>>> Continued from previous message
The Internet automatically brought hackers to the very gates of the
Pentagon's most secret files - and it could not be policed, as it had
been deliberately set up without controls to ensure ease of access for
nuclear survivors.
According to official American figures, the Pentagon's military
computers are now suffering cyber attacks at the rate of 250,000 a year
and it is retaliating with a $3.6 billion programme of computer
protection to key systems.
THE attacks by Datastream Cowboy and Kuji were the opening shots in
this barrage, and the Pentagon generals insisted that they had to be
found and put out of action. It would have been relatively simple to
shut them out of the Pentagon network, but they would survive to attack
again - and their identities and the information they had already
stolen would have remained unknown. The American cyber agents were
ordered to continue chasing them through the electronic maze.
But how? They used a process called "fingering" in which they tried to
detect every computer that Datastream Cowboy had used as stepping
stones before attacking them. A computer on the Internet gives its own
address in the first few bytes of any communication and the agents
tried to trace Datastream Cowboy's path backwards. The process can
often be hit and miss because of the vast amount of traffic on the
Internet and the hacker's path was simply too long and circuitous to
follow to its end. The agents almost gave up hope. Then old-fashioned
police work was brought to bear. In the cyber age, where do hackers
hang out? On the Internet, of course. They "chat" with each other
through their screens.
The agents had informants who cruised the Internet and one of these
made the breakthrough. He found that Datastream Cowboy hung out at
Cyberspace, an Internet "service provider" based in Seattle. Moreover,
he was a particularly chatty individual who was eager to engage other
hackers in e-mail conversation. Naive, too. Before long, the informant
had established that Datastream Cowboy lived in the United Kingdom. He
even gave out his home telephone number.
Jubilant, a senior AFOSI agent contacted the computer crime unit in
Scotland Yard for assistance. Datastream Cowboy's number was traced to
a house in a cul-de-sac in Colindale, part of the anonymous north
London suburbs. In cold war days it would have been a classic address
for a spy's hideaway.
Telephone line checks revealed that the hacker was first dialling into
Bogota, the Colombian capital, and then using a free phone line from
there to hack his way into the sensitive military sites.
American agents flew to London and staked out the address with British
police officers. Detectives were cautious, however, about making an
immediate arrest because they wanted Datastream Cowboy to be online
when they entered the house, so that he would be caught in the act.
At 8pm on May 12, 1994, four unmarked cars were parked outside the
Colindale house. Inside one of them, a detective's mobile phone rang.
An agent from the Rome Laboratory was on the other end: Datastream
Cowboy was online. Officers made a second call to British Telecom in
Milton Keynes and established that a free phone call was being made to
South America.
Posing as a courier, one of the officers knocked on the door. As it was
opened by a middle-aged man, eight policemen silently appeared and
swept into the house. The officers quietly searched the downstairs and
first floor. Then, creeping up the stairs to a loft- room, they saw a
teenager hunched in his chair tapping frantically away on the keyboard
of his Pounds 700 PC World computer. They had found Datastream Cowboy.
One of the detectives walked up silently behind the young suspect and
gently removed his hands from the computer.
For 16-year-old Richard Pryce, a music student, it was the shock of his
life. He looked at the policemen as they prepared to arrest him and
collapsed on the floor in tears.
"They thought they were going to find a super-criminal and they just
found me, a teenager playing around on his computer," says Pryce now.
"My mother had noticed people sitting outside our house for a few days
beforehand, but I didn't think much of it. I never thought I would get
caught and it was very disturbing when I did.
"It had just been a game or a challenge from which I had got a real
buzz. It was unbelievable because the computers were so easy to hack,
like painting by numbers."
Pryce, who was then a pupil at The Purcell School in Harrow, Middlesex,
was arrested at his home but released on police bail the same evening.
Five stolen files, including a battle simulation program, were
discovered on the hard disk of his computer. Another stolen file, which
dealt with artificial intelligence and the American Air Order of
Battle, was too large to fit on to his desktop computer. So he had
placed it in his own storage space at an Internet service provider that
he used in New York, accessing it with a personal password.
During the subsequent police interviews, one pressing question remained
unanswered: who was Kuji? Pryce claimed he had only talked with his
hacking mentor on the Internet and did not know where he lived.
American investigators regarded Kuji as a far more sophisticated hacker
than Datastream. He would only stay on a telephone for a short time,
not long enough to be traced successfully. "Kuji assisted and mentored
Datastream and in return received from Datastream stolen
information...Nobody knows what Kuji did with this information or why
it was being collected," agents reported.
Mark Morris, who was then a detective sergeant with Scotland Yard's
computer crime unit, was one of the investigating officers on the case.
"It was awesome that Pryce, who was just one teenager with a computer,
could cause so much havoc, but the greater worry in the US was about
Kuji," says Morris. "The fear was that he could be a spy working for a
hostile foreign power. The job was then to find him."
Pryce did give detectives one telephone number, but it was a red
herring: a school library in Surrey. During the next two years of
compiling evidence in Britain and America in the case against Pryce,
British detectives and American agents failed to turn up any evidence
that might lead to Kuji.
Their break finally came in June 1996 when the computer crime unit
decided to sift once again through the mass of information on the hard
disk of Pryce's computer.
Morris took on the job. "I was at home with my laptop and went through
every bit of that hard disk, which was a huge task." It took him three
weeks. If all the files had been printed out they would have filled 40
filing cabinets.
At last he found what he wanted. "At the bottom of a file in the DOS
directory I saw the name Kuji. Next to the name was a telephone number.
Pryce might not have even known it was on his system because he
downloaded so much information."
For American agents hoping to catch a superspy, Kuji's telephone number
was a grave disappointment. He was based in Cardiff. A team of officers
drove up to his address, a terraced house, and finally discovered
Kuji's identity. He was 21-year-old Mathew Bevan, a soft- spoken
computer worker with a fascination for science fiction. His bedroom
wall was covered with posters from The X Files and one of his consuming
interests was the Roswell incident, the alleged crash of a UFO near
Roswell, New Mexico, in July 1947. He was arrested on June 21, 1996, at
the offices of Admiral Insurance where he worked.
"I would never have been caught if it wasn't for Pryce and even then
they took two years to find me," Bevan says now. "And the only reason
Pryce got caught was that he gave his number to a secret service
informant."
>>> Continued to next message
 * SLMR 2.1a * If you were a REAL man, you wouldn't need that parachute!
--- FMail 1.22
---------------