The following are all from the very excellent book on high tech crime written in the late 1970s. I reviewed this book awhile back.
Whiteside, Thomas, “Computer Capers: Tales of electronic thievery, embezzlement, and fraud”, Thomas Y. Crowel, New York, 1978
I hear lots of people saying that “all new, all new, shiny, shiny, shiny” usually followed up by hire hackers, crackers, 20 something, as only they understand the stuff going on today. On a bus traveling to a conference dinner a very senior individual at a major security company said all of this espionage and crime started with the Cuckoos Egg written by Cliff Stoll in 1989. Unfortunately that isn’t true. In fact nation state level hacking of secure operating systems predates that event significantly.
I’ve broadly characterized the attacks as against availability, confidentiality and integrity. I’ve only reported the events but they are all from the one book.
Availability Attack
- 1968 unknown person fired two shots from pistol into IBM 1401 Computer at state employment office in Olympia Washington
- 1972 unidentified person in Johannesburg South Africa fired four shots through window at a computer
- 1972 employee at National Farmers Union of Denver charged with putting a key (house key or car key) into a memory module and causing break downs
- 1974 Charlotte Liberty Mutual Life Insurance Company employee fires a handgun into company computer
Integrity Attack
- 1970 to 1973 Chief teller at Union Dime Savings Bank sliced off funds from the books of the bank (salami slicing, double books attack) utilizing the accounting management system
- Early 1970s 217 railroad boxcars owned by Penn Central Railroad, software used to direct assembly and routing was manipulated to redirect them. They were found with La Salle and Bureau County Railway markings
- The same attack was used to misdirect government supplies
- Early 1970s United States Army supply computing program operated by Korean technicians to divert war materials (food, uniforms, vehicles) into Korean gangs hands
- 1972 Jerry Neal Schneider stole $1 million worth of PT&T equipment by rigging computer directions on where to deliver equipment
- 1974-75 TRW Credit employees offered to fix peoples credit by changing their scores
- 1975 employees of Exxon Corporation by manipulating oil transfer records and gauges (SCADA!) $20 million worth of Exxon fuel was stolen
Confidentiality Attack
- February 19, 1971 Police act on the first legal warrant authorizing search of a computer memory system in Universal Computing Company espionage case against Information Systems Design plot/trans program
- 1971 Chicago Police Officer charged in the programming of FBI National Crime Information Computer to obtain and use information for private use
- 1977 GAO report says IRS computing system could easily be penetrated with little detection
A consistent thread of conversation is that there is no political motivation nor is there a nation state level activity. Thus, there cannot be war or a war like activity has not happened. A lot of the evidence from the book by Whiteside looks like low-intensity conflict and insurgency. Where you draw the line between an insurgency and criminal behavior is an open question.
Political Motivation
- Computer centers on American university campuses were targeted during Vietnam war
- August 24, 1970 bomb explodes outside University of Wisconsin Army Mathematics Research Center (1 death, multiple injuries, computers serious damaged)
- 1970 Molotov-Cocktail bombing of Fresno State College computer
- 1970 Anti-war demonstrators threatened to use gasoline bombs on Atomic Energy Commission computer as ransom to bail a jailed Black Panther
- 1973 Anti war demonstrators in Australia shot a computer of American company in Melbourne
- 1974 four attempts to sabotage computer operations at Wright-Patterson Air Force Base by use of magnets, loosening wires, gouging equipment
- 1977 (June) Three masked women with rifles held two professors hostage while a male doused computes in gasoline in Rome (linked to a 10 incident terrorist campaign across Italy)
Government Hackers
1972-1975
Steven B. Lipner MITRE
Roger R. Schell USAF Lt. Colonel, Air War College, Maxwell AFB
Attempted to exploit Multics (Honeywell, DoD, MIT secure computing environment)
Rome Air Development Center Griffiss AFB
MIT (computing lab)
Only user access granted
Done from the basement of Schells House (remote access attack)
30 minutes to penetrate Multics remotely
1973-1974
Naval Research Laboratory
Target Sperry Rand Univac 1108 military Computer
David Stryker NRL
Dr. John Shore NRL
Stanley Wilson NRL
“Subversion of a “Secure” Operating System”
Complexity means the attacker has the advantage
The exercise was done on a system modified to enhance it’s security
Testers were only allowed unclassified and un-privileged access
Testers exploited features resulting from design oversights
13 seconds to penetrate Univac remotely
One element for the fans of digital forensics and incident response is the section on where our legal framework for today came from. The book makes passing mention on the framework that was suggested in handling high tech crime, but it was an interesting look at the history of technological crime.
The heart of digital forensics
November 1976, statement submitted to U.S. Senate Committee on Government Operations by Richard Thornborugh Assistant Attorney General for the Criminal Division of the Department of Justice
Three Broad Categories:
- The computer as victim
- The computer as the environment for the crime
- The computer as accomplice
Issues that were identified
- Computer Crime is low visibility
- There are no smoking pistols
- Computer users/owners are reluctant to disclose
Prosecutorial Issues that were identified
- Prosecutorial burden to prove authenticity of evidence
- Evidence of a particular data processing system has accurate results
- Witness veracity and ability to communicate
- Error rate of the expert and the computer