THE book’s about two computer commandos pitted against each other in real life. The lone keyboard freak solidly in the dark forces camp is Kevin Mitnick, arrested six times for computer-related crimes since the early ’80s in the US, and the hero tracking him down in cyberspace is computer security expert Tsutomu Shimomura whose computer database, at his home in San Diego, Mitnick ransacked on Christmas day in 1994.
Using an IP spoofing technique—where the intruder impersonates another computer by manipulating the handshake sequence numbers—Mitnick copied and stashed awayon another site at the Web a series of security software tools developed by Shimomura that could aid computer hackers in assaulting other networks. Of course, it took Shimomura some time to reconstruct how Mitnick carried through the assault, what exactly he was after and the damage he did. Incidentally, it was much later in the investigation that suspicion focused on Mitnick, especially after he got overconfident and started leaving clues while indulging in his Internet joyrides. An example: doing a search for ‘itni’ in New York Times technology correspondent John Markoff’s, e-mail.
Markoff had earlier written a book Cyber-punk, the first third of which was on Mitn-ick, and part of the cyber outlaw’s psyche loved the attention and mystique his growing notoriety was bringing. Earlier on, after seeing the movie Three Days of the Condor, Mitnick had adapted Condor as his nom de guerre. In the film Robert Redford plays the role of a hunted CIA researcher who uses his experience as an army signal corpsman to subvert the system and avoid capture.
Much of Mitnick’s computer conman status hinges on his ability to manipulate cellular phone networks with the help of a computer and modem. Computer aficiona-dos can eavesdrop, add calls to someone’s bills, make someone’s line appear permanently busy and alter or destroy data amongst other things. But Mitnick’s wizardry lay on a higher plane. He could mask his location electronically by tampering with the telephone company switching equipment so that tracing attempts would give false information. In ’88 when FBI officials were tracking Mitnick in California their attempts lead them badly astray. One number supposedly belonging to Mitnick ended in a police raid on an apartment where an immigrant cook was watching TV in his undergarments.
But aside from the obvious kick that Mitnick got from sending the FBI around in circles his skills gave him immense capacity for mischief. For instance, the time of his attack on Shimomura’s computers, Mitnick also raided Netcom, a nationwide Internet service provider, and the booty he got was a long list of 20,000 credit card numbers and also social security numbers. Though the passwords were encrypted, people who hadn’t thought well over their passwords were vulnerable.
The book moves on to the actual pursuit of Mitnick through cyberspace by a team headed by Shimomura with his student Andrew Gross and with the FBI providing legal and administrative backup. Something which isn’t easy in coming because of the FBI’s obsession with classifications and theory rather than direct action. And which leads Shimomura at one meeting to exclaim: “We are searching for a carbon based life form.”
But notwithstanding these hiccups the team finally traces Mitnick to a suburb of Raleigh, a town in North Carolina. The final pages are not without melodramatic moments. Mitnick, for instance, turning to Shimomura in court and saying: “Tsutomu, I respect your skills.”
While the dangers of such computer attacks is causing network users to put up strong electronic barriers, thus destroying the community spirit that has been the hallmark of the Net, Shimomura has certainly given us the first real life cyber thriller that apart from the joy of a good read brings to us first hand the issues that will shape the Web.