’s bulletin boards was purposely deleted by government agents. As a result of that – and of the prolonged period of time the company’s computers were held by authorities – Steve Jackson Games suffered significant financial losses.
The EFF took part in the trial as an “amicus curiae’ – Latin for ‘friend of the court’: it assisted the court – really Steve Jackson Games- with relevant information and insight. Aided by the EFF, Steve Jackson Games sued the Secret Service and asked for damages. After a successful legal fight, the company was awarded 50,000 dollars in damages and 250,000 in attorney’s fees – while the judge on the case reprimanded the Secret Service and its actions during and after the raid.
The second major case for the EFF was the trial of Craig Neidorf – a.k.a Knight Lightning. Neidorf, then only 21, was the editor of Phrack – the e-zine where the E911 document was first published.
After the raids, Neidorf was arrested and charged – facing a maximum sentence of 31 years in jail. His trial was known as United States v. Riggs, named for his co-defendant – Robert Riggs, more famously known as Prophet, the hacker who stole the E911 file in the first place. Riggs pleaded guilty and agreed to serve 21 months in prison for the hack of BellSouth’s computers.
Early during the trial, authorities and BellSouth tried to make the case that the E911 document was a highly dangerous file. They claimed that it was worth many thousands of dollars, and that if the document fell into the wrong hands, it could wreak unspeakable havoc. In fact, the prosecution claimed that the E911 document was so dangerous that it shouldn’t even be revealed to the members of the jury in Neidorf’s trial. According to the prosecution, Neidorf was guilty of publishing a dangerous weapon online – and endangering lives.
But then the defence managed to bring one crucial piece of evidence into light: they revealed that BellSouth itself was selling copies of a very similar document, containing even more information as the E911 file, for… 13 dollars. “Look at it carefully and tell me if it doesn’t contain about twice as much detailed information about the E911 system of BellSouth than appeared anywhere in Phrack”, said Neidorf’s lawyer. If E911 was so dangerous – why was BellSouth selling it to anyone with 13 dollars to spare?…
And that was it. Four days after the trial began, the charges against Craig Neidorf were dropped – and he was once again a free man.
The cases of Steve Jackson Games and Craig Neidorf were the two most important legal battles deriving from the crackdown of hackers and phreakers. Despite the declarations of law enforcement officials after the Sundevil raids, both cases ended with defeats for the U.S. government – and no significant progress was made as a result of the raids.
But was the government wrong when it cracked down on activities hurting telecommunications businesses? Not necessarily. Sometimes, the line between an amateur hobbyist playing with a Captain Crunch whistle and a malicious hacker inflicting pain and damage on innocent victims, can be very thin. While the US government was wrong to target Steve Jackson Games and Craig Neidorf – Operation Sundevil did help to steer the public’s attention towards the rising threat of online crime. And as Bulletin Board Systems gave way to our modern internet, hacking and malicious cyber activity did, eventually, grow to become the threat that law officials warned about in the press conference after the operation.
Then again, justice is a delicate thing. A justifiable government operation can soon turn into a transgression that hurts innocent people like the owners and workers of Steve Jackson Games – while so-called “evil criminals” like Craig Neidorf can turn out to be much less dangerous than law enforcement initially claimed. Organizations like The Electronic Frontier Foundation work to protect defendants and prevent government transgressions in cases related to new technologies and the information age.
Operation Sundevil, then, serves to highlight the grey nature of the cyber world. From its birth to this very day – the cybersphere is a labyrinth where it is difficult to navigate between good intentions, malicious activity and the thousands of shades of grey in between.