Astronomer Clifford Stoll happened to be employed as a systems manager at California’s Lawrence Berkeley Laboratory when he discovered a small discrepancy in the accounts in the shared-time computer system. The very small glitch set off a ten-month investigation that would ultimately reveal a German hacker who was peddling defense information to the KGB.
Stoll’s story is akin to an enthralling spy novel with unexpected twists, suspense, and an unexpected ending. It shows how curiosity and persistence can lead to unexpected findings and revelations even in seemingly ordinary parts of a computer system.
The account starts in 1986 when Stoll was asked to determine why the computer system accounts were in error by 75 cents. He hoped to discover something straightforward, a rounding error or a lost decimal point. What he discovered, however, was evidence of a computer break-in.
Stoll followed the intruder to a Massachusetts Institute of Technology computer, but soon discovered the hacker was using the MIT computer as an intermediary to access other computers. Stoll opted to observe the hacker and laid a trap for him.
He set up a phony military database and an imaginary computer network named “SDI Net,” hoping to entice the hacker into exposing his name and whereabouts. He also placed an electronic beeper that would make noise each time the hacker accessed the system, so he could follow the hacker’s moves.
Stoll quickly found that the hacker was more than a curious prankster, but an aggressive threat. The hacker, with the handle “Hunter,” had penetrated U.S. computer systems and stolen sensitive security and military data. He was looking for words such as nuclear, ICBM, SDI, biological warfare, Norad. He was reading whatever he could find, and then lo and behold, he was selling it to the Soviets, Stoll said.
Stoll attempted to warn the FBI, but they were not interested in the case initially. They believed that the hacker was only a mere amateur and that the computer intrusion was not related to national security. Stoll would not let up, though, and persuaded them to seriously consider the case.
He also called in his girlfriend, who contributed significantly to the investigation. She advised him to set a trap for the hacker by establishing fake military information and a fake computer network named “SDI Net.” The hacker fell for the trap, taking two hours to read through the content, providing Stoll with ample time to track the call to Hanover, West Germany.
Stoll reported the incident to the German authorities, and they offered to assist with the probe. They arranged a trap to apprehend the hacker in the act. They further learned that the hacker was working for a wider spy network, consisting of a number of other hackers and agents for the KGB.
The hacker was ultimately discovered to be Markus Hess, a computer science student aged 25. He was apprehended in May 1989, together with four others from the spy group. They were accused of spying, computer fraud, and stealing trade secrets. They admitted selling U.S. military and security data to the Soviet Union for over $50,000.
