Ghost in the Wires: My Adventures as the World’s Most Wanted Hacker (14 page)

Sometimes, between fending off the system admins, grappling with the gigabytes of code, and putting up with the painfully slow bandwidth, we felt like we were trying to suck an ocean through a straw. But we endured.

Once all the VMS source code had been moved to several systems at USC, we needed to put it on magnetic tape so we could sift through the code without worrying about being tracked back while dialed into Easynet. Moving the source code onto tape was a three-man operation.

Lewis De Payne was stationed on campus, posing as a student. He would ask one of the computer operators to mount a tape he provided onto the system’s tape drive.

Across town, at the office of my friend Dave Harrison, I would connect to a VMS system called “ramoth” over a dial-up modem that had Lewis’s tape mounted on the drive. I would fill up the tape with as much VMS source code as would fit. Lewis would then hand the operator another blank one and pass the written tape to Lenny DiCicco. At the end of each session, Lenny would take all the new tapes to hide in a rented storage locker. We repeated this cycle until, eventually, we had thirty to forty tapes containing the full VMS Version 5 source code.

While I was spending so much time at Harrison’s, it occurred to me that a company called GTE Telenet, which had offices in the same building, operated one of the largest “X25” networks, serving some of the biggest customers in the world. Maybe I could gain administrative access to their network and monitor customer traffic. Dave had previously picked the lock to the firemen’s box and lifted the master key to the building. Late one night, Dave and I used the key to walk into the GTE Telenet offices, just to look around. When I saw they used VMS, I was elated; I felt right at home.

I discovered a VMS system with a node-name of “Snoopy.” After poking around for a bit, I discovered that Snoopy was already logged in to a privileged account, giving me full access to the system. The temptation
was too great. Even though Telenet people were in and out of the offices twenty-four hours a day, I sat down at the terminal and started to explore, looking at scripts and third-party applications to figure out what tools they had and how those tools could be used to monitor the network. Within a very short time, I figured out how to eavesdrop on customer network traffic. Then it hit me. The node had been named Snoopy because it allowed the technicians to monitor traffic on customer networks: it allowed them to snoop.

I already had the X25 address to connect to the VMS system at the organic chemistry department at Leeds University, where Neill Clift studied, so I connected. I didn’t have any log-in credentials; none of my guesses were correct. He was already logged in to the system because of the time difference, saw my log-in attempts, and emailed the administrator of Snoopy to say that someone was trying to get into his university’s system; of course I deleted the email.

Though I didn’t get into Leeds University that night, my efforts had laid the groundwork for targeting Clift later on that would prove to be a goldmine.

Lenny and I fell into a battle of wits against each other. He was a computer operator at a company called VPA, and I had joined a company called CK Technologies, in Newbury Park. We kept making bets on whether we could break into each other’s computer systems that we managed for our employers. Whoever could hack into the VMS system at the other’s company would get the prize. It was like a game of “capture the flag,” designed to test our skill at defending our systems against each other.

Lenny wasn’t astute enough to keep me out. I kept getting into his systems. The bet was always $150, the cost of dinner for two at Spago, the Beverly Hills restaurant of celebrity chef Wolfgang Puck. I had won this ongoing bet enough times that Lenny was starting to feel annoyed.

During one of our all-night hacking sessions, Lenny started complaining that he never won the bet. I told him he could quit anytime he wanted. But he wanted to win.

His company had just installed a digital lock on the door to its computer room; Lenny challenged me to bypass the lock by
guessing the code
, knowing it would be almost impossible to do. “If you can’t get in,”
he said, “you have to pay
me
a hundred and fifty bucks right now, tonight.”

I told him I didn’t want to take his money because it would be too easy. And then I added that he’d be upset with himself afterward since I was always going to win, no matter what. These taunts made him even more anxious for me to accept the bet.

Actually, it
would
have been difficult for me to win it straight up. But dumb luck came to my rescue. As I was working on Lenny’s terminal, hacking into Digital’s network, I spotted a wallet on the floor under his desk. I “accidentally” dropped my pen, then bent over to get it and stuffed the wallet into my sock. I told Lenny I had to take a leak.

Inside the wallet, I found a slip of paper with the code for the digital door lock written on it. I couldn’t believe it: Lenny was such a clever hacker, but he couldn’t remember a simple number? And he’d been foolish enough to write down the code and leave it in his wallet? It seemed so preposterous that I wondered if he was setting me up. Had he planted the wallet just to jerk my chain?

I went back to his desk, replaced the wallet, and told him he’d have to give me an hour to guess the door code. We agreed that the only rule was that I couldn’t break the lock. Anything else was fair game.

A few minutes later, he went downstairs to get something. When he came back, he couldn’t find me. He searched everywhere, then finally unlocked the door to the computer room. I was sitting inside, typing on the VMS console, logged in with full privileges. I smiled at him.

Lenny was furious.
“You cheated!”
he shouted.

I stuck out my hand. “You owe me a hundred and fifty bucks.” When he resisted, I said, “I’ll give you a week.” It felt great to knock the ego of the self-important Lenny down a few notches.

He didn’t pay and didn’t pay. I kept giving him extensions, then told him I was going to charge him interest. Nothing. Finally, more as a joke than anything else, I called accounts payable at his company and pretended to be from the IRS’s Wage Garnishment Division. “Do you still have a Leonard DiCicco working there?” I asked.

“Yes, we do,” said the lady on the other end.

“We have a garnishment order,” I said. “We need you to withhold his pay.” The lady said she’d have to have authorization in writing. I told her,
“You’ll have a fax on Monday, but I’m giving you official notice to withhold all paychecks until you receive further documentation from us.”

I thought Lenny might be a little inconvenienced, but no worse than that. When no fax arrived on Monday, payroll would just give him his money.

When the people from accounting told Lenny about the IRS call, he knew instantly who’d been behind it.

But he was so over-the-top, out-of-control furious that he lost all sense of reason and did a really stupid thing: he went to his boss and told him that the two of us had been hacking into DEC from VPA’s offices.

His boss didn’t call the cops; instead, he and Lenny together called security staff at DEC and told them who’d been plaguing them over the past several months. Eventually the FBI was called in, and its agents set up a sting.

Personnel from the FBI and Digital Equipment Corporation set up camp at VPA prior to one of our late-night hacking sessions. They placed monitoring software on VPA’s computers that would record everything we did. Lenny was wearing a wire to capture our conversations. That night my target was Leeds University in England. After earlier identifying Neill Clift as one of Digital’s main sources of information about VMS security bugs, I wanted to get into the VMS system in Leeds’s Organic Chemistry Department, where Clift had an account.

At one point I sensed that something a bit weird was going on with Lenny and asked him, “Is everything all right? You’re acting strange.” He said he was just tired, and I shrugged off his odd behavior. He was probably petrified I’d figure out what was really happening. After several hours of hacking, we called it quits. I wanted to keep going, but Lenny said he had to get up early.

Several days later, I got a call from Lenny, who said, “Hey, Kevin, I finally got my vacation pay. I have your money. C’mon over.”

Two hours later I rolled into the small ground-floor parking garage of the building where VPA had its offices. Lenny was standing there, not moving. He said, “I need to get the VT100 terminal emulator software to make a copy for a friend,” referring to software on disks he knew I had in the car. It was already 5:00 p.m. and I told him I hadn’t eaten all day and
was starving, and even offered to buy him dinner. He kept insisting. I wanted to get the hell out of there: something felt wrong. But finally I gave in and, leaving the motor running, stepped out of the car to get the disks.

“You know that feeling in your stomach when you’re about to get arrested?” Lenny taunted. “Well, get ready!”

The whole garage was suddenly filled with the sounds of car engines. Cars shot out at us from what seemed like every direction, stopping in a circle around us. Guys in suits jumped out and started screaming at me,
“FBI!”

“You’re under arrest!”

“Hands on the car!”

If Lenny had staged all this just to scare me, I thought, it was an impressive display.

“You guys aren’t FBI. Show me your ID.”

They pulled out their wallets and flipped them open. FBI badges all around me. The real thing.

I looked at Lenny. He was dancing in a little circle of joy, as if he were celebrating some kind of victory over me.

“Lenny, why would you do this to me?”

As an agent handcuffed me, I asked Lenny to call my mom and tell her I’d been arrested. The bastard didn’t even do that one last small bit of kindness for me.

I was driven by two agents to the Terminal Island Federal Prison. I had never seen anything like this outside of a movie or a television show: long rows of open cells, with guys hanging their arms out of the bars. Just the sight of it made me feel like I was dreaming, having a nightmare. But the other prisoners surprised me by being cool and friendly, offering to lend me some stuff that was sold in the commissary and the like. A lot of them were white-collar guys.

But I couldn’t shower. I felt disgusting by the time some FBI agents finally picked me up and took me to FBI headquarters in West Los Angeles, where they took a mug shot of me. I knew I looked a mess—unshowered, uncombed, wearing the same clothes I’d been in for three days, and having slept badly each night on a small cot. At least that picture was to give me some small comfort at a crucial time later on.

After being held over the weekend, I was taken before Magistrate Venetta Tassopulos for my initial detention hearing on Monday morning, expecting to be released on bail. I was assigned a court-appointed lawyer, who asked if I’d been a fugitive. It turned out he’d already talked to the prosecutor, who told him I’d fled to Israel back in 1984, which wasn’t true.

Once the hearing began, I sat there in disbelief as the Court got an earful from the prosecutor, Assistant U.S. Attorney Leon Weidman. Weidman told the judge, “This thing is so massive, we’re just running around trying to figure out what he did.” Among other things, he said that I had:

• hacked into the NSA and obtained classified access codes
  

• disconnected my former Probation Officer’s phone
  

• tampered with a judge’s TRW report after receiving unfavorable treatment
  

• planted a false news story about Security Pacific National Bank’s having lost millions of dollars, after I had an employment offer withdrawn
  

• repeatedly harassed and turned off the phone service of actress Kristy McNichol
  

• hacked into Police Department computers and erased my prior arrest records.
  

Every one of these claims was blatantly false.

The allegation that I had hacked into the NSA was totally ridiculous. On one of the floppy disks seized by the Santa Cruz police was a file labeled “NSA.TXT.” It was the “whois” output listing all the registered users of Dockmaster, the
unclassified
National Security Agency computer system that Lenny had social-engineered himself into when he worked at Hughes Aircraft. Everything in the file was public information, including the lists of telephone extensions at the National Computer Security Center. The prosecutor, who obviously didn’t understand what he was looking at, was characterizing public telephone extensions as “classified access codes.” Unbelievable.

Another allegation, the claim that I’d hacked into police computers and deleted my arrest record, was related to my Santa Cruz Operations
hacking case, but the missing record was really law enforcement’s own fault. Remember, when Bonnie and I surrendered ourselves to the West Hollywood Sheriff’s Department, because they neglected to fingerprint or photograph us, no record was created of our arrest. In short, it was their own screwup: they didn’t do their job.

All the other allegations were also false, rehashes of rumors that apparently convinced the magistrate I was a serious threat to national security.

The one that mystified me most was that I had repeatedly had the phone service of the actress Kristy McNichol turned off because I had a crush on her. First of all, I couldn’t imagine why anyone would think that turning off someone’s phone would be a good way to demonstrate affection. I never understood how the story got started but the experience had been seared into my memory. I’d had to endure the humiliation of standing in line at the grocery store and seeing my photo plastered on the cover of the
National Examiner
alongside florid headlines saying I was a crazed stalker obsessed with Kristy McNichol! The feeling in the pit of my stomach as I glanced around me, hoping that none of the other shoppers had recognized me on that cover, is one I wouldn’t wish on my worst enemy.