home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
The Hacker Chronicles - A…the Computer Underground
/
The Hacker Chronicles - A Tour of the Computer Underground (P-80 Systems).iso
/
cud3
/
cud325d.txt
< prev
next >
Wrap
Text File
|
1992-09-20
|
7KB
|
164 lines
Date: Fri, 5 Jul 1991 13:52 CDT
From: "ROBERT G. HEARN" <9999AH02@UHDBIT.BITNET>
Subject: LOD Members for Comsec COmputer Security (News Reprint)
Reprint from Sunday, June 23, 1991 Houston Chronicle (1A, 15A)
By Joe Abernathy
FORMER HACKERS OFFER SERVICES IN COMPUTER SECURITY
The most notorious force of computer hacking's heyday is asking
forgiveness and joining the forces of good.
The storied Legion of Doom, nemesis to the Secret Service, is forming
a computer security consulting firm in Houston.
Drawing members from around the nation and its name from comic book
villains, the youthful hackers' group dominated the underground
electronic landscape of the middle and late 1980s. Finally, a
controversial penetration of phone company computers landed several
members in jail. According to documents, activities of the Legion of
Doom were a primary motivation for Operation Sun Devil, a nationwide
crackdown on computer crime coordinated by the U.S. Secret Service.
But remaining members in Austin and Houston, who disavowed any
connection with the phone company incident, now say they are on the
right side of the law and are offering their expertise on computer
security.
"People need us. We're the best," said Scott Chasin, known in his
hacking days by the computer handle Doc Holliday. "Ten years from now
we'll be the leaders in data security."
Computer security is a burgeoning field, but one that is almost
impossible to define in terms of dollars lost to penetrations or
dollars spent on security. Tales are plentiful among police of losses
in the six-figure range that went unprosecuted in order to spare the
affected firms embarrassment. Estimates of the yearly loss to
industry from computer break-ins range from $500 million to more than
$2 billion -- much of it lost to long-distance phone service theft or
credit card fraud.
Some industry observers welcomed the creation of Comsec Computer
Security, as the new company will be known, while others derided it as
a new twist on a familiar theme.
"There's lots of precedent for that," said Richard A. Schaffer of New
York, editor of the industry publication ComputerLetter. "Crooks of
all types try to hire themselves out after the fact."
"So these guys are purporting to tell you how to protect against folks
like them," he mused. "It strikes me that people should refuse to hire
them just on principle...although from what I've seen they're
qualified."
But Linda Laskey of the Computer Security Institute in San Francisco
said she believes the firm will provide a valuable service.
"They know what they're doing as far as doing as far as security
systems go," she said.
Laskey said the Computer Security Institute, a worldwide organization
of computer security professionals from business and government will
be among the first clients of Comsec.
The value of computer security is pitched now by those associated with
particular security products. Accounting firms also provide security
consulting.
By contrast, Comsec is banking on its past association with the
Legion, which gained a high profile from run-ins with the Secret
Service and BellSouth, one of the regional phone companies.
Robert J. Riggs, Franklin E. Dardin Jr. and Adam E. Grant were
sentenced on Nov. 16, 1990, in federal court in Atlanta for breaking
into the computers of BellSouth and stealing a document on the
administration of the emergency 911 system.
Hacking grew up around the Legion, which wasn't content merely to
penetrate computer systems and networks. The deed wasn't finished
until the intimate details of each system were written up and
electronically published.
Legion followers became associated with tutorials on obscure subjects,
such things as how to make nitroglycerin and drugs, and with
electronic documents on "social engineering," the fine art of the
scam.
Born in the swirling computer underground of the 1980s and named after
the minions of Superman archrival Lex Luthor, the Legion's
"educational services" ultimately helped reshape the online community
and gave the group a stature beyond its nominal activities.
But the best summary may have been written by Comsec principal Chris
Goggans, the historian of the Legion and only member associated with
it from its official founding in 1984 until it was disbanded late last
year.
"The Legion of Doom has been called everything from 'Organized Crime'
to 'a communist threat to national security' to 'an international
conspiracy of computer terrorists bent on destroying the nation's 911
service,'" he wrote under his pseudonym, Eric Bloodaxe. "Nothing comes
closer to the actual truth than 'bored adolescents with too much spare
time.'"
Now Sun Devil has put an end to hacking's innocence and perception of
among computer enthusiasts that it is a noble pursuit.
As for the Legion members, a few got busted, a few got bored, and the
rest are pondering a direction for their lives as young adults.
"I didn't want to be 30 years old and still breaking into systems,"
said Chasin, who is 21. "I want to be securing systems."
Chasin and Goggans, 22, will be joined in the firm by Ken Shulman, 21,
the son of Houston socialite Carolyn Farb, who is providing discounted
office space and other assistance.
Comsec will be managed by Robert Cupps, 24, a graduate of Emory
University and former securities trader. Chasin and Goggans are
pursuing degrees at the University of Houston.
"From a marketing standpoint, we've got a real strong presentation,"
said Cupps, a Baytown native who does not consider himself a computer
expert. "What we will do is a brief demonstration. When you can walk
into someone's office and get root (administrative privileges) on
their system, that says something in itself, that maybe you're the
person they should be talking to about securing their systems."
The only member of Comsec who has faced criminal charges is Shulman,
known vicariously on computer networks as Malefactor, The Mentor, and
Jack the Ripper. He pleaded no contest in 1989 to misdemeanor charges
of credit card fraud, paid nearly $20,000 in restitution and was put
on a year's deferred adjudication -- meaning he emerged from probation
without a final conviction on his record.
"It was telephones, long distance calls," he said. "I quit everything
after that, and that was years ago."
Goggans has also had a run-in with the law, however. His Austin home
was raided on March 1, 1990, because he allegedly possessed the 911
document. No charges have been filed.
Originally held forth as a life-threatening penetration of the 911
system, the document theft is now viewed by computer enthusiasts and
others as having been considerably overblown.
"The fact of the matter is that there was no damage to the system,"
acknowledged Scott Ticer, operations manager for BellSouth and
spokesman for the security team that lead the investigation. "But the
potential for damage was there."
"You just can't have people playing around in your network -- it's not
some high-tech toyland. This is the telecommunications system."
Would BellSouth hire the former hackers whose associates caused it so
much grief -- proving their expertise along the way?
"We don't use hackers as consultants, period," Ticer said. "Thanks but
no thanks."
------------------------------