Read Masters of Deception: The Gang That Ruled Cyberspace Online
Authors: Michele Slatalla,Michele Slatalla
Tags: #Computer security - New York (State) - New York, #Technology & Engineering, #Computer hackers, #Sociology, #Computer crimes - New York (State) - New York, #True Crime, #Social Science, #Computers, #New York, #General, #Computer crimes, #Computer hackers - New York (State) - New York, #Political Science, #Gangs - New York (State) - New York, #Computer security, #Security, #New York (State), #Gangs
And he would.
On this morning in 1989, Kaiser arrived early at his twenty-third-floor office in New York Telephone's headquarters building, smack in the center of one of midtown Manhattan's most spectacular intersections, Forty-second Street and Sixth Avenue. He glances out the window at the river of traffic that cuts north up toward Central Park, and then logs on to his computer. Kaiser doesn't waste time. He wants to see what his hacker was up to last night.
Columns of numbers fill Kaiser's screen, a record of all the phone calls that a certain young man in the Bronx known as The Technician made during the past twelve hours. Many of the numbers are familiar to Kaiser by now and are harmless.
But one of his chores is to chase down the numbers he doesn't recognize. This morning, he sees one.
By its prefix, he knows it's an internal New York Telephone number. Quickly, he punches it into another database, which lists every assigned telephone number in the New York region. The screen flashes: NEW YORK TELEPHONE CO DIAL HUB
The words dial hub mean nothing to him. He calls the number, and a modem answers. This is definitely not good.
Luckily, the one person in the world who can tell Kaiser how bad the situation is has just arrived at his office. Kaiser calls him.
"Hey, Fred, " Kaiser says to his partner. The hacker has hit a new number. He reads it off, then asks, "What's a dial hub?"
Fred Staples is incredulous. "They were in our dial hub?"
"Yeah, what's a dial hub?"
"Aw shit, " says Staples.
"What?"
"How long was the call?" asks Staples.
"About a half-hour. " "Aw shit. "
For Tom Kaiser, the whole mess had started with an anonymous letter he got by way of AT&T.
Somebody had sent the long-distance carrier a single sheet of computer printout paper. Just a couple of paragraphs, no date.
The letter was sent a few months ago, back in November of 1988. The letter said some kid in the Bronx The
Technician
was getting himself into trouble, hacking into telco switches and God knows what else. Kaiser got a lot of anonymous letters. Usually these turned out to be from some landlord who wanted to use a pending phone company investigation as an excuse to evict a tenant. This letter, though, had been sent by someone who clearly cared for the kid in the Bronx. It had a stop-him-before-he-hurts-himself tone. (Kaiser would always suspect it had been written by a relative. )
The first thing he'd done when he got the letter, the first thing he always did, was to pull up the subject's billing records.
And he got a surprise.
The kid was calling AT&T switches, from his home, making no attempt to disguise his trespass.
Up went the DNR on the kid's phone line. The black box was no bigger than an old-fashioned adding machine. It spewed out old-fashioned paper tape, too, making a reassuring clack-clacking sound all day and all night long. An old-fashioned machine to catch newfangled criminals. Over the years, Kaiser had become familiar with the noise; he could hear it from across the hall, and whenever he was on a particularly hot case
a hostage standoff, say
he would bolt from his seat at
the sound of it. It is the same kind of device police agencies use in drug investigations. Unlike the police, however, phone companies don't need a court order to install a DNR on someone's line. That's because the phone company owns the line, and by federal statute has the right to monitor its property.
AT&T's problem with the Bronx hacker had become New York Telephone's problem in early 1989, because one morning when Kaiser was reviewing the night's activity, he found that the Bronx kid had called New York Telephone computers.
Now, this was something new. Kaiser knew all about toll fraud, of course, because for years he had been tracking people who stole phone calling card numbers. But in 1989, it was a relatively infrequent phenomenon to have people breaking into the phone company's computers. Kaiser had never before needed to become an expert in the internal workings of the phone company's own system. So he needed someone who was an expert.
Coincidence saved him. (Kaiser is the first to point out that coincidence has long played a serendipitous role in his career.
) The day Kaiser needed to know about New York Telephone's own system, it so happened that an expert named Fred Staples was in the office. Staples was replacing the old clack-clacking DNRs with new equipment computer DNRs to
track computer criminals. Nobody knew more about the phone company's computer security than Staples.
They didn't know it then, but with this hacker case, Kaiser and Staples were going to be in each other's faces for the next few months, like a middle-aged married couple
though they looked more like the Odd Couple. Kaiser is tall and thin and silver-haired, and Staples is shorter, dark-haired, and built like a pit bull. Kaiser's eyes smile and welcome you, reflecting his early years spent in customer service. Staples's eyes bore into you and analyze.
Staples was an engineer and spent all his time building hardware and software for the phone company. He was New York Telephone's main defense against hackers, and it was his job to make sure that what he built was secure. If an unauthorized user broke in to the system, Staples took it personally. It was his system.
Kaiser and Staples soon noticed an unusual pattern in the phone calls The Technician made from his Bronx home. First, the hacker would call a phone company computer, stay connected for ten or fifteen minutes, then log out. Next, he would call a certain phone number in Queens. Then he would call back the computer for ten or fifteen minutes. Then the number in Queens. Then the computer. Then Queens.
They pulled the billing records on the Queens number and learned that it was assigned to the residence of Charles Abene.
Kaiser and Staples concluded that someone at the Abene residence must be coaching The Technician. Whenever the Bronx hacker got stuck in the phone company computer, he'd log out and call the Abene residence for assistance, then try the computer again. All night long.
Kaiser got the chill.
He was familiar with the part of Queens where the Abenes live, a neighborhood near Roosevelt Avenue in Jackson Heights. Law enforcement agencies often presented the phone company with court orders for DNRs and wiretaps on the phones of suspected drug dealers in that neighborhood. Kaiser had no idea who was on the phone at the Abene residence. He had no idea it was a skinny kid with a dog-eared copy of The Hobbit on his bookshelf. For all Kaiser knew, it could have been some narco terrorists from the Cali cartel who had the run of New York Telephone's internal phone system. They could knock out phone service to the entire Northeast if they knew what they were doing. And imagine what they could do if they didn't know what they were doing.
So now The Technician had gotten into a dial hub. Probably with the help of his friend, Abene.
A dial hub is supposed to be one of the most secure entry points into the whole New York Telephone computer system. In 1989, it was a brand-new technology that the phone company was installing, so new that its name, at least, was unknown to most of the people who worked for the phone company. The hub was a way to keep intruders out of the system even as authorized employees could connect from home. It was a first line of defense and you could only get in if you knew the right ten-digit password. Every single one of New York Telephone's thousands of employees had a personalized ten-digit number.
Once you got into the dial hub it became, simply, a subway system that you could ride to any destination within the New York Telephone Company system. Technically, the hub was a pool of modems. The modems were like trains, waiting for passengers to board them. Next stop MIZAR. All aboard for PREMLAC. COSMOS, last stop. If someone without a token tried to board, the dial hub would disconnect the unauthorized user.
But during the night, The Technician had gotten hold of a token. And for half an hour, who knew where he'd ridden? At each stop, you needed another password to enter a specific system. But the DNR had no way of tracking a rider once he passed through the dial hub's turnstile.
Kaiser asked Staples what the hacker could have been looking for. Staples didn't want to consider the possibilities, but he had to.
"I don't think there's any computer worth mentioning that we own that's not accessible through there, " Staples said.
What were some of the stops on the subway? Computers that were used to provision new services. Computers that were used to maintain phone company buildings and plants. Computers that detailed work schedules for every employee and every job. And that was just the administrative stuff. Beyond that, the hackers could enter every switch in the New York Telephone region.
Staples hung up the phone in his office two blocks north, where his window faced Kaiser's. They could have waved to each other if they'd thought of it. They never had.
Staples came right over to Kaiser's office and within an hour he and Kaiser met with Kaiser's boss. They laid out the whole thing: We think we may have something big here. It's something bigger and broader than anything we've encountered before.
This is the moment when the case transformed itself. The day before it had been a case like others in the past, a case of one intruder, a case where only one switch one isolated point in the network
was hit. Today, at least two interlopers
were involved, and they could be anywhere in the system. The number of perpetrators had doubled overnight, causing the case to grow geometrically. Today, the lawmen were fighting a network of intruders. Today, they were facing a conspiracy.
Kaiser's boss agreed. It was time to broaden the investigation.
Up went another DNR, this time on Abene's phone.
Staples told Kaiser how to watch over the hackers' shoulders even after the DNR lost track of them in the system. Staples told Kaiser which administrators were responsible for monitoring the breached computers, and then how to notify the administrators each time the hackers log in. The administrators often could reconstruct, from their audit logs, all the commands that the hackers used to move around in the system. That way, if the worst should happen, someone would be able to work backward to fix the problem.
When New York Telephone's union employees went on strike in August, Staples's strike assignment was to move down to the desk next to Kaiser's. It was close quarters in Kaiser's office, which except for the spectacular view looked perfectly ordinary with its Max Headroom coffee mug and standard-issue bookshelves spilling arcane technical manuals, just like any other sugar cube of a workspace in rnidtown Manhattan. With all the high-tech activity, you'd expect to see something like the war room of the National Security Council. You'd certainly expect to see something with more bells and whistles than Kaiser's ancient black computer terminal, so clunky it could have been manufactured in Russia. The walls of the office were dirty white, or maybe clean gray. Two battered metal desks sat in a space so tight that their edges almost touched a space that, come to think of it, wasn't any bigger than Mark Abene's bedroom. But it was the antithesis of Mark's bedroom.
Kaiser and Staples got along well. Both were life-long members of the phone company family, workers who got their first entry-level job with New York Telephone in the late 1960s, back when the phone company was expanding every day and career opportunities seemed limitless. Back then, AT&T owned the whole phone system, including New York Telephone, and it was easy to get a job.
Kaiser was one of the first males hired to handle customer complaints in AT&T's downtown office at 195 Broadway. He worked his way up to management, and in the 1980s was transferred first to the regulatory department, which dealt with companywide complaints, and then to the toll-fraud department.
As a young man, Staples had worked as a stagehand, fitting together pieces of scenery like so many pieces of a puzzle.
He'd always liked to build, had always seen the world as being divided into units that could be assembled. The phone company hired him as a communications serviceman in the late 1960s, when rapid expansion had overwhelmed AT&T's mechanical capabilities. Customers complained about bad service. Staples learned to repair teletype machines. As the phone system changed, and grew, so did Staples.
Around the same time that the boys in Eli's room were crashing the Anarchy system, the DNRs were leading Kaiser and Staples to two more phone lines. By now, the pattern was familiar. By now, it was not such a shock to learn that there was a whole group of trespassers out there. By now, the lawmen had gotten used to a word: conspiracy.
The two new phone numbers were ones that Abene dialed frequently, repeatedly, in between calls to phone company computers. So now the black box watched the lines of Elias Ladopoulos and Mrs. Jean Stira as well. You wouldn't believe the stuff that was turning up on the morning logs. Dial hubs were the least of it. The Technician had turned into small fry, bait to catch bigger fish. Kaiser and Staples feared they might be dealing with a widespread threat to their network's security, that there was nowhere the hackers couldn't and wouldn't go.
During the strike, Kaiser and Staples worked eighteen hours a day, seven days a week on the hacker case. Staples sat by the window, chain-smoking Marlboros, trying to get inside the hackers' heads.
The situation was quite impossible. The hackers were probably kids, just like The Technician. But maybe not, maybe they were drug dealers. Should Kaiser and Staples shut down the hackers now, just block their access to the phone computers? Of course, if they did that, they wouldn't know how far the intruders had gotten, nor what they were after. But if Kaiser and Staples allowed the hackers to continue, couldn't some awful consequence result? What if the hackers crashed a system? It was kind of like having a tarantula crawl up your leg. If you shook it off too fast, it would escape into the wall. But if you waited too long, you got bitten.
They wanted help from law enforcement. They wanted to send a message that hacking the phone system was not the touchy-feely thing it was back in the 1960s when Joe Hacker would get a friendly "wakeup" call from the phone company, a polite warning. Too much was at stake now. You'd hit the wrong key, and oops, there went phone service to Wall Street.