Who Are These Crackers, Anyways?
Profile of a Cracker:
Crackers are typically young males in their early teens to late
twenties. They are often described as fast learners. A cracker
can often be described as "bored" with school and prefers
computers over schoolwork. In later life crackers can often find
employment in computer-related professions such as designing operating
systems (assuming they are not in jain for their criminal activities!).
The profiles of crackers contain several categories:
Disgruntled Employees--one of the most common types of
crackers. Many times employees for large corporations access more
information than they should or abuse their authority for other
and more personal reasons. Extreme cases include employees who
use computers to extort and blackmail.
Software developers--competition in the software world
is vicious. To stay on top, some individuals have resorted to
cracking (electronic industrial espionage and sabotage). Other
software developers crack their own systems to test them and improve
their ability to withstand outside cracking attempts.
Pranksters--young, adolescent males who think it's fun
to break into and look around in the phone company's computer
network or other computer systems. Most crackers start off as
pranksters before pursuing more infamous cracking careers. (Predominant--most
crackers are in it for the intellectual challenge, not to make
money or cause harm).
Professionals--crackers who work for money. These computer
mercenaries (link to thief motivation) are good at what they do
and seldom get caught.
Terrorists--conceivably, the electronic highways make ideal
targets for terrorists. Increased societal dependence on computers
just makes them all the more attractive. So far no crackers have
yet to be classified as digital terrorists. Terrorists may also
use viruses, worms, or physical destruction of networks to achieve
their ends.
Motives/Psychology Of A Cracker
There are many motivations for people to become crackers. Some
computer enthusiasts and crackers lead a certain lifestyle that
may predispose them to cracking. Crackers may often be socially
inadequate, but are otherwise intellectually capable people and
are often self-taught computer programmers. Crackers are predominately
adolescent males (ages ranging from the teens to the twenties);
teen angst and boredom are therefore powerful influences on cracking.
Other powerful motivations include being able to excercise computer
prowess, finding better ways to protect systems, revenge/vandalism,
electronic voyeurism, and an ideology of "information socialism",
where information is viewed as a public good which should not
to be "hoarded" by anyone.
Bill Landreth ,aka "The Cracker",
lists several motives and profiles for and of crackers. Most crackers
are in it for the intellectual challenge-- cracking is often a
game of wits where crackers must carefully cover their tracks
on user logs to avoid detection. Cracking a system presents a
great challenge with equally great risks, because detection may
ulitmately leads to arrest.
Landreth describes five categories of crackers, each with a different
motivation: the Novice, the Student, the Tourist, the Crasher,
and the Thief:
Novice:
Comparable to internet "newbies". These entry-level
crackers (usually ages 12 to 14) live off discarded or unused
accounts of former employees or older crackers. They often perceive
hacking as fun and mischievious: to them it is mostly play. The
novice crakcer gets bored quickly, logging off to play video games
or do homework. Novice crackers often make mistakes and are easily
drawn out of hiding by stern system operators or other programmers.
Student:
These crackers follow in the tradition of 1970's MIT students.
They share a great passion for computers and computer programming.
Their interest in unauthorized computer access is usually rather
benign, and they often form social networks to crack and study
systems. Students usually respect the programmers of the systems
they crack, and feed off the intellectual challenge of learning
about their targeted system. Students usually want to remain undetected
in a system and if possible will leave no sign of their passing
within the system. They try to find out as much information as
possible about the systems they crack. Later in life, they often
find employment as system operators.
Tourist:
Tourists are another type of mostly benign cracker. They often
feel the need to test themselves. Strong mathematical probability
skills and backgrounds may allow them to crack almost any system.
When they do crack a system and find nothing that is immediately
interesting, they tend to log off. (They don't obsess over systems
like students do). This type of cracker may not respect systems
as much as the student crackers. To tourists, systems are meant
to be broken into, not studied--their involvement with a system
ends after they break in. Tourists can be malignant when they
pass information on how to crack a particular system on to crashers
and thieves.
Crasher:
Crashers give all hackers a bad name. They seem to operate with
little or no logical purpose other than stroking their egos and
satisfying their need to boast by bringing systems to a crashing
halt. They usually have one main goal: to make themselves known
to their victims and peers. Crashers often adopt "tagging
names". (ie the Crasher, Phiber Optik, or Dark Dante). The
tag names allow everyone to know who was responsible for the damage
they caused while simultaneously keeping their real identities
a secret.
Theif:
This cracker is a true criminal. To get access to systems, thieves
may resort to blackmail or bribery to get the information needed
to breakk into computer systems. Theives usually profit off their
cracking activities. Theives are often involved with electronic
espionage and sabotage. They are also the most professional of
all crackers--they do real research before hitting a computer
system rather than relying on the stumbling "trial and error"
approaches of the other cracker types. Their targets are intentional,
not accidental. Theives are also the rarest type of cracker and
the hardest to apprehend (only an estimated 5 to 10 percent are
ever caught, because they are so good at what they do and at covering
their tracks).
Crackers In The Public's Eye:
(in no particular order)
Kevin Mitnick:
Kevin Mitnick is the epitome of all crackers. Kevin's personal
and social problems found a digital outlet at an early age. His
first run-ins with the law start at age 16 when a judge put him
on probation for stealing a Pacific Bell technical manual. He
spent his late teens in and out of trouble, emerging from a six
month stay in jail as an accomplished and professional cracker.
By 1988 (at the age of 25) Kevin broke into Digital Equipment's
computer network which got him arrested again by the FBI. This
timehe spent a year in jail. Kevin's probation officer tried to
rehabilitate him by enrolling him in a 12-step program to rid
him of his computer addiction. The program failed, and Kevin became
a fugitive after he was caught eavesdropping a Pacific Bell security
official's voice mail. His next mistake was to break into the
computer of Internet security expert Tsutomu Shimomura. Shimomura
tracked Mitnick across the country to to his apartment in Raliegh,
North Carolina. Kevin is now again behind bars. Mitnick's last
feat was his greatest because he stole Shimomura's utility programs
which might conceivably be used to crack systems: these were most
likely distributed on the Internet's Underground. (For Underground
websites try <http://www.2600.com>, or <http://www.digicrime.com>,
or <http://www.paranoia.com> ).
Mark "PhiberOptik" Abene:
Mark Abene started up his career as a cracker using only a $300
Radio Shack computer. A teenage dropout in Queens, New York he
acquired a self-taught education on-line. Although he denies it,
PhiberOptik is said to have hooked up with New York's Masters
Of Destruction, a group of crackers who once vowed to cripple
computer and internet security. His alleged involvement got him
under FBI investigation. In the summer of 1992, PhiberOptik and
four members of Masters Of Destruction were arrested for their
little phone antics (which included looking up David Duke's unlisted
phone number on-line). Abene pleaded guilty and was given the
longest and strictest sentence of any cracker in the Master's
Of Destruction: a year in federal prison. After incarceration
he found employment as a computer technician for ECHO, an on-line
New York salon (a system which, by the way, never crashes).
Donald Gene Burleson:
A disgruntled Texas employee upset over his termination held his
employer's computer system hostage. He copied and then deleted
168,000 of the company's sales commission records. When the company
used backup tapes to replace the missing files, he decided to
enact another form of revenge by crashing the system. He demanded
that he be hired as the company's new computer and computer security
consultant. The employer risked losing his system to have Burleson
arrested. Extortion and blackmail is very common among the crackers
Landreth classifies as thieves (link to motivation). It was very
easy to prove malice in this case: Burleson got fined $11,800
and sentenced to seven years probation.
The Milwaukee 414's:
A group of Milwaukee kids (whose phone number prefixes began with
414) started a cracking club and became cracking celebrities of
the early 1980's. The FBI eventually arrested the kids for computer
trespassing. The situation was complicated because they deleted
files to cover their tracks, and one of the erased files happened
to belong to a research group in the Sloan-Kettering Cancer Center
in New York. The 414's also cracked the computer system of the
Los Alamos Research Center where nuclear weapons are developed
and tested. The group leader's, Neal Patrick, got immunity for
giving evidence while the other six members received sentences
of probation. None of the 414's were sent to jail because they
were all minors.
The Tristen Case: The German 20:
A cracking club of young West German kids thought it would be
fun to break into American and NATO defense systems. Their fun
turned to crime and treason when they began to sell their stolen
files to the Soviet Union and other Warsaw Pact countries. Sentenced
to time in federal prisons, all of the German 20 also got off
with probation due to their young ages.
Bill Landreth:
Known as "the Cracker", Bill was a member of the Inner
Circle, an exclusive cracking club of the early 1980's. He began
cracking when he was fouteen and retired at the ripe old age of
18 when FBI agents busted him and the Inner Circle in 1983. By
then they had broken into computer systems of banks, newspapers,
schools, the phone company, and credit card bureaus. The Inner
Circle was indicted for computer fraud after they were caught
tapping into the GTE Telemail Computer Network in Vienna, Virginia.
Landreth was convicted and received three years probation. He
now has a job in computer security.
John "Captain Crunch" Draper:
Known as the father of all crackers, Draper was the first phone
phreak (link to ryan's how page--phreaking) in the public eye.
He used a toy whistle found in a box of Captain Crunch cereal
to simulate long-distance administrative call tones and to receive
free long distance phone calls. He was arrested repeatedly in
the 1970's for phone tampering. Draper would later perfect his
system with"blue boxes", electronic tone generators
which could reproduce most tones that the US telephone netework
used in its call-routing services.
Robert Tappan Morris:
In November of 1988, Robert Tappan Morris unleashed (however unintentionally)
into the world a program which became known as the Internet Worm. Due to a programming error made
by Morris, the worm managed to cripple the Internet for a period
of several days. By 1990, Robert was convicted and fined $10,000
(the maximum amount under then-current law). The Internet Worm
was the first case prosecuted under the Computer Fraud and Abuse
Act of 1986.The case
is important because it estbalished precedent that would help
to convict other crackers and virus programmers. Even though there
was no malice intended, Morris' act prevented many authorized
users from accessing their work on the Internet. The federal grand
jury found him responsible for the damage to productivity and
the economic costs of the breakdown caused by his runaway program
and convicted him.