Cuckoo's Egg
Page 36
What really happened? Here’s my estimate, based on interviews, police reports, newspaper accounts, and messages from German computer programmers.
I’d been chasing a shadow. Now I could sketch a portrait.
* * *
In the early ’80s, the Bundespost expanded the German telephone service to include data networking. Their Datex service got off to a slow start, but by 1985 businesses and universities began subscribing. It was a convenient, if not cheap, way to interconnect computers spread across Germany.
As everywhere, students started to exploit this service. First, discovering flaws in the system’s protections; later, finding ways to connect abroad through the network. The Bundespost had its hands full in starting up Datex, and pretty much ignored these hackers.
A dozen hackers started the Chaos Computer Club, whose members specialize in creating viruses, breaking into computers, and serving as a computer counterculture. Some are cyberpunks; a few are extremely proficient in computing, others little more than novices. Through electronic bulletin boards and telephone links, they anonymously exchanged phone numbers of hacked computers, as well as stolen passwords and credit cards.
Markus Hess knew of the Chaos Club, although he was never a central figure there. Rather, he kept his distance as a free-lance hacker. During the day, he worked at a small software firm in downtown Hannover.
Over a crackling phone connection, Jochen Sperber said, “You see, Hess knew Hagbard, who kept in touch with other hackers in Germany, like Pengo and Bresinsky. Hagbard is a pseudonym, of course. His real name is …”
Hagbard. I’d heard that name before. After I hung up the phone, I searched my logbook for Hagbard. There he was—he’d broken into Fermilab and Stanford. Yet I’d seen it elsewhere. I searched databases at school and asked friends. Not a peep. For the next three days, I asked every person I met, in hopes that it might ring a bell with someone.
At last, at a Berkeley bookstore, the woman behind the counter said, “Why sure. Hagbard is the hero of the Illuminati books.” It’s a series of science fiction novels, about an international conspiracy that controls the world. The Illuminati run—and ruin—everything. Against this age-old secret cult, Hagbard leads a small band of anarchists.
So Hess’s compatriot runs under the alias of Hagbard. He must really believe that there’s a conspiracy out there. And he probably feels that I’m one of the secret Illuminati—out to suppress the good guys!
Maybe he’s right. A couple of my radical friends would agree with him. But I sure don’t know any secrets.
Well, Hagbard worked closely with Markus Hess. The two drank beers together at Hannover bars, and spent evenings behind Hess’s computer.
Who’s Hagbard? According to the German magazine Der Spiegel, Hagbard—Karl Koch—was a twenty-three-year-old programmer who needed money to support a stiff cocaine habit, not to mention monthly telephone bills for overseas hacking adventures.
During 1986, some hackers from Berlin and Hannover discussed (over alcohol and drugs) how to raise some money.
Pengo—real name Hans Huebner—was an accomplished eighteen-year old programmer who claimed to be in it for the pure technical challenge. He was bored with those computers that he had legal access to, so he started breaking into systems via the international networks. In a message posted to a bulletin board, Pengo said that he was involved with “a circle of persons who tried to make deals with an eastern secret service.”
Why? Since the software on the systems that he had legal access to “didn’t turn me on anymore, I enjoyed the lax security of the systems I had access to by using [international] networks.” Computing had become an addiction for Pengo.
But why sell the information to the Soviet bloc agents? According to Der Spiegel, he needed money to invest in his computing company. So Pengo got together with a couple others in West Berlin. One of them, Dirk Brezinski, is a programmer and troubleshooter for the German computer firm Siemens. Another, Peter Carl, also in Berlin, is a former croupier who “always had enough cocaine.”
These five worked together to discover new ways to break into computers, exploring military networks and sharpening their skills at cracking operating systems. Pengo specialized in Digital’s Vax VMS operating system and frequently talked with Hagbard.
Pengo had no scruples about selling information to Soviet bloc agents. He saw himself as ethically neutral—he didn’t want to give the Russians any advantage; he just wanted to have fun on the networks.
And pick up some cash along the way.
Hess, too, just played around the networks, searching for ways to connect around the world. He’d dropped out of the University of Hagen, where he didn’t quite finish a degree in mathematics and physics. (Physics? If only he’d known!)
At first, Hess apparently just played around the networks, searching for ways to connect around the world. Like a ham radio operator, he started out a hobbyist, trying to reach as far away as possible. At first, he managed to connect to Karlsruhe; later he reached Bremen over the Datex network.
Soon, he discovered that many system managers hadn’t locked their backdoors. Usually these were university computers, but Markus Hess began to wonder: how many other systems were wide open? What other ways could you sneak into computers?
In early 1986, Hagbard and Pengo were routinely breaking into computers in North America: mostly high-energy physics labs, but a few NASA sites as well. Hagbard described his exploits to Hess.
The challenge was there. Hess began to explore outside of Germany. But he no longer cared about universities and physics labs—he wanted real excitement. Hess and Hagbard would target the military.
The leaders of the Chaos Computer Club had issued a warning to their members: “Never penetrate a military computer. The security people on the other side will be playing a game with you—almost like chess. Remember that they’ve practiced this game for centuries.” Markus Hess wasn’t listening.
Hess found his way into an unprotected computer belonging to a German subsidiary of the U.S. defense contractor, Mitre. Once inside that system, he could have discovered detailed instructions to link into Mitre’s computers in Bedford, Massachusetts, and McLean, Virginia.
Why not? The system was wide open, and let him call anywhere in America.
By summer 1986, Hess and Hagbard were operating separately, but frequently comparing notes. They collaborated in methodically twisting all doorknobs as they walked down the streets of the military networks.
Meanwhile, Hess worked in Hannover programming Vax computers and managing several systems. His supervisor knew of Hess’s moonlighting and approved: his exploits apparently fitted in well with their general business plans (even now, I wonder what those could have been!).
Hess soon expanded his beachhead at Mitre. He explored their system internally, then sent out tentacles into other American computers. He collected telephone numbers and network addresses, and methodically attacked these systems. On August 20, he struck Lawrence Berkeley Lab.
Even then, Hess was only fooling around. He’d realized that he was privy to secrets, both industrial and national, but kept his mouth shut. Then, around the end of September, in a smoky Hannover beer garden, he described his latest exploit to Hagbard.
You can’t make money by breaking into universities and colleges. Who’s interested in data from physics labs, other than a few grad students?
But military bases and defense contractors? Hagbard smelled money.
And Hagbard sensed who to contact: Pengo, in West Berlin.
Pengo, with his contacts to hackers across Germany, knew how to use Hess’s information. Carrying Hess’s printouts, one of the Berlin hackers crossed into East Berlin and met with agents from the Soviet KGB.
The deal was made: around 30,000 Deutschmarks—$18,000—for printouts and passwords.
The KGB wasn’t just paying for printouts, though. Hess and company apparently sold their techniques as well: how to break into Vax computers; which n
etworks to use when crossing the Atlantic; details on how the Milnet operates.
Even more important to the KGB was obtaining research data about Western technology, including integrated circuit design, computer-aided manufacturing, and, especially, operating system software that was under U.S. export control. They offered 250,000 Deutschmarks for copies of Digital Equipment’s VMS operating system.
Peter Carl and Dirk Brezinski apparently met with the KGB a dozen times, filling many of their requests: source code to the Unix operating system, designs for high-speed gallium-arsenide integrated circuits, and computer programs used to engineer computer memory chips.
Alone, the source code to Unix isn’t worth $130,000. Chip designs? Perhaps. But a sophisticated computer design program … well, maybe the KGB did get its money’s worth.
Hagbard wanted more than Deutschmarks. He demanded cocaine. The KGB was a willing supplier.
Hagbard passed some of the money (but none of the cocaine) to Hess, in return for printouts, passwords, and network information. Hagbard’s cut went to pay his telephone bill, sometimes running over a thousand dollars a month, as he called computers around the world.
Hess saved everything. He kept a detailed notebook and saved every session on a floppy disk. This way, after he disconnected from a military computer, he could print out the interesting parts, and pass these along to Hagbard and on to the KGB.
Also the KGB’s wish list was SDI data. As Hess searched for it, I naturally detected SDI showing up in his requests. And Martha’s Operation Showerhead fed Hess plenty of SDI fodder.
But could the KGB trust these printouts? How could they be certain that Hagbard wasn’t inventing all of this to feed his own coke habit?
The KGB decided to verify the German hacker ring. The mythical Barbara Sherwin served as a perfect way to test the validity of this new form of espionage. She had, after all, invited people to write to her for more information.
But secret services don’t handle things directly. They use intermediaries. The KGB contacted another agency—either the Hungarian or Bulgarian intelligence service. They, in turn, apparently had a professional relationship with a contact in Pittsburgh: Laszlo Balogh.
The Bulgarian embassy in America probably has a standing agreement with Laszlo along the lines of “We’ll pay you $100 for mailing the following letter …”
Laszlo Balogh didn’t care one way or another. According to the Pittsburgh Post-Gazette, Laszlo billed himself as a Hungarian refugee; a draftsman; a credit corporation employee; a trucking company owner; a diamond dealer; a world traveler; a bodyguard for Kuwaiti princesses; a CIA hit man; and an FBI informant.
The newspaper wrote “Although he has claimed extensive foreign government contacts and driven expensive foreign cars, he once testified that he had difficulty recording an undercover conversation for the FBI because the recorder kept slipping beneath his sweat suit.”
Apparently Balogh ran a now-defunct company when a forged check drawn on a nonexistent bank was used to obtain a garbage hauling contract. Other times he was involved in schemes to steal $38,000 in diamonds, and to sell computer equipment to the Soviets. Indeed, he once claimed to have been held captive at the Soviet embassy.
As long as the money was green, Laszlo didn’t care where it came from. He knew nothing about SDINET, knew nobody in Hannover, and said he didn’t even own a computer.
Hmmm. I looked over Laszlo’s letter. It had been word-processed—not a typewriter, but a word processor. If Laszlo Balogh doesn’t own a computer, then who’d created this letter? The Bulgarian embassy perhaps?
Does the FBI have enough evidence to indict Laszlo Balogh? They won’t tell me. But the way I see it, Laszlo’s in deep yogurt: the FBI is watching him, and whoever’s pulling his puppet strings isn’t pleased.
The West German police, though, have plenty of evidence against Markus Hess. Printouts, phone traces, and my logbook. When they broke into his apartment on June 29, 1987, they seized a hundred floppy disks, a computer, and documentation describing the U.S. Milnet. Not much doubt there.
But when the police raided Hess’s apartment, nobody was home. Though I was waiting patiently for him to appear on my computer, the German police entered his place when he wasn’t connected.
At his first trial, Hess got off on appeal. His lawyer argued that since Hess wasn’t connected at the moment his apartment was raided, he might not have done the hacking. This, along with a problem in the search warrants, was enough to overturn the case against hess on computer theft. But the German federal police continued to investigate.
On March 2, 1989, German authorities charged five people with espionage: Pengo, Hagbard, Peter Carl, Dirk Bresinsky, and Markus Hess.
Peter Carl met regularly with KGB agents in East Berlin, selling any data the others could find. When the German BKA caught up with him, he was about to run off to Spain. He’s now in jail, awaiting trial, along with Dirk Bresinsky, who was jailed for desertion from the German Army.
Pengo is having second thoughts about his years working for the KGB. He says that he hopes he “did the right thing by giving the German police detailed information about my involvement.” But as long as there’s an active criminal case, he’ll say no more.
All the same, the publicity hasn’t helped Pengo’s professional life. His business partners have shied away from backing him, and several of his computing projects have been canceled. Outside of his business losses, I’m not sure he feels there’s anything wrong in what he did.
Today, Markus Hess is walking the streets of Hannover, free on bail while awaiting a trial for espionage. Smoking Benson and Hedges cigarettes. And looking over his shoulder.
Hagbard, who hacked with Hess for a year, tried to kick his cocaine habit in late 1988. But not before spending his profits from the KGB: he was deep in debt and without a job. In spring 1989 he found a job at the office of a political party in Hannover. By cooperating with the police, he and Pengo avoided prosecution for espionage.
Hagbard was last seen alive on May 23, 1989. In an isolated forest outside of Hannover, police found his charred bones next to a melted can of gasoline. A borrowed car was parked nearby, keys still in the ignition.
No suicide note was found.
When I began this hunt, I saw myself as someone engaged in mundane tasks. I did what I was assigned to do, avoided authority, and kept myself peripheral to important issues. I was apathetic and outside the political sphere. Yeah, I vaguely identified myself with the old ’60s left movement. But I never thought much about how my work interacted with society … maybe I picked astronomy because it has so little to do with earthly problems.
Now, after sliding down this Alice-in-Wonderland hole, I find the political left and right reconciled in their mutual dependency on computers. The right sees computer security as necessary to protect national secrets; my leftie friends worry about an invasion of their privacy when prowlers pilfer data banks. Political centrists realize that insecure computers cost money when their data is exploited by outsiders.
The computer has become a common denominator that knows no intellectual, political, or bureaucratic bounds; the Sherwin Williams of necessity that covers the world, spanning all points of view.
Realizing this, I’ve become pro-active—almost rabid—about computer security. I worry about protecting our vulnerable data banks. I wonder what happens on financial networks, where millions of dollars slosh around every minute. I’m ticked that the Feds don’t seem to be minding the mint. And I’m upset that looters have proliferated.
It took a lot of crap to make me give a damn. I wish that we lived in a golden age, where ethical behavior was assumed; where technically competent programmers respected the privacy of others; where we didn’t need locks on our computers.
I’m saddened to find talented programmers devoting their time to breaking into computers. Instead of developing new ways to help each other, vandals make viruses and logic bombs. The result? People blame every software
quirk on viruses, public-domain software lies underused, and our networks become sources of paranoia.
Fears for security really do louse up the free flow of information. Science and social progress only take place in the open. The paranoia that hackers leave in their wake only stifles our work … forcing administrators to disconnect our links to networked communities.
Yes, you can make secure computers and networks. Systems that outsiders can’t easily break into. But they’re usually difficult to use and unfriendly. And slow. And expensive. Computer communications already costs too much—adding cryptographic encoding and elaborate authentication schemes will only make it worse.
On the other hand, our networks seem to have become the targets of (and channels for) international espionage. Come to think of it, what would I do if I were an intelligence agent? To collect secret information, I might train an agent to speak a foreign language, fly her to a distant country, supply her with bribe money, and worry that she might be caught or fed duplicitous information.
Or I could hire a dishonest computer programmer. Such a spy need never leave his home country. Not much risk of an internationally embarrassing incident. It’s cheap, too—a few small computers and some network connections. And the information returned is fresh—straight from the target’s word processing system.
Today there’s only one country that’s not reachable from your telephone: Albania. What does this mean for the future of espionage?
Yow! What am I thinking about? I’m not a spy—I’m just an astronomer who’s been away from science for too long.
As I turned off my monitors and wound up the cables, I realized that for a year, I’d been caught in a maze. I’d thought I’d been setting traps; actually, I’d been trapped the whole while. While the hacker was searching military computers, I was exploring different communities—on the networks and in the government. His journey took him into thirty or forty computers; mine reached into a dozen organizations.
My own quest had changed. I thought I was hunting for a hacker. I’d imagined that my work had nothing to do with my home or country … after all, I was just doing my job.