TERROR ON THE INTERNET


Date: Mon, 5 Dec 1994 22:36:59 -0500
From: farber@central.cis.upenn.edu (David Farber)
Subject: Bit of Info From Time

TECHNOLOGY

TERROR ON THE INTERNET

A pair of electronic mail bombings underscores the fragility of the world's
largest computer network

BY PHILIP ELMER-DEWITT

Thanksgiving weekend was quiet in the Long Island, New York, home of Michelle
Slatalla and Josh Quittner. Too quiet. The phone didn't ring all weekend --
which is unusual for a pair of working journalists. Nor did they hear the
familiar beep of electronic mail arriving from the Internet, although
Quittner tried several times to log on. It wasn't until their tenant
complained about a strange message on their answering machine that the couple
investigated and discovered all was not well in their electronic cocoon.

''We'd been hacked,'' says Quittner, who writes about computers -- and
hackers -- for the newspaper Newsday, and will start writing for TIME in
January. Not only had someone jammed his Internet mailbox with thousands of
unwanted pieces of E-mail, finally shutting down his Internet access
altogether, but the couple's telephone had been reprogrammed to forward
incoming calls to an out-of-state number, where friends and relatives heard a
recorded greeting laced with obscenities. ''What's really strange,'' says
Quittner, ''is that nobody who phoned -- including my editor and my mother --
thought anything of it. They just left their messages and hung up.''

It gets stranger. In order to send Quittner that mail bomb -- the electronic
equivalent of dumping a truckload of garbage on a neighbor's front lawn --
someone, operating by remote control, had broken into computers at IBM,
Sprint and a small Internet service provider called the Pipeline, seized
command of the machines at the supervisory -- or ''root'' -- level, and
installed a program that fired off E-mail messages every few seconds. Adding
intrigue to insult, the message turned out to be a manifesto that railed
against ''capitalist pig'' corporations and accused those companies of
turning the Internet into an ''overflowing cesspool of greed.'' It was signed
by something called the Internet Liberation Front, and it ended like this:
''Just a friendly warning corporate America; we have already stolen your
proprietary source code. We have already pillaged your million dollar
research data. And if you would like to avoid financial ruin, get the
((expletive deleted)) out of Dodge. Happy Thanksgiving Day turkeys.''

It read like an Internet nightmare come true, a poison arrow designed to
strike fear in the heart of all the corporate information managers who had
hooked their companies up to the information superhighway only to discover
that they may have opened the gate to trespassers. Is the I.L.F. for real? Is
there really a terrorist group intent on bringing the world's largest
computer network to its knees?

The Net is certainly vulnerable to attack. Last April a pair of
publicity-hungry lawyers deluged more than 5,000 Usenet newsgroups with an
unsolicited promotional mailing, triggering a flood of angry E-mail massive
enough to knock them off the Net. A few years earlier a single ''worm''
program, designed by a Cornell student to explore the network, multiplied out
of control and brought hundreds of computer systems to a halt.

Since then the Internet has become, if anything, an even more tempting
target. According to the Pittsburgh-based Computer Emergency Response Team,
which fields complaints from systems operators, hardly a day goes by without
a computer assault of one sort or another -- from filching passwords to
trying to crack military files. In the first nine months of 1994, CERT logged
1,517 incidents -- up more than 75% from 1993 -- some of them involving
networks that link tens of thousands of machines. Two weeks ago, someone
infiltrated General Electric's Internet link, forcing the company to pull
itself off the network while it revamped its security system. ''Every morning
we find marks from people trying to pry open the firewall,'' says Michael
Wolff, author of the Net Guide book series and founder of a small Internet
service called Your Personal Network.

Firewalls, for those not familiar with the jargon of electronic security, are
computers that act like the guards in a corporation's front lobby. They are
supposed to keep the tens of millions of people with Internet access from
also having access to the company's internal computer system, where precious
corporate assets may be stored. Firewalls typically use passwords,keys,
alarms and other devices to lock out intruders. But though such obstacles are
an essential feature of any well-designed security system, experts warn that
the technology of firewalls is still in its infancy. ''There is no such thing
as absolute security,'' says Steven Bellovin, co-author of Firewalls and
Internet Security. ''There is only relative risk.''

And what about the folks on the receiving end of a mail bomb? ''That's a
tough one,'' says Vinton Cerf, an MCI executive who helped design the
Internet in the late '60s. ''If you knew who was sending you the mail, you
could install a filter to throw it away. But trying to discard thousands of
messages when you don't know where they're coming from just isn't possible.''

The Internet was built to be an open and cooperative system. That's its
strength -- and its weakness. ''It's a fragile environment,'' says Pipeline
founder James Gleick. ''There's no cleverness in breaking a system like
Pipeline. We're not MCI. We're exactly the kind of small-scale operation that
gives the Internet its vitality and richness.''

That's what is so odd about the so-called Internet Liberation Front. While it
claims to hate the ''big boys'' of the telecommunications industry and their
dread firewalls, the group's targets include a pair of journalists and a
small, regional Internet provider. ''It doesn't make any sense to me,'' says
Gene Spafford, a computer-security expert at Purdue University. ''I'm more
inclined to think it's a grudge against Josh Quittner.''

That is probably what it was. Quittner and Slatalla had just finished a book
about the rivalry between a gang of computer hackers called the Masters of
Deception and their archenemies, the Legion of Doom -- an excerpt of which
appears in the current issue of Wired magazine. And as it turns out, Wired
was mail-bombed the same day Quittner was -- with some 3,000 copies of the
same nasty message from the I.L.F. Speculation on the Net at week's end was
that the attacks may have been the work of the Masters of Deception -- some
of whom have actually served prison time for vandalizing the computers and
telephone systems of people who offend them. But given the layers of intrigue
and deception in the hacker wars, that could just as easily be disinformation
broadcast to distract attention from a rival gang -- or even a gang wannabe.
It almost doesn't matter. Like many terrorist acts, this one seems to have
backfired. The Internet today feels a little less ''liberated,'' a lot less
safe, and even more likely to be sectioned off with those firewalls the
I.L.F. seemed so intent on destroying.

Copyright 1994 Time Inc. All rights reserved.

Transmitted:  94-12-04 12:11:01 EST


Last updated 94/12/06 J.A.N. Lee