INTERNET HACKERS BREACH SECURITY

downloaded from:
http://www-swiss.ai.mit.edu/6095/articles/computer-crime/livermore-porn.txt
94/11/04

This article appeared in the San Jose Mercury News on Tuesday, July 12.

INTERNET HACKERS BREACH SECURITY

Hard-core porn stored on Livermore Lab's computers

by Adam S. Bauman
Los Angeles Times

   Dramatically illustrating the security problems posed by the rapid
growth of the Internet computer network, Lawrence Livermore National
Laboratory, one of the nation's three nuclear weapons labs, confirmed
Monday that hackers were using its computers to store and distribute
hard-core pornography.
   Embarrassed officials at the lab in Livermore, which conducts a great
deal of classified research and has highly sophisticated security
procedures, said the incident was among the most serious breaches of
computer security ever at the lab.
   The offending computer, which was shut down after a Los Angeles Times
reporter investigating Internet hacking alerted lab officials, contained
more than 1,000 pornographic images. It was believed to be the largest
cache of illegal hard-core pornography ever found on a computer network.
   While hackers once devoted their efforts to disrupting computer systems
at large organizations or stealing electronic information, they have now
developed ways of seizing control of Internet-linked computers and using
them to store and distribute pornography, stolen computer software, and
other illicit information.
   The Internet, a "network of networks" originally designed to connect
computers at universities and government research labs, has grown
dramatically in size and technical sophistication in recent years. It is
now used by many businesses and individual computer users and is often
viewed as the prototype for the "information superhighway" of the future.

Illegal traffic

   But the Internet has an underside, where "pirates" with pseudonyms like
"Mr. Smut," "Acidflux," and "The Cowboy" traffic in illegal or illegally
obtained electronic information. The structure of the Internet means that
such pirates can carry out their crimes from almost anywhere in the world,
and tracing them is nearly impossible.
   Late last week, the FBI confirmed it was investigating software piracy
on the Internet. A Times reporter discovered a number of sites at
prestigious institutions that were being used to distribute stolen
software, including one in the office of the president of the University of
California, Berkeley, and another at Lawrence Berkeley National Laboratory.
   Pirates also have their own "chat" lines, a series of channels within a
service called the Internet Relay Chat. An elaborate pecking order
determines who will be allowed to take part in these conversations --
newcomers can often wangle their way in if they have a particularly hot
piece of software to offer.

FBI notified

   Sandy Merola, deputy director of Information and Computing at the
Berkeley lab, said the pirate site was shut down after the Times
investigation revealed its existence. Merola said the Department of Energy,
which oversees lab operations, and the FBI had been notified of the
incident.
   At Lawrence Livermore, officials said Monday that they believed at least
one lab employee was involved in the pornography ring, along with an
undetermined number of outside collaborators. Chuck Cole, deputy associate
director of computing at the lab, said that nearly 2,000 megabytes of
unauthorized graphical images have been found in a Livermore computer, and
he confirmed that they were pornographic.
   The employee has been placed on "investigatory leave" and his or her
security badge was confiscated while an investigation is under way, the lab
said. It was unclear whether the pornographic images were being sold or how
many people had gained access to them. The pictures were sufficiently
graphic that they probably would be considered obscene by the courts, and
transmitting them over the Internet would be illegal.
   The mass amount of storage capacity used in the Livermore scheme shows
how Internet hacking could be quite profitable. Seizing control of large
and sophisticated computer systems at universities or government
laboratories can save unscrupulous entrepreneurs large sums of money.
   There were indications that the person operating the pornography data
base had become aware of possible scrutiny. On June 27, a message left in a
file labelled READ ME!!! said, "It appears that news about this site has
escaped. In the past two weeks, I have had 27 unauthorized hosts attempt to
access my server. This does not give me a warm-fuzzy feeling. I would hate
to have to shut this down, but I may have no choice."

Espionage suggested

   One computer expert, who requested anonymity, said there might be more
to this incident than meets the eye. The expert suggested that the
hard-core pornography may be a cover for an ultra-sophisticated espionage
program, in which a "sniffer" program combs through other Livermore
computers, encodes the passwords and computer accounts it finds and then
hides them within the pornographic images, perhaps to be downloaded later
by foreign agents.
   But Cole said there was no possibility of a computer intruder's gaining
access to classified data at Livermore.
   The Software Publishers' Association, a trade association representing
major software manufacturers, has made software piracy on the Internet a
major priority. Peter Beruk, SPA's litigation manager, said: "We are
currently tracking over 1,600 pirate sites on the Internet in a joint
investigation with the FBI. It is a very serious and costly program."


Last updated 94/11/04
© J.A.N. Lee, 1994