Printer Friendly

The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage.

Author: Clifford Stoll Publisher: Doubleday, 501 Franklin Avenue, Garden City, New York, NY 11531; 1989, 326 pages, hardback: $19.95 Reviewer: Samuel W. Daskam, CPP; President, Information Security Associates Inc. The Cuckoo's Egg is a fascinating log of the real-life events surrounding a successful massive attack on corporate, university, and US government computers. It is must reading for anyone involved or interested in computer security.

Stoll begins by briefly describing his change from an astrophysicist to a computer programmer and systems manager at the Lawrence Berkeley Labs. His first assignment was to determine the source of an error in the accounting program that billed various departments for time used on the facility's computers.

The actual error was only 75 cents, but Stoll was concerned that the program was missing other charges. He gladly undertook the task assuming it was an easy afternoon project and would at least introduce him to procedures, personnel, and locations of the systems he was to use.

Stoll discovered the unaccounted time was apparently used by an account assigned to a researcher who no longer worked at Lawrence Berkeley Labs. On further investigation, he found that someone was using large blocks of computer time without leaving an audit trail.

At first, all signs pointed to a student or researcher playing hacker. Rather than simply reprogramming the computer to block out the intruder, Stoll allowed the hacker to continue the almost daily forays. Meanwhile, Stoll kept detailed logs on the intruder's actions.

Stoll soon noticed the intruder was not merely copying entire files but also using the university's network to enter other computers. The intruder evaded passwords and other security safeguards without much effort and, more importantly, without leaving a record of his or her activities. Stoll became totally consumed by the task of solving the hacker's methodology.

The plot thickened as Stoll noticed the intruder was entering military computers as well as those of corporations with sensitive military contracts. Informing various us government agencies, including the FBI, the National Security Agency, and the National Computer Security Center, brought no help and little interest.

The trail eventually showed the intruder had been using a path through the German Datex-P network, Tymnet International Gateway, and the Tymnet switching system to get into the Lawrence Berkeley Labs' computer. From there, the hacker entered many research and military computers through the Arpanet and Milnet networks. The list of computers entered is mindboggling and alarming.

The hacker used a relatively simple technique to find passwords with which to enter systems at will. The hacker also exploited several weaknesses of various systems to enter them, steal entire files, create new passwords, and become a superuser and systems manager-all without leaving a trace. Only after months of his own effort and informing US government agencies of file names was Stoll paid much attention.

The final chase led Stoll to Hanover, Germany, where the hacker was exposed as a spy for the KGB and captured. To keep the intruder on the networks long enough to trace him, Stoll created a fictitious research program on the Strategic Defense Initiative-or Star Wars. The hacker took the bait and spent hours downloading bogus files as well as searching other computers for sensitive programs.

An interesting subplot was Stoll's internal struggle between his distrust of anything connected with government and his concern that security breaches such as this would close off access to other computers that scientists need to continue research. Stoll's struggle grew as his friends found out he was speaking to the FBI and CIA, and they severely criticized him for it. His quandary and changing feelings about responsibility are fascinating. Stoll showed a great deal of personal courage in his solitary efforts to bring the hacker to justice.
COPYRIGHT 1990 American Society for Industrial Security
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 1990 Gale, Cengage Learning. All rights reserved.

Article Details
Printer friendly Cite/link Email Feedback
Author:Daskam, Samuel W.
Publication:Security Management
Article Type:Book Review
Date:Jun 1, 1990
Words:623
Previous Article:The facts on the fence.
Next Article:Who is the real culprit?
Topics:


Related Articles
Who's Stealing Your Business? How to Identify and Prevent Business Espionage.
Corporate Computer Security Issues and Strategies.
War by Other Means.
At Large: The Strange Case of the World's Biggest Internet Invasion.
War by Other Means: Economic Espionage in America.
THE VIEW FROM ALGER'S WINDOW: A Son's Memoir.
Hidden Secrets: a Complete History of Espionage and the Technology Used to Support it.

Terms of use | Copyright © 2016 Farlex, Inc. | Feedback | For webmasters