Monday, Jun. 14, 1999
Geeks Vs. G-Men
By Chris Taylor
For the co-founder of the hacker group Global Hell, it was not the best of mornings. Chad Davis, 19, of Green Bay, Wis., had heard that the FBI had raided the homes of some of the more rambunctious members of his cybergang, better known on the Internet as gH. Davis (a.k.a. MindPhasr) also knew that within hours of those raids a retaliatory attack had taken the official FBI website out of action. But this was Saturday, three days later, and Davis assumed that the heat had passed. "I really wasn't expecting it to happen to me," he says.
It happened anyway. Davis awoke on the morning of May 29 to find four special agents and five local cops crowded into his apartment. They cuffed him, carted off his Power Macintosh plus (inexplicably) 300 music CDs and slapped a $165 fine on him for possession of a can of beer they found in his refrigerator. Still, Davis got off lightly. Global Hell's other founder, a Houston-based computer whiz named MostHated, had to answer to his parents, whom he still lives with, and who weren't too pleased when the FBI took away the family PC that held all their financial records.
There has never been much love lost between geeks and G-men. But after a big software-piracy crackdown in 1990 generated more bad publicity than convictions, the feds have largely held their fire. The most famous exception is Kevin Mitnick, the "dark side" hacker who became a cybermartyr after languishing in jail for four years without trial. Mitnick eventually copped a plea; he is set to be sentenced next Monday.
In the past few weeks, meanwhile, things have got out of hand. The trouble began when a gH member named Eric Burns, who is suspected of hacking the White House home page, was indicted in Virginia on unrelated charges. In response, someone calling himself Israeli Ghost hit fbi.gov with a massive "denial of service" attack--a nasty form of info warfare in which a host site is flooded with requests (in this case, 600,000 per second) that paralyze it. Fbi.gov still hasn't recovered; FBI spokesmen say they're waiting for IBM to build them a better firewall.
Tit for tat, right? Wrong. It was only the beginning of what hacker watchdog John Vranesevich, founder of AntiOnline, calls an "online temper tantrum." Word spread to wired dorms and bedrooms all over the world that U.S. government sites were the target du jour. A group called Masters of Downloading replaced the Senate's home page with its own anti-FBI screed; a Portuguese hacker named M1crochip defaced an obscure Interior Department page and vowed famously (at least for 15 minutes) to "go after every computer on the Net with a [name that ends in] gov.
All of which makes Paul Maidman, a.k.a. Fryz, roll his eyes. Maidman used to hang out with gH, but now he's 18 and has long since outgrown such shenanigans. "I don't like Web-page hacking," he says. "It's too easy. It's the younger kids who do it--13- or 14-year-olds. As time goes on, you realize you don't really gain anything by it."
You might say the same for the G-men. Since few of the perpetrators are old enough to vote, the alarms issued out of Washington last week began to sound as hysterical as any hacker manifesto. The White House issued a stern warning--which to a teen who craves attention is like winning the self-esteem lottery--while websites at the departments of Defense, Energy and the Interior went off-line like fbi.gov ostensibly for repairs.
By Thursday, the feds were clearly struggling with an image problem. "We tend to think of these hackers as little cherubs," said Deputy Attorney General Eric Holder, a tad defensively. "But what they're doing has a very serious impact on the ability of these various agencies to get information out to the public."
The hackers, as usual, say government webmasters have no one to blame but themselves; the notoriously sloppy security at gov websites has turned them into hacker magnets. "A lot of them are easier to get into than sites run by a 15-year-old," says Emmanuel Goldstein, editor of the hacker quarterly 2600. Commercial websites, he points out, regularly get hit by denial-of-service attacks. Few ever go down for more than a day; they can't afford to.
Of course, that won't make much of a defense should the cybervandals ever find themselves in court. The FBI says it isn't planning any more arrests soon. In the meantime, expect more of this phony war: no charges, no collateral damage and a heck of a lot of posturing--on both sides.
--With reporting by Elaine Shannon/Washington
With reporting by Elaine Shannon/Washington